meups.com.br Open in urlscan Pro
2606:4700:20::ac43:45f6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meups4.com.br/
Effective URL:
https://meups.com.br/
Submission: On March 02 via api (March 2nd 2023, 2:06:17 pm UTC) from US — Scanned from DE

Summary HTTP 158 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 34 domains to perform 158 HTTP transactions. The main IP is 2606:4700:20::ac43:45f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is meups.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.

This is the only time meups.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:4b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:20:... 2606:4700:20::ac43:45f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.86.12 13.225.86.12	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	13.224.189.97 13.224.189.97	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.78.37 13.225.78.37	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
14	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	52.208.98.204 52.208.98.204	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	54.217.61.24 54.217.61.24	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 11	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.27.154 142.250.27.154	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:b000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7782:212:ba9d:cb03:8ae5	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	52.59.47.198 52.59.47.198	16509 (AMAZON-02) (AMAZON-02)
2 2	35.156.42.0 35.156.42.0	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
158	46

1 2606:4700:20::681a:4b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

meups4.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:20::ac43:45f6 (United States)

ASN13335 (CLOUDFLARENET, US)

meups.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

tag.curiosidadesdigitais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.86.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-12.fra2.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.98.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-98-204.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.217.61.24 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.27.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:b000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:212:ba9d:cb03:8ae5 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.59.47.198 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-47-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.42.0 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-42-0.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	515 KB
35	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 bid.g.doubleclick.net — Cisco Umbrella Rank: 703 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319	302 KB
29	meups.com.br meups.com.br	2 MB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 748 static.adsafeprotected.com — Cisco Umbrella Rank: 573 dt.adsafeprotected.com — Cisco Umbrella Rank: 539	103 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4370 adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	3 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	297 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	194 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2450 google-bidout-d.openx.net — Cisco Umbrella Rank: 2399	670 B
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	7 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 769	72 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 8090 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3718	4 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	797 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	953 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4426	652 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3915	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3797	315 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912 id5-sync.com — Cisco Umbrella Rank: 404	17 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	123 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2643	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3461	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	605 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	6 KB
1	curiosidadesdigitais.com tag.curiosidadesdigitais.com	6 KB
1	meups4.com.br 1 redirects meups4.com.br	695 B
158	34

	Domain	Requested by
29	meups.com.br	meups.com.br static.cloudflareinsights.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
22	pagead2.googlesyndication.com	meups.com.br pagead2.googlesyndication.com tpc.googlesyndication.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
15	securepubads.g.doubleclick.net	meups.com.br securepubads.g.doubleclick.net www.googletagservices.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
7	dt.adsafeprotected.com	035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	s0.2mdn.net	meups.com.br s0.2mdn.net 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	securepubads.g.doubleclick.net 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
4	www.google.com	meups.com.br securepubads.g.doubleclick.net tpc.googlesyndication.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	meups.com.br
2	ups.analytics.yahoo.com	2 redirects
2	eb2.3lift.com	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	fw.adsafeprotected.com	1 redirects 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	oajs.openx.net	1 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google.de	meups.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.hotjar.com	meups.com.br
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	meups.com.br www.googletagmanager.com
1	s.tribalfusion.com	035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	static.adsafeprotected.com	035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	meups.com.br
1	z-na.associates-amazon.com	meups.com.br
1	tag.curiosidadesdigitais.com	meups.com.br
1	meups4.com.br	1 redirects
158	53

This site contains links to these domains. Also see Links.

Domain
amzn.to
compre.vc
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
apps.apple.com
play.google.com
pixelwolf.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M02	`2023-02-28` - `2023-11-23`	9 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-01-21` - `2023-04-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://meups.com.br/
Frame ID: ED9318757A3E62D7573AC86E92F42E31
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: 7DB62F99EDB945D892A74805AA38092D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5020212256248417&output=html&adk=1812271804&adf=3025194257&lmt=1677764162&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l%7C164x675_r&format=0x0&url=https%3A%2F%2Fmeups.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677765970577&bpp=3&bdt=191&idt=192&shv=r20230227&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6892148815572&frm=20&pv=2&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C44773809%2C31072649%2C31072791&oid=2&pvsid=3784857560961781&tmod=60590290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224
Frame ID: A9219B6254C3812AF3B3DE0A8892B676
Requests: 1 HTTP requests in this frame

Frame: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 26E0563B8808EEAD3296074045EB7FC2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ0kma3kfBReSspqi-z241umMkLqHuKOcf1q7XzQ9jjaAiPVO4feXvTL_BiTIfKFnzQ5TEDr2HLV2VzaOOVwu_3UdJV4WjvAqHSO86i3A5PbnJ6JYrEdHJ5IDGIuYmlveRctzsjsLq_YJcWdolYqk1joqYI4Os-fpEZ3lrDPwOu9-_tcwC4jOJtrTCS59jukkZ2Am4garYlzlQXBUCzCjfVHhHzMfm7tbEt105STRxBdSrAlC0gh1o4Jb6ZGCFDKppzpiB6OIrDN7-uEhuzSD_ijKlfRTEDasH3httqVS-4RSnGnQTSl3ZWzdwNPgjlw3RxtrYQDo&sai=AMfl-YTV8-LLbu_IGg0tSHNaI5SZRDvfqC4h4ojZyK0QxRhwz_74ZtA6e1vcu_JgNy405hnfHZKaUalPUcnuR3ZPuJbiOa3hg_LjpbjFtfqDLPU0YCy87Ldf49IK5tx_6Q&sig=Cg0ArKJSzD2lqz4_37O5EAE&uach_m=[UACH]&adurl=
Frame ID: 6A5F31590551C9E243CEBDF82D954FA0
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=meups.com.br
Frame ID: B515A3AF5F4F2240AA19C22C5804360B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1853D300FAEA52D87162226995666007
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DDEC8B34E5D7784C14EE34CF6919B80
Requests: 2 HTTP requests in this frame

Frame: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 33AEF1C8A49DBBD4AA4A6B2F8CE7584E
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNU-Wl1p7G2RlchWNkdZFf0VarmYXewijFxHsc2A4-r3suQ25AkGHQ99AcK4tLMHoxCQ7V5PbVHmpChVqgW-OuvzNY3AkJkXOSbtLRRArwc_yZBgrOHaAs_5nuTyqPuIb0xBxCEvK-yEAhG85YeXoi91sRrqkRRtZnon97rlWFuK-AS8A9M
Frame ID: A27C652C4BD36C6D134AAED4726BFAD5
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0458A0B06DADB4DE2238B0F74914A66D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22E45E726CFEF9FAD981C7C304E0895E
Requests: 3 HTTP requests in this frame

Frame: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0947D5A0AA597C6EFD34D04EFD8400A
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6BCEFC47E9B715A334263D90CFFEAC38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD5A234AE0BEF7ABE7E304E66F1B8211
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
Frame ID: F4199F48512E5D52B2FDB4D768D744A3
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuodp2k1PlIjB7Pa7NrOXB-KxvG5vUpjvJt4WToNXEWnxFTm3WVmGAWIb5cleX_PvdofnyvnXuzAV1lvRJ4yBTw5C1QdG7VmGm9lP8ZyimPwWLpvch8b7BuwytUzzs7n5rnCS1CGGpkqiNK1LCjjJAVdKO1C3uGderv63nzzwW8yh5BB38YrC3SZnwLL8IB7fiUPJ4b8udAiOP4CDztfXsto1arbkTGh-h3dBuTYvlWOzPfnoRFKQvbli6b3xyQBpTp5n6nnO--zyrlluwYJ7ntzGWud9UrePpymPcCcQvaCDPNryYkG8C8gFfwewzSiUXQbZZlcsuanQxk&sai=AMfl-YTiesYWQzwb3yvKOzfSJiwkJ6sXTH_OHTdjZYyIOwGNwNE0VrsNVxlmzDBWZjKJooJ8im5YhS4HMU1YXTjXJNbWQ_vhdwXmrg1smjbdxca7JgILInu8fhFVETjqZCw&sig=Cg0ArKJSzFJYwjwVGqfoEAE&uach_m=[UACH]&adurl=
Frame ID: 64BF5AA01DEF111EC294CAC3AB0804A5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MeuPlayStation | Tudo sobre PS5 e PS4 no Brasil

Page URL History Show full URLs

http://meups4.com.br/ HTTP 301
https://meups.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

158
Requests

91 %
HTTPS

52 %
IPv6

34
Domains

53
Subdomains

46
IPs

8
Countries

3476 kB
Transfer

7091 kB
Size

34
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://amzn.to/3PCd5wN
Title: God od War Ragnarok - PlayStation 5 R$296,91

Search URL Search Domain Scan URL

URL: https://amzn.to/3z9JDIY
Title: [Pré-venda] God of War Ragnarok - PS4 R$251,91

Search URL Search Domain Scan URL

URL: https://amzn.to/3D7DeQC
Title: Boneco Fortnite Victory Royale Series Meowscles (Shadow) 15 cm com Acessórios - F4962 - Hasbro R$229,90

Search URL Search Domain Scan URL

URL: https://amzn.to/3VHR6YY
Title: Planador Fortnite Victory Royale Series Downshift, 15 cm para Figuras com Base - F5694 - Hasbro R$66,90

Search URL Search Domain Scan URL

URL: https://compre.vc/v2/196f5a9db08
Title: $10 PlayStation Store - Cartão Presente Digital R$10,00

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MeuPlayStationBR/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/meups_oficial/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/meuplaystation
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MeuPS4Gameplays
Title: YouTube

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/meups/id1559963722?l=pt-br

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.MeuPs&hl=pt_BR&gl=US

Search URL Search Domain Scan URL

URL: http://pixelwolf.com.br/
Title: Design e desenvolvimento por

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meups4.com.br/ HTTP 301
https://meups.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://oajs.openx.net/esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp&cc=1

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertagids&domain=meups.com.br&sn=ChromeSyncframe&so=0&topUrl=meups.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tu2bG3xlc29jeGEzZXJmbGhtTXVuSnkrT1YyczZRbytPMk15Z0l0UmdxUXZjbC84anFrekFtU0oyRFlVcnhnNWVtVjErb1h0RElmKzlBY0tSeXVBbTVKTUtjb2ZXSXRRbjZmOFFTdXZkU2VPQUZ3RSt6VmVnRXdSd1JHQjdXZW5CZHBPMU9lSlR6RGFwRmF6aUIzYmtBOXZianB4WjJZNFJBeXZrZUlGbkVYcEJSOGkvR3VaYUNRdWhFY2RadU0zU2NOaFF1Ykp6SGFCb1hpS1NZaTd4TDJCZ1VpUzZDTUUvKzhoT0V4SnFlUVlSTWgxSVhONS9xeENWSFQzVDFVcUpYZ1paRFUyaGJmR3c5aHVncGlxOGRteUVUdz09fA&cppv=2

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1&C=1

Request Chain 106

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZACtVD7R-kZsfrYA6qwkDAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKFzhGB52CNvdnA2bd_esE&google_cver=1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECIcf9UNYrx5MqwwtETg0XQ&google_cver=1

Request Chain 108

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0NzgxMDc5NDQ5MjAxMzY2Ng%3D%3D

Request Chain 118

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5020212256248417&ias_chanId=1&ias_placementId=18137318564&bidurl=https://meups.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iqTiphHRo9QI0b24Lt15xD&adsafe_url=https%3A%2F%2Fmeups.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fmeups.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f1e94de5-5a35-2c12-1b8a-526f7ec751ac,c:5IgzoT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-gc46q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:3,mot:0,app:0,maw:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:636028b1-b903-11ed-bf1a-26554d542d0c,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=

Request Chain 131

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIMb7gbhphVq-NvKHU7MUds&google_cver=1&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5GvG1_2sRBeoLp7ZY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5GvG1_2sRBeoLp7ZY

Request Chain 132

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 133

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKwcC8h6u1bktALfnJ-FRu8&google_cver=1&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKwcC8h6u1bktALfnJ-FRu8&google_cver=1&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=089d0ad4-4454-48c1-a910-89b2de36bc57 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=089d0ad4-4454-48c1-a910-89b2de36bc57 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=d0d02f8d-233a-4eee-8fdc-51bafa7d4af0&ssp=google&expires=30&user_group=5&bsw_param=089d0ad4-4454-48c1-a910-89b2de36bc57 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs&google_hm=CJ0K1ERUSMGpEImy3ja8Vw==

Request Chain 134

https://d5p.de17a.com/cookies/google?google_gid=CAESEGl1tOKJQei_03ek-qgu1Uk&google_cver=1&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGl1tOKJQei_03ek-qgu1Uk&google_cver=1&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g

Request Chain 135

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHZ2xvr_S8yil97qq52pX1g&google_cver=1&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y7gw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y7gw&google_gid=CAESEHZ2xvr_S8yil97qq52pX1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjU4MDM1Mzk3MDQ3NjE2ODkyNg%3D%3D&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y7gw

Request Chain 136

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESEBCxu4puL9sc0_fl67Y&google_cver=1&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNHIlOI00qm25MGUdENr-qWyocLgbk4PE HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESEBCxu4puL9sc0_fl67Y&google_cver=1&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNHIlOI00qm25MGUdENr-qWyocLgbk4PE&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12ZDVxeklWRTJ1SFJFdktuZGdNb3RvLktydVprbldfQ35B&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNHIlOI00qm25MGUdENr-qWyocLgbk4PE

Request Chain 137

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJeWTIef8pCI-LRxs1cVg5s&google_cver=1&google_push=Aa02lx8GPws_ME_SF5YdfqkGPzmu173CMyq2LJ3-mo90SFk1qKZjJTSKouhRIm8KTX6ZtLfy8s7tMEdDTPaUezUrd1-5uPhonvry1ryJ HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJeWTIef8pCI-LRxs1cVg5s&google_cver=1&google_push=Aa02lx8GPws_ME_SF5YdfqkGPzmu173CMyq2LJ3-mo90SFk1qKZjJTSKouhRIm8KTX6ZtLfy8s7tMEdDTPaUezUrd1-5uPhonvry1ryJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=089d0ad4-4454-48c1-a910-89b2de36bc57&%%GOOGLE_PUSH_PAIR%%

158 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
meups.com.br/
Redirect Chain

http://meups4.com.br/
https://meups.com.br/

82 KB
17 KB

643ms
225ms

Document
text/html

2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa70b50c97fb3214b0cb69dba5ef0b9521eb4e622d5ac5079d0564cc3addd97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 277
cf-cache-status: DYNAMIC
cf-ray: 7a1a32e17a79997a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Mar 2023 14:06:10 GMT
last-modified: Thu, 02 Mar 2023 13:36:02 GMT
link: <https://meups.com.br/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ngx: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xEjOch75ATuTK4xKs4vk%2BtW%2F7gbvo1UyxJfqLdg2HQbgukX0rJEhhc5UDM%2F08v7r6bod9utSs7rLOGqi%2FW57zAK%2Bv1efYJ7V3FTMCCK3YQy8snbsBj0BoMa7Ot2%2Fyve3nx23WfQRvclIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-server: E-Consulters Web
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7a1a32deb9ab3804-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 02 Mar 2023 14:06:09 GMT
Expires: Thu, 02 Mar 2023 15:06:09 GMT
Location: https://meups.com.br/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KACYU61rDxpXpw67ufCtV4Ir3YsaP3v05ij%2BsmCHlCfgQsoAyg0198cpVkpMkvH7gHuOUiRo9OktM2ZdYi8f9qQVJTRok4mfhPvzEt%2BaN8L%2FqF3tlkFJz%2FeoCwfC7ZnzLai%2B%2B4hNmstOpmw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 141ms
102ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98e6ddf10e05cf2eaf9ac9c90d396ea7e3e9c80658c956206581c1a88282bf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48338
x-xss-protection: 0
server: cafe
etag: 7475570171885924597
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H2 200 e2df78f5bdd395f2455d34cba0ea3ea3.css
meups.com.br/wp-content/cache/min/1/ 704 KB
53 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd6e1b2da5fd629419a8cc7787a4fad30feb755a843919e2502b3c34c873e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285428
cf-polished: origSize=720937
x-cache: HIT
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 27 Feb 2023 02:56:31 GMT
server: cloudflare
etag: W/"63fc1bdf-ec1f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7AELOpUBu2jJw0F9P3oUBdFBQ91bwId%2FLhNt3iil4Yc3ldu%2BRqodpsHtDVDIZ2EKC1AInQ1n%2FeDqqkWVWl%2FMsRnD1fog3PchaE9qspvcsWCaQeVMklNfdDMio62nlyNe5QjExroWOftDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
cf-ray: 7a1a32e2ec96997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
44 KB 154ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160675682-1

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6ac045b6849b74d069a80b54d87570f77c8b4cbbc494e2df579ca6d8a702f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44581
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
27 KB 68ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233a9209c444376564cf5b7217f9e52c82c4133ee2a5691474337a2226bcc6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26849
x-xss-protection: 0
server: sffe
etag: "1498 / 558 of 1000 / last-modified: 1677758962"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H2 200 meups.240.js Show response
tag.curiosidadesdigitais.com/ 20 KB
6 KB 195ms
19ms Script
text/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.curiosidadesdigitais.com/meups.240.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

7653dbb66ab7c858958b003771010673548979ec0a419798a7996d4e60f03872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29470
cf-polished: origSize=20697
x-powered-by: PHP/7.4.33
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Mar 2023 05:55:00 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AltG9lE4xvKWCVBS7dximysHUwuX%2F%2B831QwC73HnIy300kiBoIOZ4oHZ91PDgCM1DdZx5NgJQeOuukxYPtBj6aKnBpWG%2B55Fo06Sb1PSP9HgLY0W7D%2BVqkPF%2BpT8EYEdP6NcO79CcFwnjno0wYmlyfUbnM8oTOU%2BQ55c"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=302400,s-max-age=604800, public
cf-ray: 7a1a32e409dc37e4-FRA

GET
H2 200 PlayStation-e-sede-da-Sony-900x503.jpg
meups.com.br/wp-content/uploads/2022/04/ 45 KB
45 KB 26ms
24ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/04/PlayStation-e-sede-da-Sony-900x503.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc98f281139c88d4be512824a0cafaf4f6b484f723a646c39ca2167ccaea16ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2829
cf-polished: origSize=45883, status=webp_bigger
x-cache: MISS
content-length: 45850
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 01 Apr 2022 11:16:14 GMT
server: cloudflare
etag: "6246defe-b33b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7hNHTVHvtcj%2BxZ184D8DKXkDdq%2B3kjx6wURm2h6R7vtJCpRssilrXmgNNixUfpQS2lVOvWMyDFGU6lrOppIjtDLZMbrKaX3agpPu3mplj16kyQCPB7ea7%2Fg2Y85qvC8rkZw0w1abdIIwA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cf5997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 placeholder.png
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 12 KB
12 KB 16ms
14ms Image
image/webp 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/placeholder.png

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7198ed08224b2fea5a70914f123e85414971809c2caba304a603c2797eccf5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2828
cf-polished: origFmt=jpeg, origSize=53311
x-cache: HIT
content-disposition: inline; filename="placeholder.webp"
content-length: 11808
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 16 Dec 2020 02:40:13 GMT
server: cloudflare
etag: "5fd9738d-d03f"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6kEm3gG4GpW7O5Im7INarYIL5teb4Zg7%2Fq5NKy7ASEkJC7tv6jZkOWZMsCJ24kszQgVK65pnDISq4e%2BX0uk1tFoRI6Sou31juP8ROAirrG1d%2BRUQUModPv47F2Hb2IlHXLf1OXgfYaxqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cf8997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 God-of-War-Ragnarok-PS5.jpg
meups.com.br/wp-content/uploads/2022/07/ 189 KB
190 KB 25ms
23ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/07/God-of-War-Ragnarok-PS5.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed1ced4c458a870652a99ed4b49af524a9d49f86800bd02c14d2085de49ae8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2827
cf-polished: origSize=193770, status=webp_bigger
x-cache: HIT
content-length: 193737
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Jul 2022 13:03:45 GMT
server: cloudflare
etag: "62d2b731-2f4ea"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4aRQ4nglwDsbMNCM4pUtcLQCkmIvcrjuwfklBHOO0a339i%2Bk80ZzHtHjgClbD5Gj8M05QX4zo9sbN0D893vaIEw2RFTsFHLZ1xaRLIut5CvtOaAs9pQpp6bDhK92Bd61M43JsD9zbXj3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cf9997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amazon-logo.png
meups.com.br/wp-content/uploads/2021/04/ 498 B
890 B 17ms
15ms Image
image/webp 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2021/04/amazon-logo.png

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acef92c13f7aa857d4497fba895e1f80c96463cffddf8c9e39fc735c84719aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71099
cf-polished: origFmt=png, origSize=780
x-cache: MISS
content-disposition: inline; filename="amazon-logo.webp"
content-length: 498
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 16 Apr 2021 17:49:35 GMT
server: cloudflare
etag: "6079ce2f-30c"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n943%2BoLqp9mpFH%2BSe%2BCzwX1d6ZWoYxmHsqJ42fuNfSbBBfAqqkG8Y3qD0j2ncWMkBlA3G%2BHxSmeAKWgMU9paEYCerbMCQfNVvN5FhaYn1LXWLTvtFPoOc3o%2F14WoNfBA%2FVesCg7pBeJhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cfa997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 God-of-War-Ragnarok-PS4.jpg
meups.com.br/wp-content/uploads/2022/07/ 267 KB
268 KB 18ms
16ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/07/God-of-War-Ragnarok-PS4.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90e9077ecc93dc2604e7ba8d0e108492690726648c81309b78ebe2f66e1f56b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2826
cf-polished: origSize=274277, status=webp_bigger
x-cache: HIT
content-length: 273665
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Jul 2022 13:02:01 GMT
server: cloudflare
etag: "62d2b6c9-42f65"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqRjvWbrLPqonEbmhDW0cdJbJ%2BW%2FVbSHp6K2liYiyNgOzcw4HtcqERPlee%2FW9AqzldspOga9Gljjsl7%2F%2F1JBVEFj%2BtwSWm9RPTowNchUGsrQt%2FhmjgA60P%2BJo1%2BYDqNLlu7d4wUUG03hBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cfc997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Meowscles-Fortnite.jpg
meups.com.br/wp-content/uploads/2022/10/ 96 KB
97 KB 24ms
22ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/10/Meowscles-Fortnite.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc6ea694020dde69ced4ea6c1d47dbdbb68ace8868fc0cf19d468f5a2e0c7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2826
cf-polished: status=not_needed
x-cache: HIT
content-length: 98781
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 19 Oct 2022 16:26:28 GMT
server: cloudflare
etag: "63502534-181dd"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlzEZm5rpflRmVNoAsWC1Z9TMyyUdKVtgSPPX6o%2FJVmio%2FyvFguDgUqFDpWtKqa4A%2FBV7jZgtXVCu7DWt9WTfYmogWif%2Frl28ctRfTpj6TvBFursllPyjlyMwHZ7%2BDdxTAkd7fTnIndnJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33cfe997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Planador-Fortine.jpg
meups.com.br/wp-content/uploads/2022/10/ 36 KB
36 KB 26ms
25ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/10/Planador-Fortine.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9177750020c7dba717d1161c40bad51f2ade20b8b41e2bd2be6e4c764d4b0965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71099
cf-polished: status=not_needed
x-cache: MISS
content-length: 36469
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 19 Oct 2022 16:22:57 GMT
server: cloudflare
etag: "63502461-8e75"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAkJr3ho6p535scC%2B8whTEpnyWmbVh1%2FFYk9Pfa77HcwCGqstghuPEJPWwawZ15jIM%2BgRR9874HnpJpOi2hHe4D%2BR5viaXdzFohExBO8syX8whbsY0OlndOer7XyKo2CsF54P9oJNAyhaA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33d00997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cartao-PSN-10.jpg
meups.com.br/wp-content/uploads/2022/07/ 11 KB
11 KB 16ms
15ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/07/cartao-PSN-10.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be04dcb48dba63fe5949a8a9b25fa49eb21663b82bfcaaee8d77a4b709e7c831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2825
cf-polished: origSize=11334, status=webp_bigger
x-cache: HIT
content-length: 11301
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Jul 2022 13:15:55 GMT
server: cloudflare
etag: "62d2ba0b-2c46"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3eldrDaRY0VdC8h9dKLe43DhB1tyn%2BuPWjcNZ9EyaMFCwCoXTLebNIZCmyH6M4HD4X0dZfmRO2CCV071%2FXyZzVEchva3R2wakEcdcNeCt2dH187BT2XXVw%2FavJv6%2BHaQUvvVkzvWTlTCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33d01997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nuuvem.jpg
meups.com.br/wp-content/uploads/2022/07/ 5 KB
5 KB 24ms
23ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/07/nuuvem.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26b75762bc60491323aeb3fa43948d2337535322b1442392db0530fe527893c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71099
cf-polished: origSize=5229, status=webp_bigger
x-cache: MISS
content-length: 5196
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Jul 2022 13:14:28 GMT
server: cloudflare
etag: "62d2b9b4-146d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3j2ioQeiXNTShxbutMKeR5z96my07EAvHzfUoRZTAwKbBjDNotk0IWZJFt1mBPJOHo4h9awZkE5xcWbdovsZUqDcQnHS6nVLIfEqe%2BpGbn4wWUZrC2Bd9ZNwCGJfwc2yibsPEcdbkK%2FNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e33d03997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.svg
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 13 KB
6 KB 22ms
22ms Image
image/svg+xml 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/logo.svg

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b8cabeb857435dec8f4cfaea8d4a557b4198e2d0fe8d25c826005c79a8d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285426
x-cache: HIT
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Dec 2020 02:40:13 GMT
server: cloudflare
etag: W/"5fd9738d-3470"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbDd7EMork9nXAg1sycEP76i13eXm%2FqN%2F%2Fd9B4QV7JW7pRia39QHuoSFyCq6P%2F%2BE5E936p65ww7FUA4xWkMmY20LMNYJ551SEsMk%2Fa23Leg06xdeooB0rak%2BSVoGYxmfJAAh9gzfVi5VjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
cf-ray: 7a1a32e33d05997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Bold.woff2
meups.com.br/wp-content/themes/meuplaystation/assets/fonts/ 128 KB
129 KB 24ms
23ms Font
font/woff2 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/fonts/Inter-Bold.woff2

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f13b6d1d46eae5114244e530ba0579f0eda1c5a979f6a7d433981971d6b6a309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6492
x-cache: HIT
content-length: 131128
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-20038"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHI6BGbtpcXvd2RG3A8wL0r0EnCi1fsxPaSUwfvwb3Ue6ECyJ4OqVedTYNHe%2BNBbXjWdiF0JEN0pbX5ya5w0jKCiiHoLDSULXIqi%2B7DOkiycpFH843PwF%2BgIsNecgRorD63HTSGyqkB14w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e34d0d997a-FRA

GET
H2 200 Inter-Regular.woff2
meups.com.br/wp-content/themes/meuplaystation/assets/fonts/ 119 KB
120 KB 22ms
22ms Font
font/woff2 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/fonts/Inter-Regular.woff2

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6ff9be6facb2fc4ef2e3a0c0050679cab7751339aba04de9c15b3e19e2c540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6492
x-cache: HIT
content-length: 122040
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-1dcb8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU%2BQXSDNBuSVWhxQcYWghayRqZdGjz1pcVnMG1y25n5rGEQkOrQdeb2Y%2BAdue5rEaoT0f%2B%2BjqsiAEDum8Xpzs16AmFovYf7URnPE9EVqwoa7alOvC4xYRaHyRss%2B6yrR2aFVbC2fk4n4vw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e34d0e997a-FRA

GET
H2 200 ofertas.svg
meups.com.br/wp-content/themes/meuplaystation/assets/icons/ 2 KB
1 KB 30ms
30ms Image
image/svg+xml 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/icons/ofertas.svg

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ccdb637c0fcd55b6628c5b59e1377bdd01c67ddaa2dac2ec64c5eec567a711f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2828
x-cache: HIT
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Jun 2021 02:28:12 GMT
server: cloudflare
etag: W/"60d14abc-7ed"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9pkwP1NR2hHn5Y3JV3Fx%2F8qoviA8Cg2A3w37mKyGLG1YBudIwZz%2F0LdKzl5YDleeuEIqHNIlb%2FpaGMGgj61cZX9eAFKj2TkmP%2BW9jSwb%2B3BWfXO5X6EQbmn10T628uYhXwmULUwq3OfsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
cf-ray: 7a1a32e36d42997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Medium.woff2
meups.com.br/wp-content/themes/meuplaystation/assets/fonts/ 126 KB
127 KB 31ms
30ms Font
font/woff2 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/fonts/Inter-Medium.woff2

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8340de71adcb169b98d9723f6f92040a1ce5cbce6ac8db329450b2d9eba2ba5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6492
x-cache: HIT
content-length: 129372
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-1f95c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGQ8TeibrRez3ZRNyGaoufFjDRIWyJxPQc%2FKJ8R1g%2BMWUT7JpPV9deBlDq8wjfkcktHO53xF2iXI3ioqrHgECF54PUP3vDWMsY2SDBW%2FKPqmnUyKv7UaHFa5yIv0nkHzKZ%2Bbyn3g7nehuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e36d46997a-FRA

GET
H2 200 icomoon.ttf
meups.com.br/wp-content/themes/meuplaystation/assets/icons/ 8 KB
9 KB 30ms
29ms Font
application/octet-stream 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/icons/icomoon.ttf?8nvpt0

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaa84e017eb7b9c399e4712bb7fd59ef2cd6a849b4f6a0f25af5e26454a264f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154424
x-cache: HIT
content-length: 8620
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-21ac"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNgge0SDWolQ6itTGRlZqcM8BqDqhsUmqSyYFapT7tLoJ2fipB3HqRbEvijJ%2BxFPQ%2FCyVMIr5C4By3xO%2BIhgu6ePMGb3O9mo9R2CUCY%2BJGrgliuwe9s2WmG3e%2BEL4W4r4R674arNCZFoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e36d48997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-MediumItalic.woff2
meups.com.br/wp-content/themes/meuplaystation/assets/fonts/ 132 KB
133 KB 29ms
28ms Font
font/woff2 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/fonts/Inter-MediumItalic.woff2

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

479f5771e914af5b74ba365b8719613c89a00975939c2d472c4061483f96f800

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2830
x-cache: HIT
content-length: 135352
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-210b8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGty8a7n1Nbje8%2BJ91llDjMoeaoQUScKW8IRWo2WduXip4jNlCVRLKvTkRzlPRCcjnwRJjLisOm9P1sJsDJP%2FujRiqx8xevTA%2BBeVRh3pJVBATPi3nTOkKJa0%2B5Ic0klwgiHm%2BtKI6FIMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e36d49997a-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/ 361 KB
119 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5020212256248417&plah=meups.com.br&bust=31072649

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c08a41c76ec1f46d447fb3e28065617cdc55b55a3293c14d9c41e505ab53d83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121819
x-xss-protection: 0
server: cafe
etag: 2749461812158504449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame 7DB6 10 KB
5 KB 48ms
13ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 06:41:33 GMT
etag: 2378337311435320485
expires: Thu, 16 Mar 2023 06:41:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app-store.png
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 824 B
1 KB 15ms
15ms Image
image/webp 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/app-store.png

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b65b9d1a00e0eeb02ad961a7ea0dd7f283b9cf5a096971abdd554fd9b884dc78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285425
cf-polished: origFmt=png, origSize=1865
x-cache: HIT
content-disposition: inline; filename="app-store.webp"
content-length: 824
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Oct 2021 19:28:43 GMT
server: cloudflare
etag: "61706deb-749"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC2Rgn2VMTD9xhLosFoWr4byqv8%2FHIOa%2Btg9dtF1%2BBn0SKdQjKNhq3kZTw0wcAgNSuirN2W0UwA2lShtxIowzaE8%2BQv1QNg%2FA6rAkCzWth4IzvH%2B7LdnX%2B9EyT5HWJ51cJDVs5lMMghn8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e43e55997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 google-play.png
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 1 KB
2 KB 25ms
24ms Image
image/webp 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/google-play.png

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f462889b8bf8b3a715550c8785f785e85a747cff6e835d91fb821f93ba144d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285425
cf-polished: origFmt=png, origSize=2833
x-cache: HIT
content-disposition: inline; filename="google-play.webp"
content-length: 1430
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 20 Oct 2021 19:28:43 GMT
server: cloudflare
etag: "61706deb-b11"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OXlI37U4hw%2BbRYGoEw%2FRvI64R2h6nmgKo%2FvE3%2FHZAE4y3VM1zj%2B%2BY%2Br0gGosujCeEqERiwOZYbsL9LxyFotHb363i2EeftLPimIbmkUvTnqds3TIGPzYvF4r9qzW1domSb1biBNWxs6Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e43e57997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-pixelwolf.png
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 844 B
1 KB 16ms
15ms Image
image/webp 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/logo-pixelwolf.png

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31bcd0a8875743f0c65a690184b6e2b169112943445163cfc77c23440fb135db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285425
cf-polished: origFmt=png, origSize=1808
x-cache: HIT
content-disposition: inline; filename="logo-pixelwolf.webp"
content-length: 844
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-710"
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQWKZMf1bVpv1j4gMkOZTh2Bj9JTsncpRXSIfxCu9BSfmhE4cgSFLD7rLCaklUdkW7E5gF%2FVsZZkrJoYdZA6qBx9L4WJ%2Be%2FyxvLvi3dZVzzci7XLjxy%2BAFu4fLvCuPUPS4My6vJi8XNmRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e43e59997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 10 KB
4 KB 86ms
9ms Script
text/javascript 13.225.86.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z-na.associates-amazon.com/onetag/v2?MarketPlace=BR&instanceId=e7d5d0e7-f0cc-49cc-b5b5-b181b97beb99

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.86.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-86-12.fra2.r.cloudfront.net

Software

Server /

Resource Hash

648d58cb04c803361aa168d62b553d1a247ff843ef920fc1de19f7bb441d1bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:12:22 GMT
content-encoding: gzip
accept-charset: UTF-8
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C2
x-amz-rid: 2KZD4Y6DJHYMPM1V9D6F
age: 10428
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: Nff-0QJeiLcOCbCshM0V7-iEUqC-1wfJ1-VfcyWmA9Kxy1dPsHPJhA==

GET
H2 200 our-com-channels.svg
meups.com.br/wp-content/themes/meuplaystation/assets/images/ 44 KB
18 KB 21ms
20ms Image
image/svg+xml 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/images/our-com-channels.svg

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972a280f5082360c5d7b1397776d3b224243ac07fa8186f4edb4dd998cacf613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262505
x-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Oct 2021 19:28:43 GMT
server: cloudflare
etag: W/"61706deb-b1c0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIj57eU1E42xJWY4ZIGdDnVW9i9KUUpRQowlG%2BRjTfZLFF4cs1Mvx740EtPEzH3uW1cmeBGg0tEEcSSNG8hek%2BFzHnJlSUspwWI2gQ5AlEOhPyF2dMWAzjRtiYaGEyv%2BKreVC%2FgtEHCXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
cf-ray: 7a1a32e45e80997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Inter-Italic.woff2
meups.com.br/wp-content/themes/meuplaystation/assets/fonts/ 105 KB
105 KB 15ms
14ms Font
font/woff2 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/themes/meuplaystation/assets/fonts/Inter-Italic.woff2

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b81f9de5a85c8755771be7b864d44851b36c46faccf7d7edf8d2a4df0a4c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/wp-content/cache/min/1/e2df78f5bdd395f2455d34cba0ea3ea3.css
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6492
x-cache: HIT
content-length: 107368
x-xss-protection: 1; mode=block
last-modified: Fri, 29 May 2020 15:16:12 GMT
server: cloudflare
etag: "5ed1273c-1a368"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hU7vsHotfc6%2B4LvXM2%2BewI1tJ82op73tXHPxhffzf61bSy86HrhY2ajVmtkMRd5S8eSqnQUWCqqhJMD8UDtgAiWxrpGH%2FSLtDOzo3KpaARfl1XU6qtvoMAre2uS%2BjKzbNuVYoJ7Cl%2FGdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e45e7d997a-FRA

GET
H2 200 f0cd6a3f192a9993406feb6659b82de4.js Show response
meups.com.br/wp-content/cache/min/1/ 530 KB
162 KB 32ms
29ms Script
application/javascript 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74486676dc0787638869a383c98fd684d1548ec6bb99cacff7326a8cf73a9c52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87128
cf-polished: origSize=543000
x-cache: MISS
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 28 Feb 2023 20:46:24 GMT
server: cloudflare
etag: W/"63fe6820-28267"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEITG8FikpH9H%2B4ywuAxlppqzgi7levq5dxAuJrxoB7Tg7DRLKbYX2enMyjcn3eMA6KWSktwAtJZ52Rpwfw2WnsR2tWO9esrZJEJMi6ueIBXkSU0MGREU0t8FeELlK2mI6Vmprljsyqneg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
cf-ray: 7a1a32e46e8e997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 120ms
86ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: meups.com.br
URL: https://meups.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://meups.com.br/
Origin: https://meups.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a1a32e49d8c9ba0-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160675682-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 12:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6680
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 14:14:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJ096WYBFT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160675682-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78b6feb565d0100f5807715c96245813967447efa483cd0222b689b0098382dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
408 B 488ms
111ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag/andoncord

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=BR&instanceId=e7d5d0e7-f0cc-49cc-b5b5-b181b97beb99

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

s3-1.amazonaws.com

Software

Server /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 14:06:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AXSY6TR5JPF13VK3E5NN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://meups.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H2 200 hotjar-3017733.js Show response
static.hotjar.com/c/ 0
429 B 107ms
43ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3017733.js?sv=5

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 0
x-amz-cf-id: HWqFzd9i8Vsq5uBwYMM-yO72qVpe3FZk3ncFYKXn7uqT-HjLs1Cmdg==

GET
H2 200 hotjar-1727554.js Show response
static.hotjar.com/c/ 8 KB
4 KB 100ms
37ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1727554.js?sv=6

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

7a97629f7b7fafb922b1a6a4efabd6fb0844f542ddc6d473600893e8edf93931

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/e33faf8ca2ff3344572457c16ce7be00
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ViRy6NZbnNv2M2cH_-tko0_emfqags3iQS61eQ_KqOVYEjTf57TPlw==

GET
H2 200 pubads_impl_2023022201.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbe52452ca91d5add21ca01c8418f8f6eeed8b4a864f3e24114d9dbac4005a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 01 Mar 2023 14:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132803
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 09:36:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Feb 2024 14:49:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 716 B
369 B 80ms
49ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=meups.com.br

Requested by

Host: meups.com.br
URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d534465678590b93676e9ebd905a98c8e5fe5380ea8203f2a8949c1aaab82d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:10 GMT

GET
H2 200 E3-1-500x280.jpg
meups.com.br/wp-content/uploads/2022/06/ 5 KB
5 KB 15ms
15ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2022/06/E3-1-500x280.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51056c85b4b0b52de045da4d3a7c3edcfe3cb4e62e74e32f717d935443ea88da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20871
cf-polished: origSize=5005, status=webp_bigger
x-cache: MISS
content-length: 4972
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 07 Jun 2022 16:37:46 GMT
server: cloudflare
etag: "629f7eda-138d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMzjSk60nTmI%2B6IiaQ8HGW2QaPF1WJ0vJB7F40f5StJNdISYdcR%2FdglG3Zxf8PBkhVB3KVKPlPl1dDXip%2FcB%2FOLge5oi72HjQFtgWfbIiITJoK1kfs1E9W0TnmstQwraBwHugbI6sJPPtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e50f87997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Promocoes-Gamer-da-Amazon-PlayStation-500x280.jpg
meups.com.br/wp-content/uploads/2023/03/ 24 KB
24 KB 628ms
628ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2023/03/Promocoes-Gamer-da-Amazon-PlayStation-500x280.jpg

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30038a4c060b2c2e9608a13061ef813e062beb8414af760911c610c970c5c0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-length: 24655
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Mar 2023 13:19:56 GMT
server: cloudflare
etag: "6400a27c-604f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6air%2FR4R%2F4e1mra3URTLaGwFC2zinMsTHZKDABx4lNcnHo49w558WVYXND3g4BoWOXlwPGwXG7m6DlYx38sbxqsoBBoyE7d1x2vac9C56fa%2Ft28OlSBId3wNldccGu%2FayYdXv6bJY%2Folw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32e50f89997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
243 B 56ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TJ096WYBFT&gtm=45je3310h2&_p=1349886437&_gaz=1&gdid=dZTNiMT&cid=598809035.1677765971&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677765970&sct=1&seg=0&dl=https%3A%2F%2Fmeups.com.br%2F&dt=MeuPlayStation%20%7C%20Tudo%20sobre%20PS5%20e%20PS4%20no%20Brasil&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ096WYBFT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 53ms
17ms Ping
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJ096WYBFT&cid=598809035.1677765971&gtm=45je3310h2&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ096WYBFT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 148ms
64ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJ096WYBFT&cid=598809035.1677765971&gtm=45je3310h2&aip=1&z=81246958

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 96ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=meups.com.br&callback=_gfp_s_&client=ca-pub-5020212256248417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5020212256248417&plah=meups.com.br&bust=31072649

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b872dbd6b1974afc18b51b9373d871fd676f173f055470998b39f1c17014e9a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 70ms
24ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=meups.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 71ms
22ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=meups.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
47ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=footer-fixed&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
48ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=masthead&cls=header-menu&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A921 0
188 B 119ms
118ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5020212256248417&output=html&adk=1812271804&adf=3025194257&lmt=1677764162&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x675_l%7C164x675_r&format=0x0&url=https%3A%2F%2Fmeups.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677765970577&bpp=3&bdt=191&idt=192&shv=r20230227&mjsv=m202302230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6892148815572&frm=20&pv=2&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759875%2C44759926%2C44759837%2C44773809%2C31072649%2C31072791&oid=2&pvsid=3784857560961781&tmod=60590290&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=224

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:10 GMT
expires: Thu, 02 Mar 2023 14:06:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 27ms
22ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1349886437&t=pageview&_s=1&dl=https%3A%2F%2Fmeups.com.br%2F&ul=en-us&de=UTF-8&dt=MeuPlayStation%20%7C%20Tudo%20sobre%20PS5%20e%20PS4%20no%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1683654934&gjid=829719370&cid=598809035.1677765971&tid=UA-160675682-1&_gid=2130811244.1677765971&_r=1&gtm=457e32r0&did=dZTNiMT&gdid=dZTNiMT&z=490457746

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
20 KB 426ms
426ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Chome_header&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&adks=2283658611&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970914&lmt=1677764162&dlt=1677765970385&idt=424&adxs=170&adys=502&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=1260x250&msz=1260x250&fws=4&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4de595a836328ac4a40ae13394485ff134aa34723398add6d188bfa17ee0ef7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20752
x-xss-protection: 0
google-lineitem-id: 6236882296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424498203
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26E0 6 KB
3 KB 119ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
expires: Fri, 01 Mar 2024 14:06:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
20 KB 1165ms
1156ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Chome_sidebar_desktop_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C160x600&ifi=3&adks=3700597177&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970927&lmt=1677764162&dlt=1677765970385&idt=424&adxs=1026&adys=2486&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=404x600&msz=404x600&fws=4&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40bf314b787533bc9edebdd1790edbfe96567b115b9f04e9c87b864368f72638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20926
x-xss-protection: 0
google-lineitem-id: 6236882296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424498200
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
11 KB 848ms
848ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Csticky_mobile&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90&ifi=4&adks=1857210330&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970936&lmt=1677764162&dlt=1677765970385&idt=424&adxs=800&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=1600x-1&msz=0x-1&fws=516&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff45e0eaff3ffbe06a09ceb10d168f78976a2cc1c4eaeaebec5a7e4d91436446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11385
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
11 KB 1148ms
1148ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Cbackground_1x1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=1934142529&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970943&lmt=1677764162&dlt=1677765970385&idt=424&adxs=0&adys=109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=1600x-1&msz=1x-1&fws=4&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98ee02eba1f39feae4ef3af212645f4769c6aa058f0ffb681365cb9013c936d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11064
x-xss-protection: 0
google-lineitem-id: 6235066470
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425153788
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
20 KB 1778ms
1778ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Chome_content_02&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C300x250%7C728x90%7C250x250&fluid=height&ifi=6&adks=3120291852&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970947&lmt=1677764162&dlt=1677765970385&idt=424&adxs=170&adys=3102&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=832x250&msz=832x250&fws=4&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ff1e8d07dea4c5c56486568f15378acb29730929bb1c1d4da69f0c9ba38de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20783
x-xss-protection: 0
google-lineitem-id: 6236882296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425152939
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
20 KB 2041ms
2041ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3784857560961781&correlator=3956319016602805&eid=31072028%2C31072562&output=ldjh&gdfp_req=1&vrg=2023022201&ptt=17&impl=fif&iu_parts=92804089%2CMeuPS%2Chome_content_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=7&adks=2543349931&sfv=1-0-40&cust_params=page_id%3D0%26tipo_pagina%3Dhome%26categorias%3D%26tipo_post%3Dpost%26chave_lado%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1677765970950&lmt=1677764162&dlt=1677765970385&idt=424&adxs=170&adys=1600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmeups.com.br%2F&frm=20&vis=1&psz=1260x250&msz=1260x250&fws=4&ohw=1600&ga_vid=598809035.1677765971&ga_sid=1677765971&ga_hid=1349886437&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5e2bd88a25187a5e59931a5fb61fb4458698d5e572a6bf217da8af0da99d381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20629
x-xss-protection: 0
google-lineitem-id: 6236882296
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425152945
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 18ms
17ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160675682-1&cid=598809035.1677765971&jid=1683654934&gjid=829719370&_gid=2130811244.1677765971&_u=YCDACUAABAAAACAAI~&z=25657769

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 14:06:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://meups.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3bdf981e73ecd1bf9fca.js Show response
script.hotjar.com/ 263 KB
68 KB 58ms
9ms Script
application/javascript 13.224.189.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1727554.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-97.fra2.r.cloudfront.net

Software

Resource Hash

5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 09:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 277025
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68683
last-modified: Mon, 27 Feb 2023 09:08:08 GMT
etag: "ebfd5ece1732ea77a9b33e8ec7afb91a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xnqblLPo88ZAzuxIoZdCgLHPivAEczuasVm88yhfWcwqjF8hgHGAvg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 96ms
41ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-160675682-1&cid=598809035.1677765971&jid=1683654934&_u=YCDACUAABAAAACAAI~&z=310239813

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 67ms
63ms Image
image/gif 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-160675682-1&cid=598809035.1677765971&jid=1683654934&_u=YCDACUAABAAAACAAI~&z=310239813

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
456 B 111ms
111ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22meups404-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Fmeups.com.br%2F%22%7D&u=https://meups.com.br/

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=BR&instanceId=e7d5d0e7-f0cc-49cc-b5b5-b181b97beb99

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

s3-1.amazonaws.com

Software

Server /

Resource Hash

50ef4c8883c7cce8adc427049ca96946e759ce76eab2c8a0dc5aadb3bb56c743

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 14:06:11 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KWE4721F1MTXT0A0RG05
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://meups.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 169ms
17ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:17:05 GMT
via: 1.1 google
age: 2946
x-guploader-uploadid: ADPycdtY9N4S9zw8HzXb6QRu4WGbj5BVTPKJDMFC0It75aAFiVzdykxXUeeO_hQfY2c2HOctbcMIbewV_pGuYrZMwKgs5QyyaWxK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:17:05 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 43ms
9ms Script
text/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:20:11 GMT
content-encoding: gzip
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 9961
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: IfWuy537DEXi_kcLrFlmgb9purgRA_6RR8m-twojIUq0SG_-HUu60A==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 51ms
21ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: X62HD4AEE1DVWSM7
age: 255
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a1a32e93c463a9d-FRA
x-amz-id-2: EFYtIkWenICF2ZXdzn/IO5L6b6E2tXBoEDkeDs20HryboamOBykN5C1hmGl5u6SWwIzrBLiU+58=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 38ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19939
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKRwh93%2FnXEENvdmrjeirZeMZiGJt41KoLRRgvPSTecZJ%2FFKjcBt0uT3MhhTPygr564DhOUv1pyHsZWw4jPZkOms8TA1JAFgCjfmsYOPsScivsD9XgJjgVCO1NNqxHdhho%2BCh03pR%2FH4A5JDcY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a1a32e92df72c72-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 51ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 14:06:11 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 55ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:53:07 GMT
content-encoding: gzip
age: 1890784
x-guploader-uploadid: ADPycduE5L2eeFp6uIBZXVmQzp1L-SpgDvDmbY_Q_CWTzkfDxzhrR4U1i09pt8tFiyeePrtu2s28XPWyuBaA4jWN06J35g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 08 Feb 2024 16:53:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A5F 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ0kma3kfBReSspqi-z241umMkLqHuKOcf1q7XzQ9jjaAiPVO4feXvTL_BiTIfKFnzQ5TEDr2HLV2VzaOOVwu_3UdJV4WjvAqHSO86i3A5PbnJ6JYrEdHJ5IDGIuYmlveRctzsjsLq_YJcWdolYqk1joqYI4Os-fpEZ3lrDPwOu9-_tcwC4jOJtrTCS59jukkZ2Am4garYlzlQXBUCzCjfVHhHzMfm7tbEt105STRxBdSrAlC0gh1o4Jb6ZGCFDKppzpiB6OIrDN7-uEhuzSD_ijKlfRTEDasH3httqVS-4RSnGnQTSl3ZWzdwNPgjlw3RxtrYQDo&sai=AMfl-YTV8-LLbu_IGg0tSHNaI5SZRDvfqC4h4ojZyK0QxRhwz_74ZtA6e1vcu_JgNy405hnfHZKaUalPUcnuR3ZPuJbiOa3hg_LjpbjFtfqDLPU0YCy87Ldf49IK5tx_6Q&sig=Cg0ArKJSzD2lqz4_37O5EAE&uach_m=[UACH]&adurl=

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 6A5F 22 KB
9 KB 53ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:19:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 6A5F 3 KB
1 KB 55ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:37:53 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6A5F 0
0 22ms
21ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpJ8z-hkmrTby8ViNwDQRk6hb5sYIwNJWLyXiq5DWIFwJEc1aTkBG7LvAiewdtmtgJ5ea7WyibyjXg8vc8Bf7QySvLvg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A5F 158 KB
49 KB 65ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H2 200 3624330685427380024
tpc.googlesyndication.com/simgad/ Frame 6A5F 64 KB
64 KB 55ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3624330685427380024

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e8afb66065def15ecac663a216b6570ff32dbe2e3fc4e2610bd9bc1cf890f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:23:35 GMT
x-content-type-options: nosniff
age: 20556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65634
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:01:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 08:23:35 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 125ms
34ms XHR
application/json 52.208.98.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.98.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-98-204.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9ff7fd53c5fc0ef7b3669349f2514eb7c4b533b8d63dbc973cbac7a27143c923

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://meups.com.br
cache-control: no-cache
x-server: 10.45.10.199
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B515 15 KB
6 KB 60ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=meups.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
server: Kestrel
server-processing-duration-in-ticks: 912840
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp&cc=1

85 B
203 B

286ms
279ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7d7f0358465c5c028a5ed0d3c594b4d034135df53c0931bb688440ef2ba0c1b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-D3q0sfjyhqlt/CKlcplX+kvTc2I"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://meups.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 02 Mar 2023 14:06:11 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://meups.com.br
location: /esp?url=https%3A%2F%2Fmeups.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
321 B 80ms
18ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://meups.com.br
date: Thu, 02 Mar 2023 14:06:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
DATA 200
OK truncated
/ Frame 6A5F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 049f38b27bebc779141ae0386ad181dfee1b6b48b7109c8d567d0da5d49e7b46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6A5F 0
0 51ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyt3osK0XyUeLp-vjOiq8YB9sMslbo7lOlV1-g_8L-f-5Y9gc21FKZ8f0uU91mkOVpY-6gynLpLgNLuESVw9y-upA1G3xT4AcWUd_vsKtR7sWVXH_sHFlSwl0gef2U1tqssfFPfs6l_0_qlJQRk6U6giQm9HWdlBAf5BGAaoTj8LNfxdrVza9blrqWaVbGaIJOZgM4-TNZHjj8UFJ9iLzLcj_znmE81RmeXWyZOswBKtDocneTPeGHWxcmdfEorJyxNUZwVod6vKXtRKqMd3Klw0Fu2pk_T3Xqt0AqQ1PXNMLY4qZvuNNN_vhtSH944tsmZRHaRdZb9g&sai=AMfl-YTmTQNpyr6ZL4bQnBYjIIumisT6qzIxWZKW4XMpIaQSLV15jO4xkJmv31eKFwqa8maNpeVf9Hoxx-Cvs7e4r_6goniPmP-5QZeR0nGj0ZbKXoWN9uYIgnYhDrRfrQ&sig=Cg0ArKJSzPHrtQVCNxpoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B515
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=meups.com.br&sn=ChromeSyncframe&so=0&topUrl=meups.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tu2bG3xlc29jeGEzZXJmbGhtTXVuSnkrT1YyczZRbytPMk15Z0l0UmdxUXZjbC84anFrekFtU0oyRFlVcnhnNWVtVjErb1h0RElmKzlBY0tSeXVBbTVKTUtjb2ZXSXRRbjZmOFFTdXZkU2VPQUZ3RSt6VmVnRXdSd1JHQj...

430 B
655 B

89ms
17ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tu2bG3xlc29jeGEzZXJmbGhtTXVuSnkrT1YyczZRbytPMk15Z0l0UmdxUXZjbC84anFrekFtU0oyRFlVcnhnNWVtVjErb1h0RElmKzlBY0tSeXVBbTVKTUtjb2ZXSXRRbjZmOFFTdXZkU2VPQUZ3RSt6VmVnRXdSd1JHQjdXZW5CZHBPMU9lSlR6RGFwRmF6aUIzYmtBOXZianB4WjJZNFJBeXZrZUlGbkVYcEJSOGkvR3VaYUNRdWhFY2RadU0zU2NOaFF1Ykp6SGFCb1hpS1NZaTd4TDJCZ1VpUzZDTUUvKzhoT0V4SnFlUVlSTWgxSVhONS9xeENWSFQzVDFVcUpYZ1paRFUyaGJmR3c5aHVncGlxOGRteUVUdz09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c0bc3c539e37fa79837326d4c6f9dded360c9c668a30253daec6e71560ec41d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2447611
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tu2bG3xlc29jeGEzZXJmbGhtTXVuSnkrT1YyczZRbytPMk15Z0l0UmdxUXZjbC84anFrekFtU0oyRFlVcnhnNWVtVjErb1h0RElmKzlBY0tSeXVBbTVKTUtjb2ZXSXRRbjZmOFFTdXZkU2VPQUZ3RSt6VmVnRXdSd1JHQjdXZW5CZHBPMU9lSlR6RGFwRmF6aUIzYmtBOXZianB4WjJZNFJBeXZrZUlGbkVYcEJSOGkvR3VaYUNRdWhFY2RadU0zU2NOaFF1Ykp6SGFCb1hpS1NZaTd4TDJCZ1VpUzZDTUUvKzhoT0V4SnFlUVlSTWgxSVhONS9xeENWSFQzVDFVcUpYZ1paRFUyaGJmR3c5aHVncGlxOGRteUVUdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 867260
content-length: 0
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 26ms
25ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 9303358950d98db2ace51617e837bbcb1b61f5656ae31733e9c0af46f6d8425c

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 05566ea4fb113d7b1e4b0027a296ade5
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 65ms
24ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://meups.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://meups.com.br
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 02 Mar 2023 14:06:11 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: a3c81c37d71fc0a512fa79e788e9f586

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 92ms
61ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230227&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff5116ab200896f52b28613a5c0d0e4c2c7d03948a1d889f950dd7a7e8a4733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11274
x-xss-protection: 0

POST
H2 204 rum Show response
meups.com.br/cdn-cgi/ 0
146 B 15ms
14ms XHR
text/plain 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meups.com.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://meups.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://meups.com.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a1a32ea1e36997a-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1853 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 13:12:49 GMT
expires: Fri, 01 Mar 2024 13:12:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6DDE 783 B
533 B 30ms
27ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3263ab0324cbc3f666b5695ef43a52025f80131b7246d5276d47a18a1b61dad7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--pynTKXOzCwid8hBArfpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce--pynTKXOzCwid8hBArfpIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
expires: Thu, 02 Mar 2023 14:06:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 1853 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 21:06:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6DDE 0
0 47ms
46ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230227&jk=3784857560961781&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1853 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Rdu4sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 33AE 6 KB
3 KB 31ms
29ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
expires: Fri, 01 Mar 2024 14:06:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A27C 624 B
242 B 69ms
67ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNU-Wl1p7G2RlchWNkdZFf0VarmYXewijFxHsc2A4-r3suQ25AkGHQ99AcK4tLMHoxCQ7V5PbVHmpChVqgW-OuvzNY3AkJkXOSbtLRRArwc_yZBgrOHaAs_5nuTyqPuIb0xBxCEvK-yEAhG85YeXoi91sRrqkRRtZnon97rlWFuK-AS8A9M

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 33AE 78 KB
27 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33AE 42 B
63 B 67ms
66ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBljwjtrX93OuZ_M2M9DoyWG8e1Ei7jpe1lr8eEaK9OzCworctdpz8nPoixz-tg7A0fjovGdDaFaFCi8KZl6vVgS-C4G3RBWo8ZxZU0rx-1Y6PRMQ

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33AE 0
20 B 66ms
65ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1542519458573188617&x=1&ct=76

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1135760/69474538/xbbe/creative/ Frame 33AE 250 KB
76 KB 330ms
152ms Script
application/javascript 54.217.61.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5020212256248417&ias_chanId=1&ias_placementId=18137318564&bidurl=https://meups.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iqTiphHRo9QI0b24Lt15xD
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.61.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-61-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6c5ba79634c51e17055da96bd96a6dbe3e14bbfbf6f0012f6cd7aa634074c4ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 33AE 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:37:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 33AE 20 KB
8 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:26:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 33AE 0
0 126ms
125ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQk2ggHSDOla47cU3XmS1-lnyt9iQcoRVWotVPTaU4x4EmwtF9BYolYZBNHMR7Q7M9BmqzIM44BrbYhDNRfnDOFVBn4fg
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33AE 158 KB
48 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 0458 0
176 B 63ms
19ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 02 Mar 2023 14:06:12 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33AE 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2737816476406&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33AE 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2737816476406&version=m202301230201&ct=76&x=1&cor=1542519458573188600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 33AE 15 KB
11 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An5ZS7jDcD-pirxQN_zBcp9__KCNRTro6h1Yl8Dk7apPcd-rZVttNlpKWqOsX773vMMnOkrNnXhKgskQBu6B6LD7ixAMxVlhjZnQ1xDHY1tlV9ewojt_H1BFrol2UDVVrz-yf0JMwegEmKAy_QMyPAFSA3SJl13_hRAuGDyI9zJN7WKjs&cry=1&dbm_d=AKAmf-CfOHRLbU4Njz-bjyEDMvG1r7iQMJ7fBfL3xoBKERgzzcG7g4vRSjsXT0tDQQT6Tq0gdZOB4MlraY42EwJFKNPfLS0qO9Yi5-BdpoNZpdUM6eppG1zWtCx9cLgBHrYp3UoSjnIrUw8_ZoZy-88fF4uexV4LbTPyF5nxhL67AtEgLKInXgPrguuJPKQ1W7fueoVxrDgOvyK5t5MWtaJjTlmcDuCAjBquucCRvF4bGMF4GFdrM2Owcz8H5sGD_cIQ4zfJSar7wvYStyBBRyLIw1zM70XcItDMz6p0tFOury2ZlZ5j-j2-XQr10S3hiADDksCmXaRBqmYCCWSYTPriCyfUYajFN5h_3WoJsLnyVYxwaoZ410Hfhk7K4-8GWUshVIDIb1SiEo6FxSTsVcSkmZeCVrlYQ9Al1603yHI0gZiHUftEcDDhGf8mC5USrITGLgnHiUS5rDXZZtzGrscVCfnmEu5MEt7zzI0a-QpruTMhQhnVTmecS4ZyNDCrOy5ZzvhuoOsIS9s4-zM_Kzdt1FI-8u1P8sAg--TQhfMdYMZK-Egj7e_mNVOp7gdkFT8qwQQMYmfBhJvByA3NCLKHoXgHt94ZZhBvb6vcqlANGvy8UKGtgvgl7D22OcvTxsnmP336idouNwxZEBDpvKnNBG4QRbXpgA5vmRnI36ICzrmKAx1L_Dz6AMn83NZSlQkoDBtoKoRWe2tgdimuRTWL_eS6zcqZTs7xTip4Yb55sHLawyeKDLPvJ58AZgDsNByIbX7ihw7jdWmZqZT7H3Fe-Xr4o-FcMYaCRZHVARMIDABZG0LhQbHtl8EcogpMW4GlxP10ghIoBxlkfRLX6d3DVyd9zY8gusKtAR1089HpRcUeMZr27_YwnimWQ4zrMKPoNbTouCyP9CAmuzyehaG0papV4Tng6CusgbbPvsAWr30grHa4gSEw1DXXoz3bfe02QPCzk0lwlzMRjXox926zeqYefMIPcQb6neG-uWH-TjI3Jwr-HL-8doJr3u9XxlfzbZH_0VUwriddsmbfLoKd9hroxezA956vRNZug3zicSzjYV5ALVAVL09W-QeNhvSxR97e7Wu4fiPRS67ZqNIRyaC7iuygzMVKTBX5Rq4TWDGisow31RJj_X1JY19vMeOcW-8sdn8dRNWAYvfOF6oU920z40YZrEFO6bzt89SzQgBxVbJLkuQfTW4i3JYyOQL8ejFsXVdCxkdbwNgC2sQNITSU2VYRD49x8f-GXJRlRee6GkLAYgbDbT7oU2lQMBYAGIvQNgf-7cismxoLEqSh5MOTAT-0IWDN_YbM8zPjMFCUNAbd3l0NI6ft3W9VFCaomhJIgrKg7yu5AAqkV0a4cKa0WmoTDk2xyrbZa7Z-Py2QH9rQ18E7HObYPzqWF8vYmfBAZS9M3ch0iwxV0l6EwAnKg8-SEmyOd8lf3YHRja7Ej1l272x53YYxnL-KFBxAx5Ulf8kHlyCVOLb_otgMNhtMPBwD5Yff9qOv2qZePk2gNa4RgjGLIvuYXuMGAbAJL59htIRy53p-2lSSiakf41f-Ndtopx4udzAzZAIbXxMNPyyJxMpIdcpdcVq9oVcz_RK96LzxKuX5_1Rrs6ydh4TdZ5fBmUur5IX82wRSK3HJ3E7uY2Bm-5hzb1wbTbKfEQ3B4SazF6K-Ol0sOG73VPScyLXbUgUnjggOSXViqxTmswsaDylejNbJcIunjAGJn_5fESqdyqtX6hJI2zhSMRMeSqEun2bvbeR-V5gwLBxYB0-p6H0groVhiLfzFVZpVJdf6baMXtwoaRyUWuJuxu5RVulUH2qKKdczUIqFmwVcZA9FQVpZ75VnvAbtJ-dEnxCLPJ4mwk2fZmm1oJuDmic5LMztj92dtpLyh0CqtP5PIgvRn1EoU7584MHNgt1LWqZ142yLZ1rv0TxCmi9crldMeyVdEKORReNpV3XHBt0Tg2_16ygHkqcjdsjy1I57WqQVbvzwKX6CNG_jW8o7XrGfvClgbzV46MhobFNG3VtZeBziy70QNN7d8dA9i3FE0vD8MQ__sgFkTCU1YUvsxwTdrfVmGwmYSxnjwtGkjcYCT4FDPiwMm2sR9-fORXNnB6T8kiCMXMhFK39oEIPLvCUnHazNqVQkizffG6OS4Jd8Lwz32vz2Jy5rqwar_649kVd73dz7v6wsjXdssLTnLQja0YgX4euJFgbuuiTRJOqF10rQqC9VBNWkpFYuFCkydJWEKDZlV8OezNP7qYAxsVT0aw-xz5hTu-iY3DO7CX10NnqC7CbjlIqtrfXohC1gr3BF9DOuhAXJbbifrJ67TiKfSxptIDfN_4VThUiScM5bZwuGFoWQS16j0y18nELWyyGMrDuEqmTiPoYb57SBujCIkBHGdgOJ4lPdc6Zkgmqv8n4nuaKCuAO9SYkbE__xNU_oHe2gBj97heNv3LRaQxw-Bvq8kfctd8doelyWZFtdmGiRXBD0v3M7oIW0ltgWRrQ_xPgAAEWXXMpivp9C6f8AwyTYk5nqgwzGjmWgTwETexp_2DpkrGwWHb77enNtckVxau6BW1aaJcj48rYFkATNpKKHDnHD81gR34uC2-GKeJpye6ThAp7YX_ESAPL8X_8E_vL7JC_vIztxsVDZVyGgvVNCfDSx-gfYjDUgTIrPM6Uskldr2MO4GwYDlzQHZvpDvTcaT_5CBQAYlLEeHVnO1t36uW1VLt7zjFYQfRR5x0eCO6ONQpJevnuH1WDVAgxCOogwxhuFJGjt8nyHQyBfXSMHnTGA7lpNrmfY-xDMZq-3PshxdQ_fb5KlHIU5shZNd28V&cid=CAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmeups.com.br%2F&ds=l&xdt=1&iif=1&cor=1542519458573188600&adk=3944675600&idt=97&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b293efd12492e5472ff8ea3cf507a6e36f16cc1dfecd90757625c1910131049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A27C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1&C=1

43 B
632 B

14ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNU-Wl1p7G2RlchWNkdZFf0VarmYXewijFxHsc2A4-r3suQ25AkGHQ99AcK4tLMHoxCQ7V5PbVHmpChVqgW-OuvzNY3AkJkXOSbtLRRArwc_yZBgrOHaAs_5nuTyqPuIb0xBxCEvK-yEAhG85YeXoi91sRrqkRRtZnon97rlWFuK-AS8A9M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 14:06:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 14:06:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOrsAjnRLJ3yTDHsSe0RJVo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A27C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZACtVD7R-kZsfrYA6qwkDAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKFzhGB52CNvdnA2bd_esE&google_cver=1

43 B
632 B

13ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKFzhGB52CNvdnA2bd_esE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNU-Wl1p7G2RlchWNkdZFf0VarmYXewijFxHsc2A4-r3suQ25AkGHQ99AcK4tLMHoxCQ7V5PbVHmpChVqgW-OuvzNY3AkJkXOSbtLRRArwc_yZBgrOHaAs_5nuTyqPuIb0xBxCEvK-yEAhG85YeXoi91sRrqkRRtZnon97rlWFuK-AS8A9M
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 14:06:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKFzhGB52CNvdnA2bd_esE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A27C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECIcf9UNYrx5MqwwtETg0XQ&google_cver=1

43 B
1 KB

38ms
24ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECIcf9UNYrx5MqwwtETg0XQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjX7tzgATAB&v=APEucNU-Wl1p7G2RlchWNkdZFf0VarmYXewijFxHsc2A4-r3suQ25AkGHQ99AcK4tLMHoxCQ7V5PbVHmpChVqgW-OuvzNY3AkJkXOSbtLRRArwc_yZBgrOHaAs_5nuTyqPuIb0xBxCEvK-yEAhG85YeXoi91sRrqkRRtZnon97rlWFuK-AS8A9M

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 14:06:12 GMT
AN-X-Request-Uuid: dd619522-876c-4b2d-8265-81ec0e77f54e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECIcf9UNYrx5MqwwtETg0XQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A27C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0NzgxMDc5NDQ5MjAxMzY2Ng%3D%3D

170 B
243 B

31ms
25ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0NzgxMDc5NDQ5MjAxMzY2Ng%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 14:06:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c7d2f2dd-7220-4637-b288-91321f4bd0b8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA0NzgxMDc5NDQ5MjAxMzY2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 33AE 41 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-An5ZS7jDcD-pirxQN_zBcp9__KCNRTro6h1Yl8Dk7apPcd-rZVttNlpKWqOsX773vMMnOkrNnXhKgskQBu6B6LD7ixAMxVlhjZnQ1xDHY1tlV9ewojt_H1BFrol2UDVVrz-yf0JMwegEmKAy_QMyPAFSA3SJl13_hRAuGDyI9zJN7WKjs&cry=1&dbm_d=AKAmf-CfOHRLbU4Njz-bjyEDMvG1r7iQMJ7fBfL3xoBKERgzzcG7g4vRSjsXT0tDQQT6Tq0gdZOB4MlraY42EwJFKNPfLS0qO9Yi5-BdpoNZpdUM6eppG1zWtCx9cLgBHrYp3UoSjnIrUw8_ZoZy-88fF4uexV4LbTPyF5nxhL67AtEgLKInXgPrguuJPKQ1W7fueoVxrDgOvyK5t5MWtaJjTlmcDuCAjBquucCRvF4bGMF4GFdrM2Owcz8H5sGD_cIQ4zfJSar7wvYStyBBRyLIw1zM70XcItDMz6p0tFOury2ZlZ5j-j2-XQr10S3hiADDksCmXaRBqmYCCWSYTPriCyfUYajFN5h_3WoJsLnyVYxwaoZ410Hfhk7K4-8GWUshVIDIb1SiEo6FxSTsVcSkmZeCVrlYQ9Al1603yHI0gZiHUftEcDDhGf8mC5USrITGLgnHiUS5rDXZZtzGrscVCfnmEu5MEt7zzI0a-QpruTMhQhnVTmecS4ZyNDCrOy5ZzvhuoOsIS9s4-zM_Kzdt1FI-8u1P8sAg--TQhfMdYMZK-Egj7e_mNVOp7gdkFT8qwQQMYmfBhJvByA3NCLKHoXgHt94ZZhBvb6vcqlANGvy8UKGtgvgl7D22OcvTxsnmP336idouNwxZEBDpvKnNBG4QRbXpgA5vmRnI36ICzrmKAx1L_Dz6AMn83NZSlQkoDBtoKoRWe2tgdimuRTWL_eS6zcqZTs7xTip4Yb55sHLawyeKDLPvJ58AZgDsNByIbX7ihw7jdWmZqZT7H3Fe-Xr4o-FcMYaCRZHVARMIDABZG0LhQbHtl8EcogpMW4GlxP10ghIoBxlkfRLX6d3DVyd9zY8gusKtAR1089HpRcUeMZr27_YwnimWQ4zrMKPoNbTouCyP9CAmuzyehaG0papV4Tng6CusgbbPvsAWr30grHa4gSEw1DXXoz3bfe02QPCzk0lwlzMRjXox926zeqYefMIPcQb6neG-uWH-TjI3Jwr-HL-8doJr3u9XxlfzbZH_0VUwriddsmbfLoKd9hroxezA956vRNZug3zicSzjYV5ALVAVL09W-QeNhvSxR97e7Wu4fiPRS67ZqNIRyaC7iuygzMVKTBX5Rq4TWDGisow31RJj_X1JY19vMeOcW-8sdn8dRNWAYvfOF6oU920z40YZrEFO6bzt89SzQgBxVbJLkuQfTW4i3JYyOQL8ejFsXVdCxkdbwNgC2sQNITSU2VYRD49x8f-GXJRlRee6GkLAYgbDbT7oU2lQMBYAGIvQNgf-7cismxoLEqSh5MOTAT-0IWDN_YbM8zPjMFCUNAbd3l0NI6ft3W9VFCaomhJIgrKg7yu5AAqkV0a4cKa0WmoTDk2xyrbZa7Z-Py2QH9rQ18E7HObYPzqWF8vYmfBAZS9M3ch0iwxV0l6EwAnKg8-SEmyOd8lf3YHRja7Ej1l272x53YYxnL-KFBxAx5Ulf8kHlyCVOLb_otgMNhtMPBwD5Yff9qOv2qZePk2gNa4RgjGLIvuYXuMGAbAJL59htIRy53p-2lSSiakf41f-Ndtopx4udzAzZAIbXxMNPyyJxMpIdcpdcVq9oVcz_RK96LzxKuX5_1Rrs6ydh4TdZ5fBmUur5IX82wRSK3HJ3E7uY2Bm-5hzb1wbTbKfEQ3B4SazF6K-Ol0sOG73VPScyLXbUgUnjggOSXViqxTmswsaDylejNbJcIunjAGJn_5fESqdyqtX6hJI2zhSMRMeSqEun2bvbeR-V5gwLBxYB0-p6H0groVhiLfzFVZpVJdf6baMXtwoaRyUWuJuxu5RVulUH2qKKdczUIqFmwVcZA9FQVpZ75VnvAbtJ-dEnxCLPJ4mwk2fZmm1oJuDmic5LMztj92dtpLyh0CqtP5PIgvRn1EoU7584MHNgt1LWqZ142yLZ1rv0TxCmi9crldMeyVdEKORReNpV3XHBt0Tg2_16ygHkqcjdsjy1I57WqQVbvzwKX6CNG_jW8o7XrGfvClgbzV46MhobFNG3VtZeBziy70QNN7d8dA9i3FE0vD8MQ__sgFkTCU1YUvsxwTdrfVmGwmYSxnjwtGkjcYCT4FDPiwMm2sR9-fORXNnB6T8kiCMXMhFK39oEIPLvCUnHazNqVQkizffG6OS4Jd8Lwz32vz2Jy5rqwar_649kVd73dz7v6wsjXdssLTnLQja0YgX4euJFgbuuiTRJOqF10rQqC9VBNWkpFYuFCkydJWEKDZlV8OezNP7qYAxsVT0aw-xz5hTu-iY3DO7CX10NnqC7CbjlIqtrfXohC1gr3BF9DOuhAXJbbifrJ67TiKfSxptIDfN_4VThUiScM5bZwuGFoWQS16j0y18nELWyyGMrDuEqmTiPoYb57SBujCIkBHGdgOJ4lPdc6Zkgmqv8n4nuaKCuAO9SYkbE__xNU_oHe2gBj97heNv3LRaQxw-Bvq8kfctd8doelyWZFtdmGiRXBD0v3M7oIW0ltgWRrQ_xPgAAEWXXMpivp9C6f8AwyTYk5nqgwzGjmWgTwETexp_2DpkrGwWHb77enNtckVxau6BW1aaJcj48rYFkATNpKKHDnHD81gR34uC2-GKeJpye6ThAp7YX_ESAPL8X_8E_vL7JC_vIztxsVDZVyGgvVNCfDSx-gfYjDUgTIrPM6Uskldr2MO4GwYDlzQHZvpDvTcaT_5CBQAYlLEeHVnO1t36uW1VLt7zjFYQfRR5x0eCO6ONQpJevnuH1WDVAgxCOogwxhuFJGjt8nyHQyBfXSMHnTGA7lpNrmfY-xDMZq-3PshxdQ_fb5KlHIU5shZNd28V&cid=CAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmeups.com.br%2F&ds=l&xdt=1&iif=1&cor=1542519458573188600&adk=3944675600&idt=97&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 13:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 13:44:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 22E4 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 183408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 11:09:24 GMT
expires: Wed, 28 Feb 2024 11:09:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 22E4 36 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U1KVG_mJ4Y43Q94sC__L5Y27Ilp_TqM8IF3zBLVmW9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:06:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 21:06:23 GMT

GET
H3 200 container.html Show response
035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C094 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://meups.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 14:06:11 GMT
expires: Fri, 01 Mar 2024 14:06:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C094 24 KB
6 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 00:05:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C094 158 KB
48 KB 98ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:06:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C094 0
0 57ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutTmxA_AwtHAfDhuBIxDPgThLjDUF0KJ6M8t9YOaqtTw2GXxcQjNUOJhk4i6NkfmYKJ2lPfCVZB7Z2vZmfLyhulkydt4IwQ3SOi5DSoKL03gtTjlcx6nLeYx1KQGO9OS41ymoxIylfJLX8l25QD5r7kCWwveN3tuvfWOl44TDBjfvyLZYNk95ki1xgqKgi3HCcSK4Nxy52RRDGlwHgrxmRQxVr_-Vrov_Z0i--etxTzelBWYqQRFAXS27xP7xkTDlqX1og0qEI3dGfnSshiLjFHOSvVUSjPWuZWsC8X2l7rkWdEdbfD1b0lalJXFCPBLSWJK2R1A&sai=AMfl-YRjuYk-Jdd7oMK_baN8yJZnnYRJkJA5P_71xtp4Jnet6DTZ6qmk4G52g_3HPs-hCR3V8cyaSEYMSepXOUH_E7ebxQbhkYH5ZdWJpsZu9JKjgDZ_bCsnjYul_a_Lzzc&sig=Cg0ArKJSzHgHL2c6N9VgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 1920x1080.jpg
meups.com.br/wp-content/uploads/2023/03/ Frame C094 58 KB
59 KB 16ms
16ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2023/03/1920x1080.jpg

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b493f7ee8bda6197e891ae7395c686515334c9a4967fd8dc181b4d254cf71e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20872
cf-polished: origSize=59914, status=webp_bigger
x-cache: MISS
content-length: 59881
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 01 Mar 2023 18:19:45 GMT
server: cloudflare
etag: "63ff9741-ea0a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sQGluh2MMAV03HoLC9jI8Sytq10tK0zaDYvxy4JNDI0ueicqxGiNq4adOyFhIVuNCSNZpOOXpiHGyFyzzZs6i9CufrHVQZnSxy6nYA02SAzBcfN5PS3s%2F2MJpn4tyatSu3L4m8amJBfZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32ee3ba6997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22E4 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqTk9U60AZLThPJaygAeTjqOoDwAAAAA4AeAEAg&bg=!0tGl0YXNAAbK-VRH6vk7ADkAdvg8WpWltVx0eh7_YdYT5tKLkQsjy6qEcogvwn23xjTOFIujbriY2-8q8I6wQ0gbNwbY952wcUACAAAAX1IAAAACaAEHmQLhL1PWIoBxw21C2_vHZrgtn95THQsxnWFaPsb0eeFt9Ul-OtKTWlFS_gxQIEpvAZGZ4Dmx8hx752udOUg-GyecKdrNDyr_N7RFkxPxLz9LACm1jNg3xJfIS-oTuLifs7paLwVAExK4xF2DUHlYPUWSRpaRUqj5tLfCxc6ZubLnbziJplj4FHP4uT7MyGryeouqgYQZFmDrkBFxAVkHdGiXTytJkPn9jZSw4icq_SptNpeVT0iQffoKUmId4UcgceLwyHAZ2dcK9c14i9kU2JyprzPOBAUVUZHRQsSKgT7QzdbtnBd70YgUCxPv7cU2kdMufv4s5KaE1Gd2uHerIy1Vk7Rn6uD4Ki1O3rqjTiN9JvbhHX9f4J4VOZXWlUvOCYFaQygCv8bvoGX6M29t294dT9eECKVZ3nroYPbCUwxtxQli3OW_Svz2tETjUVD4QWG9B1OqIC39YXykKGAsPrwaKe80ZAEMusZLMB9yAREJNSc7Ipd4K-qAjaVJwZ5Pjwlq2HWgNOt6aYPGUzsr_Y9jkswvDa9sP-OVF2L5OPILlAP1CkpWNRAxJ8F2mHiMjfaXrGepnCt_Raz4QMuEVwUrkkX1DuYfqBBuHBSowu06bzj5AZXRk5HjOXTOub7r0M2Gb5w77uSEnbyvWjl9Rap62bBty_EUXQXup84AyI_09_H6uZ5hI1rbBvXF92KtMibJ56bRSaqvh79R4sZkWhpWk-1aMGuQQekc8k46ryerjqUDLtDuybGHmxKpDwhvseSE3z9DuI1IEPBEjC5lsR4DnBKl2IzOykKeLjuyDV1T7IhPYRv6hUFFHHGi4hwsyE22DuBjSq_l2lVDnKEeHiyVuamyuC2uSERyuigCZdLgSP1ito7t_A944ol6DzFfMIA2cz4Vvo5ASj_BApKGo6oiFod_WWS_K7zPfmWQEPszA0FGqDfFRW4YTaj5iWR9O8ns4eGRdFQyB_EjpSBMVciVhgI

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 33AE
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z2...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYelt...

66 KB
23 KB

101ms
51ms

Script
text/javascript

142.250.27.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.27.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ra-in-f154.1e100.net

Software

cafe /

Resource Hash

3d3febed42dcd5e2e07a3dadc143416da5982853a602b159a6ad3540e7f2e3ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23513
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6BCE 91 KB
23 KB 54ms
8ms Script
application/javascript 2600:9000:21f3:b000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:04:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 9291712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: IfMX24aBuHX8hegAaRrK31PWQESIHxOJCRFtZzIFsY2hDz0D_rSMyw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
216 B 607ms
176ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgzpE,pingTime:-3,time:65,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 606ms
178ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgzpF,pingTime:-6,time:66,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:66,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:meups.com.br*&br=c
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 600ms
181ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgzpR,pingTime:-2,time:78,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:453,beZ:454,mfA:456,cmA:457,inA:458,inZ:462,prA:462,prZ:467,si:471,poA:472,poZ:491,cmZ:491,mfZ:491,loA:519,loZ:521,ltA:531,ltZ:531%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:59,readyFired:false%7D&br=c
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame C094 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b973e1e39449ce5d1b956033524846a1db2460bd0d704859d5678f63130b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C094 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvn8OWkR5e_IDSMz8E2dJcQMcHTrwc-cYGPgr7e5kdrlnKV2AGwA6dtQnwBlSf9RBhwGnKIpHOUCswGyGLe_3p-kSCNFb-eUwwIIkVtS05DK_sa3uTSxzPtTg_pte3XMXMogoFNlJQT4X0cHwve2z6yB5Mrp4jHPmqXX2T-QYU_-MTagjIzRufHIQidcS5Ta6sSXQPiqCM8nj4-nNnQfFP3VlDwrLSyOrEfxFWDcSxiK8M3ci3MPFvXyTgdEft9iE6ezhEJge1Havg_WDHHLP926wKyDa_PCdDFAr7yYpYziGooUBJABMcHAYL29QtNFIE0DoJrmqqX&sai=AMfl-YQww3KZVIIjhlJeSBeCslnzjpO09yafVeEATbBVxB5DnwGlkp1B1ZtPAF9r5KK-Bd9SV8zHjfR87gA_VOK8F7iLsI8tovysAYCiiLu9t8mSKg4y1K8FgVJcvVTy6QU&sig=Cg0ArKJSzOQn1qcH4vT_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230227&jk=3784857560961781&bg=!jY6ljtrNAAbK-VRH6vk7ADkAdvg8WvfJIkb_cc9WLz0QeOUuMg9IpxN35p-TZ_LLIZ85jzOaEKuvm42X04RAM0rI3vnHHZ0ZHsICAAAAY1IAAAACaAEHmQKltT5irvFb9mNCEXHUhThtolnGeq8It2EI_f4W5x_FKkRnWlHyChoOjYRoopqA0IhqLDpEtMaJ4G5UR1ApROZx3DMXyHMGLh7uo3nHU_gZcQv5TBh9M52NTQW0FmUzgk_DTYNJWTpAEZPyHIvrTInFGCF7P3lcvAKFkszXQC8yO-BKzMs_bV80mtFZ49m3_gmfVStQ7IdTdyVD-k9rhfN3SrE0w48hJ38nQz90Zp7c3PXrLcxJICfJPE4Kn5_XUsMDCGUenJQXITbn3h-SkS9ARjW87tCKJoGkRZh7Bn2qDvuYTBzZw9MuulVFohmc_ttII2n24gA5d8gcSYSoxPYrjCIzFeOXBKI9SRfbVu5KoNNMlHK1MhutLRcmric07Z9R1oY0146uuCkI5I31RX4owMCj9R91Jen7fS_xj8cDcGXoAE6HFG8PnF3pASkOlqItEAWMjtfY6mUlFmXiPQC6nsxckrp-3p1zwsINEtkkArgD71DVUzxGc-woqLzqLzTRopTbcOdcSloIWmdFGNX7cya1bpG6VtyrUz3VfazPaLaS9FEqG8Hi3bhga9kqnXnv19CxnPeW0I2XbWFytn0ihmAfbYMXNdXwVgX9d8xU0B7crAl76pEK03sEgcyd5FBP6XRs51Pbv709469CQcoagSfM1UazRxF_VxH4R83os6i3Q_v1qllzJeruugaHXo3-OUVTywAe0qlFxRvI0t2unx42PsK5JS90qmFY5D__QFDxcYxmd_Qr1Pm2m4l8qHpRoyHRUIBpwjRrPsz0QNOijtNNnZOGFdWo_4s9pZFYnCEBu5o5EW-fhsEf4FA46TnErFCEm9jclwj5hpp9pKq6ptyuGf66_fUYQKWEDpbgLq9ZepPwAqAC7KdrxfwzvEVnEg0dYNE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 33AE 106 KB
37 KB 141ms
28ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
Origin: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 11:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Mar 2023 11:42:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 33AE 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/69474538/xbbe/creative/adj?p=APEucNXYmfPfoTjVmlF1Jd08IEchMLhOXyCx7g9zBnXZB--j0HxovnQ&d=CokBAKAmf-DYNPeRunfUUtyA03D_nyKGqcMPmTUISgqLAgOoz32fRqiXpWnu5Z29w7UpRn5ck0D_LHYWbo4MlYeltyShW8R3Shnas6XT-gE-HXaNnQ4EPFbtaw6G9hX2IQ1z-Z0XK8tV3j2VSC6X0x3IuU60BV-veekqljere7kdfblIC9jMNawvAS4S6RMAoCZ_4ApCWCcwi7x85WE58MtUxJHqmrK-0rqj7er9qvPjNlSEm3ZpMAMmKFDZZXG134UOnk1PviNPojK3WnUsoXO0Hkp16PE5spjh1muN10z_7I3xQmXEehXA0Z0GthGDNXX4xOlrF5eZKFrM4mOfKtWI1TMHjng-f7tYut4YxySz-9T0qpnGdXtjD1vMpU1p5NeBGMsljjYCMQ2V3qdXQ2CrTrqG2bPvVhUEYBOJfLs-IrigDRWgZluHJBbgibNTODzOIEszKaG7ezwpPidoIty7n0lAF43aV8kW-jfv-8aUIoktHWSpE6hJb2B6WmQakwxnqerYYr2n2NTwzOfUDMvFttgRPHgVTxWivfui1pedRWCaUhYmTK2j6GWh-Pc4O-yRvNXMACEzleEEZ23LwKkozzl9j5rzYOwIsXoDAM3MTvqu3q7twk-L3Q42WDCJf0n8gDHxyAOBmXlXw1EdRLC3YCBQ45u9Iw8OW7YwlJikJmi-9Sie_PErLqz3Qp169oOby9TMCg4s7_hB_kJm3L9koPyEedYC8VnLaM3UcnyQ3-FqXKpSdAZpPIWrFowlS9BBHJFumZLB2OC_4XqqmNyNFziSWCKsbXnn6ZplIXyXFKdKFxTcdvnwNdL_L0F--R_5gqUz3LHtd2kbNXqtm5P-Oioy0faFATDpZJ0Jy8KfPWY_82N-kxuHOyLls4DMx1StNAIvkjZpHEERZGp0iKNPKhENBI8nxdHvP_03LFFxBcJB6bn-LfZi4bs3Dvz4UF7y14jk681r1SGSqEVEaUBh3e7ggfcaYdj3rorR6nHbrkTlzbZZx-HvZzHCUHxVDiZn90rizzq7o64FRIV7dxZtyPUGeZBlyyyqdEo8T5x0Vew6t_4NLzKqeBMescVsTmhiSFUEzeaoERAswfLRAbeylJmTWicxuaA08zProwTp-s9uvPdG4m5fYa0cZ981f84E5Uj0sXRb4YjMH7lvYlTJPj0a0aUx_c6NLO45IZqDzdBWFyoXhKB4iixa4G9rrtIFsduyJ4mwUlwkwpYCUykm1mbeJOGL-gkBNa6Lk2eLe9_NVB10Gdea0TqqElT4XLCDzfonvLCQpG6_giEps-fAzpIW8Ma036RMxOTabgtESr3secf0zO5DgKUp54ckIV1SVPtzCQ5n36g8MU8UmM72pqcrfhF3pphjEJcQ_uw7jHPDZYLSbV-o1_ihkPMq966aBnJAjCqBdSnp1bd8VnIaDOrZ0O9Yf-RI4u4bKUxF3IOqe4wXUodrksi55tgASKo1VvXIAwRwJ0Fg4DCCk9zRfFYxBiw4yjPG9wW4NcmQLKlX199b1i-iM0TD4x3BEqSjqao3jgdBvp_35qaaxlFgb517255NvqluSLIuqBRBtAM9oPP8N4avD6LdLeQHSt55mSMkQ633HXKxM8gHGD-0PSN5QG8o-TA6l0exRdNVBHgt0TbODYVpeSU30lzDyEbMP8XC_XQPD5StJDL72zEwfDNBmT8H081Uh5dHKVTLQVB8wj7S1xVGWa0exOoyEhrqeilCqZw0PzbqQRSVn1ZOl7pxZQv-qvfnHCx3HMnWlgVjdSmbuudSfAPzKZtTNZ2S-qD8yhPKvkWDmcfkdfKoTnKQ3Xqid1DI5NilY7M4Im6o_hGntaMjdQo9zbCpCe_IR6wdpRG-y5hlx8VwgDA6cVJY6gsk0eGueggiynB9FX4LdnHe26FRAvDfymoTh7OPW2q1uOPURrs2YMdfK-b37atU6DJfMn7QnyLOLqw2HhVBqMcsdIMocsP0ZtyTwxobONpCdfcdPyuGBOtPHvtLLO84WR7Rh5u-pOwjIRnobblgNHTZZzolssKLe_4JA5TSMVwfHEevEbcfkrulIk4fYrDF9LPKp1VHlj7GrTfpqNzEqMIx8kSIRlrV5fJQJkgb_pi820fnX42i-L4RlPd4vJKxD5RY9sySibFdqxL_wGlZbAwC02qmH9zXFZRctu0qHKB2wAgAc6v52u-YRwN7tQxLYsCbh7YUdS9xKYEcacD_EidGLcLJsaAWik_1Gr-bnCjULI5Tc0U7w8sHfasNnYyg74Yf3yS1fICXIYm3M3la7ztL_quy9kMpSZo-XLO9oD-edMBQvyqNa6tjeRrFxeFS6qRA67KKrxDesqz67PYq49vfL6dAF8MvBJIrZk5U8LQ0yY982crMmP43rDV6qzQLOUWHnYCY-SO4BoCFVjNzG0AIme1VIMQbH5HHflQNNWpIYQypMGV13T8b4ARIpFT99xpaQIAL83CH2lVjFKseRwmGsOA6WMpKgm-x9XzQGxjZHYD_XelZyjCFGbY9Ak5t2vkJNYVFH9GQC5qrgrfjK1xZhxHzy76dYzWvADMvBrTsZxShmXYdnAJ_wuZUg1RKfcObpLR7_TC0w_hX3uFJYrKF8bp7qpNDwRaKyY4-knSOxZhEjhEGy4iaffJBAqpMzLB0t68hvAgNw8FPHrT1TALBauql2dgYO_IGGfnKLttfEVkDu7wrUtzsvLpqL8ZYB2KYMZYhp_Pj9AoGx8ylr2pqwiN5JWBC9KLmEPYzMd9TerrL3E4gWQRT9pgnOTPvLeStpyRPZ9pMWaTym3mlpjPy-Ax8lGZHZXzyM_3DNKRWUXIXZl5rUQscWl5gy_tulq25bfWYUE0SSqriy24ks9GmAR6YDYDBGlOwe5X-DZJe1L9fSo6t558p_E7PRulFvbv_ip6drGkf_aiI0XXIJFOV6xsgrYxvl85Z6jimOT-v7KCqcBZN_itj1Zxb_cgKEwVd-2UGtYgNneOrFkqbHlsDj1dl3XaWjQBpdXzTKnODsKcTIJ1wl7-swkjVepXf4VhzoB7StNi43B04VSDAkudj5CeoDazcrNNkiNIGlvtUBC7pTnbKKrULMVS60B88Q5QYxHN-34f6u9HAN9PqgOdr-fZCG0Iff0T0sXfMQjW0A7xIFfO-pNvDjZtRQ94IJ-6QGK5-kSjI0iZmvMrvwJasRW8aC6TDiw9q1aQcWszDtYa_1o7yeVyE18ZgejUS62W1MPhebFHfb6fTaKaB6iPEk9gjbVTQD0-TV2qtrlZQugrmKH42Em6srYcl1Z6InvxpJCyZpl4iAljZ0Ka6_pPTqwESY85woUWrPftg8op9i0c05Qgz_QOEL2YMz-8jxxX1w6_rTa9W7fVyMfX9PFSuFL5fBn20tveFZcSOsFf4esDOncB4qxZ7DSbOZE_PjK6-L0hJBCaIslITuNGBt6dQ8KBGPY-Uw8mKFtaHq_c5O7hsCyTyHHWhyrijCF4q0kjH1csFY_ElDg3_dGIdcFi5YUVB_xBrZsQwqZ2SPLBSWFv3i46B99bsZxlyj6Iv66o0hvpTenSqq6PuiEpLJZxw2xpCCAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgBYAE&bundleId=&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-5020212256248417&ias_chanId=1&ias_placementId=18137318564&bidurl=https://meups.com.br/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iqTiphHRo9QI0b24Lt15xD&adsafe_url=https%3A%2F%2Fmeups.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fmeups.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f1e94de5-5a35-2c12-1b8a-526f7ec751ac,c:5IgzoT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-gc46q,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:3,mot:0,app:0,maw:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:18,oid:636028b1-b903-11ed-bf1a-26554d542d0c,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:28:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:28:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 33AE 29 KB
11 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 03:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 03:14:20 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD5A 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 17:13:05 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 17:13:05 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 33AE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b97eb120f46e4a06b3baab365c14499325a4bf8dbdb19dbc0f5e11f48d62c53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEIMb7gbhphVq-NvKHU7MUds&google_cver=1&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5G...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5GvG1_2sRBeoLp7ZY

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5GvG1_2sRBeoLp7ZY

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 14:06:12 GMT
Server: MT3 530 4e92630 master cdg-pixel-x34 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8lPQth8g-b_UJ4H1oawrDwCmKMYHPM06qKW2tk2zmGEDTXt_RDpQ9lnDS34dgtLLyIav4RUvo96rw6pM5GvG1_2sRBeoLp7ZY
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Mar 2023 14:06:11 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AD5A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdA...

43 B
418 B

176ms
162ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a1a32f1a8699180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1032
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOgLeQkFcGS-vFzsrWyoThI&google_cver=1&google_push=Aa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9nOZz_GhULWkGpLyc7g2Y-vQLNPOl4dYHbAsXtFoapVMwNrtjtTyV_8-CfUovWSH8NI3aLKR1ATDZ1DYGJnLn8KedOVdAbo8M%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a1a32f05e0b9180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKwcC8h6u1bktALfnJ-FRu8&google_cver=1&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKwcC8h6u1bktALfnJ-FRu8&google_cver=1&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=089d0ad4-4454-48c1-a910-89b2de36bc57
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=089d0ad4-4454-48c1-a910-89b2de36bc57
https://x.bidswitch.net/sync?dsp_id=4&user_id=d0d02f8d-233a-4eee-8fdc-51bafa7d4af0&ssp=google&expires=30&user_group=5&bsw_param=089d0ad4-4454-48c1-a910-89b2de36bc57
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs&google_hm=CJ0K1ERUSMGpEImy3ja8...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs&google_hm=CJ0K1ERUSMGpEImy3ja8Vw==

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_jiZ13W5iroTO0In5hNmEZ1cHfn7ILoTkpvGw6gJ-FOgBh9fNm56td6_s1qMuKh1IcWVnswiP7-vtLJi70VIg-kL1cexy4bKs&google_hm=CJ0K1ERUSMGpEImy3ja8Vw==
date: Thu, 02 Mar 2023 14:06:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGl1tOKJQei_03ek-qgu1Uk&google_cver=1&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo33...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGl1tOKJQei_03ek-qgu1Uk&google_cver=1&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9i-dGpTOSRd8Mn71SuiaykY08smvSpNS-X4xz_g3vSaickN735-z1BQEQKlUimiQxBVsAKHurZu7oCKYru8Swpo339qpyeB3g
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHZ2xvr_S8yil97qq52pX1g&google_cver=1&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjU4MDM1Mzk3MDQ3NjE2ODkyNg%3D%3D&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcH...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjU4MDM1Mzk3MDQ3NjE2ODkyNg%3D%3D&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y7gw

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjU4MDM1Mzk3MDQ3NjE2ODkyNg%3D%3D&google_push=Aa02lx915mScqFiUq-rzFS9fFyGrtDrPFs1B7Zj1EnF7gmga9d9e3qcHPnSXj6JnFiUi8CV1y-p4Gba4Ni-Lrd_5kC5e5y0ar3Y7gw
date: Thu, 02 Mar 2023 14:06:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESEBCxu4puL9sc0_fl67Y&google_cver=1&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNH...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKESEBCxu4puL9sc0_fl67Y&google_cver=1&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNH...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12ZDVxeklWRTJ1SFJFdktuZGdNb3RvLktydVprbldfQ35B&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-m...

170 B
188 B

26ms
25ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12ZDVxeklWRTJ1SFJFdktuZGdNb3RvLktydVprbldfQ35B&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNHIlOI00qm25MGUdENr-qWyocLgbk4PE

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12ZDVxeklWRTJ1SFJFdktuZGdNb3RvLktydVprbldfQ35B&google_push=Aa02lx8cHLfv_JGiIW_N9_9b329jC_U80_HlxKdLX18oGsb4RGXhz7L-mOj8OcMAPmG9BvRHNHIlOI00qm25MGUdENr-qWyocLgbk4PE
date: Thu, 02 Mar 2023 14:06:12 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD5A
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJeWTIef8...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJe...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=089d0ad4-4454-48c1-a910-89b2de36bc57&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=089d0ad4-4454-48c1-a910-89b2de36bc57&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=089d0ad4-4454-48c1-a910-89b2de36bc57&%%GOOGLE_PUSH_PAIR%%
date: Thu, 02 Mar 2023 14:06:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD5A 0
12 B 24ms
23ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5kLfobAxGgMMdraMG5Ecd22NDL7jj-yAXQ9LBhw5EvuLF-AWpuerDHgGnFNTLRQvYmiv-uk0

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6A5F 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDFXQ8O-NOfKRQ496G033pPJM6_I4h1jHNcfeCcg-Czfo2idaL451BMoKl0Ga4SjQyLc1PwgmfY0WjTb7kvA7LQSMj65D3gIqmq1qYQTo3fqMnA5B5&sig=Cg0ArKJSzKXfvdNq04oDEAE&id=lidar2&mcvt=1000&p=484,315,574,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2283658611&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677765971368&rpt=127&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 282ms
177ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgzuT,pingTime:-10,time:390,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xNzcgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1677765972646%7C%7Cb4a7d2025462fe91c931431611ea7da9%7C%7C15c1c3073e5c3cda0308b87e66c0c1e4%7C%7Cd2a4e2b7e67b9eb6112e5f93f8d8878a%7C%7C66e89875619074b85750768433cb11e0%7C%7C60bddd4d205a37bbef5b576b044d3aa2%7C%7C90ed9cfb3199cf9a4aab1d138c19312d%7C%7Ce9cf003135a46ea6000558233cc8bd1a%7C%7C1663701684%7D
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame F419 189 KB
112 KB 91ms
30ms Document
text/html 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7c56000312821b7a218f4c40ab54d1b72d072f2b27c58cf6906f9b376abd38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 282171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 114781
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 07:43:21 GMT
expires: Tue, 27 Feb 2024 07:43:21 GMT
last-modified: Wed, 08 Feb 2023 07:11:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 33AE 0
0 136ms
52ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteOaoG5R0B6-6iluG0ao8BQqIMhxhckCewEcAUeIk-rzKPzYYB_arYesTe1P2S-n9OXU_Alho3ZYu4Fwbm0qK63BMZ4k9p4ZqhVDtLvYIdkOfvX7_PWg2Lwb2OciHC-Ze7MZfAkdgMW6j_UBc0LQKhW6490YPOuZozynU6s0k1Oy1eO2m0sR310nFq9GZ5XB6gcvPMM-A&sai=AMfl-YRHjScjd8uux6bfVsW63XReAvxKLb6EvgmXdfUcQCruGD9pNh-zI9xOKhhr1iNbBzivjFZ3hF_2HxqtkIRqr9nW7r1vZxigrB-mU7TMz1CfDGOm_gEx6yXzkK3vKp6pFWH56xsZwZWocRGAyxtTxdOV0HY&sig=Cg0ArKJSzF2ZjpZpV2pPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=208&cisv=r20230227.07834&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 295ms
295ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5Igzxr,time:548,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:548,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B542~0%5D,as:%5B542~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:194%7D&br=c
Requested by: Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:12 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 cats-3-500x280.jpg
meups.com.br/wp-content/uploads/2023/03/ 40 KB
40 KB 29ms
29ms Image
image/jpeg 2606:4700:20::ac43:45f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meups.com.br/wp-content/uploads/2023/03/cats-3-500x280.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:45f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6168d6413a7a67ead5fea1455b688fa397ce4351d0356d389424dc6348137a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2136
cf-polished: status=not_needed
x-cache: HIT
content-length: 40525
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 02 Mar 2023 13:09:33 GMT
server: cloudflare
etag: "6400a00d-9e4d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDdYh4fKzI4tq1zvwSeyZuqnCaG92qcGr%2FBSPEosNp5QzMaY2B5hktoorED0H%2F%2FiYeEagNQdnrU075d70mN7gf8BEVxMrM5jUtpMG12BKQknxlQSS4ip5%2Fqvxxn0dT73gRra6dbZpSdnKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=315360000
x-server: E-Consulters Web
accept-ranges: bytes
cf-ray: 7a1a32f208d6997a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js Show response
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame F419 2 KB
934 B 30ms
30ms Script
application/x-javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/Cisco_Logo_no_TM_Midnight_Blue-RGB.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752645f928be20f56407f82495b4addb3b490ee9285bff92ed678b12a322d178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 07:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 905
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 07:11:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 07:43:21 GMT

GET
DATA 200
OK truncated
/ Frame F419 20 KB
20 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07e6f3168093c33bfa27220377734d37ae59e13e3ad1d6220fe1ee429d10a255

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame F419 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 33AE 0
0 55ms
54ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteOaoG5R0B6-6iluG0ao8BQqIMhxhckCewEcAUeIk-rzKPzYYB_arYesTe1P2S-n9OXU_Alho3ZYu4Fwbm0qK63BMZ4k9p4ZqhVDtLvYIdkOfvX7_PWg2Lwb2OciHC-Ze7MZfAkdgMW6j_UBc0LQKhW6490YPOuZozynU6s0k1Oy1eO2m0sR310nFq9GZ5XB6gcvPMM-A&sai=AMfl-YRHjScjd8uux6bfVsW63XReAvxKLb6EvgmXdfUcQCruGD9pNh-zI9xOKhhr1iNbBzivjFZ3hF_2HxqtkIRqr9nW7r1vZxigrB-mU7TMz1CfDGOm_gEx6yXzkK3vKp6pFWH56xsZwZWocRGAyxtTxdOV0HY&sig=Cg0ArKJSzF2ZjpZpV2pPEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=421&vt=11&dtpt=210&dett=3&cstd=208&cisv=r20230227.07834&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:12 GMT

GET
H3 200 Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame F419 73 KB
73 KB 31ms
31ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png?

Requested by

Host: 035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
URL: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 07:43:21 GMT
x-content-type-options: nosniff
age: 282171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74945
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 07:11:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 07:43:21 GMT

GET
H3 200 Zero-Trust-2-Woman-looking-up-and-smiling-Gradient-STE-FY23-Q2.png
s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/ Frame F419 73 KB
73 KB 30ms
28ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13882321803870263048/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-ZTHubPageBanners-Security-ALL_0_105/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 07:43:21 GMT
x-content-type-options: nosniff
age: 282171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74945
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 07:11:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 07:43:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 64BF 0
0 52ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuodp2k1PlIjB7Pa7NrOXB-KxvG5vUpjvJt4WToNXEWnxFTm3WVmGAWIb5cleX_PvdofnyvnXuzAV1lvRJ4yBTw5C1QdG7VmGm9lP8ZyimPwWLpvch8b7BuwytUzzs7n5rnCS1CGGpkqiNK1LCjjJAVdKO1C3uGderv63nzzwW8yh5BB38YrC3SZnwLL8IB7fiUPJ4b8udAiOP4CDztfXsto1arbkTGh-h3dBuTYvlWOzPfnoRFKQvbli6b3xyQBpTp5n6nnO--zyrlluwYJ7ntzGWud9UrePpymPcCcQvaCDPNryYkG8C8gFfwewzSiUXQbZZlcsuanQxk&sai=AMfl-YTiesYWQzwb3yvKOzfSJiwkJ6sXTH_OHTdjZYyIOwGNwNE0VrsNVxlmzDBWZjKJooJ8im5YhS4HMU1YXTjXJNbWQ_vhdwXmrg1smjbdxca7JgILInu8fhFVETjqZCw&sig=Cg0ArKJSzFJYwjwVGqfoEAE&uach_m=[UACH]&adurl=

Requested by

Host: meups.com.br
URL: https://meups.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 64BF 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 13:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 13:19:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 64BF 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 09:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Mar 2023 09:37:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64BF 158 KB
48 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 14:06:13 GMT

GET
H3 200 7962199338496649487
tpc.googlesyndication.com/simgad/ Frame 64BF 123 KB
123 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7962199338496649487

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21357349703b6d70b179f2c4305f6434715ed48af88df302e8d6ffbb8d6913ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:22:10 GMT
x-content-type-options: nosniff
age: 20643
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125477
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 22:01:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 08:22:10 GMT

GET
DATA 200
OK truncated
/ Frame 64BF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0da868798203d37ebd7e6873b47cec701bea2bc1b74ce0b7262587edfa45e4da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 64BF 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEWTJoAg02EFj4ktvLi7RufSI9KlEdVjKoy8SmZqq8C8H7U2GWDNtoyakwzOk8SqFoWQtqDJO5oPGrqL7t6fv1AQ1Q2rcR0ciiKU-OvTCFtpqCWq7mGooE0gdUvk4PKyE8oJNHQowsaOr62NeQNl7hNrWKIMozScF2QKEGMrleLWTIY54jcPSnG9m2PgaHFYvGZx4DyLfPk50pib1WZVbtVg3qtmJm6gwBoRq78isjUvT7eTKrah_UFN1PzOQATIWXpGNEgDXbBOYrWXCZ6_f15vzdoUSjD7m4LXkdfsFk79U0Ko8md3II9swNCxj4y5sDh8Hw20rBZFTtLnQ&sai=AMfl-YTAbSI38voVOXy9WO0bpKosSAukmGW4uPdQN1yfOHNiufy_o0VkPPMW8LgRYiAwE30CM3jbUi084bukIv4ZrCJt-E3_H3fqH0rhhLCkyaU0F8Z79H-_PjCnjme7FfA&sig=Cg0ArKJSzOJiOYZMLhcEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meups.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 14:06:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 14:06:13 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C094 42 B
64 B 55ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUTB9UI92MemS15_cYV3JrCL-VmhBFG6wWW1ZNWRIt5D-zTLc1sWo6xSyrCvzkVdhrt0tWO5njJKaktWKHgDLAEa3LEeuF6Ur8WDcGrFdj5q8ayUJ3&sig=Cg0ArKJSzFIK1Z6t3u2CEAE&id=lidar2&mcvt=1000&p=137,-160,1337,1760&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0.74&if=1&vu=1&app=0&itpl=19&adk=1934142529&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677765972112&rpt=231&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33AE 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUU1eY9xydlaJ3msoBxpe6Kl9rI98lROn8sQpRJgpC_FBDO5YpxWSdJTbNtJSt0rRS-egJXD8WVewfdmoNE77sy4pog--oUv4FJQZ4KMPP0b0wQMmyYaM52m3vKFcD7IEujw74tQ&sai=AMfl-YQnPO-QGxP86Mjwtp0OCQVRYvimcW4CHdMeQ3A68__q5xo94vyRcZ86wnHBbMlD-YtKo_-cZp6iAIHgj79z-lEIh5I5oiLbkzKCX2iSKUaVX8pv4oUuMTfkzCmX&sig=Cg0ArKJSzMmZ5cTBsbW3EAE&cid=CAQSPADUE5ymvR3o035uAsGyZaqdd47IKfIoUf4u5EHjFxMdUi2j3-gRxBBJd9a04-tD7xL2fwECYTh3F0bYnhgB&id=lidar2&mcvt=1000&p=1110,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1857210330&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677765971804&rpt=681&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33AE 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2737816476406&version=m202301230201&ct=76&x=1&cor=1542519458573188600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgA0i,pingTime:1,time:2337,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1336,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1329~0,0~100%5D,as:%5B1329~970.90%5D%7D%7D,%7Bsl:i,t:1336,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:298,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:194%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:14 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 33AE 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7782:212:ba9d:cb03:8ae5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=f1e94de5-5a35-2c12-1b8a-526f7ec751ac&tv=%7Bc:5IgA0i,pingTime:1,time:2337,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1336,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1329~0,0~100%5D,as:%5B1329~970.90%5D%7D%7D,%7Bsl:i,t:1336,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:298,fm:txm72o1+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a*.1135760-69474538%7C1a1%7C1a2%7C1b%7C1c,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:194%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:212:ba9d:cb03:8ae5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 14:06:14 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

260 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.meups.com.br/	1970-01-20 19:38:45	Name: _ga_TJ096WYBFT Value: GS1.1.1677765970.1.0.1677765970.60.0.0
.meups.com.br/	1970-01-20 19:38:45	Name: _ga Value: GA1.3.598809035.1677765971
.meups.com.br/	1970-01-20 10:04:12	Name: _gid Value: GA1.3.2130811244.1677765971
.meups.com.br/	1970-01-20 10:02:46	Name: _gat_gtag_UA_160675682_1 Value: 1
.meups.com.br/	1970-01-20 18:48:21	Name: _hjSessionUser_1727554 Value: eyJpZCI6ImZkZWVkMWZlLTRlYzEtNTNlOC1iMGIyLTM4ZjJlZjQ1OTZhMSIsImNyZWF0ZWQiOjE2Nzc3NjU5NzEwNzUsImV4aXN0aW5nIjpmYWxzZX0=
.meups.com.br/	1970-01-20 10:02:47	Name: _hjFirstSeen Value: 1
.meups.com.br/	1970-01-20 10:02:46	Name: _hjIncludedInSessionSample_1727554 Value: 0
.meups.com.br/	1970-01-20 10:02:47	Name: _hjSession_1727554 Value: eyJpZCI6ImRlYjdjMWM1LWM5YzUtNDM5MC05NjUxLTRlNDc5MmJkNzhlMyIsImNyZWF0ZWQiOjE2Nzc3NjU5NzEwODUsImluU2FtcGxlIjpmYWxzZX0=
.meups.com.br/	1970-01-20 10:02:47	Name: _hjAbsoluteSessionInProgress Value: 0
.meups.com.br/	1970-01-20 10:02:45	Name: lotame_domain_check Value: meups.com.br
.criteo.com/	1970-01-20 19:24:21	Name: uid Value: 16a8c260-9006-4671-826c-f9bc2d8e50f5
.openx.net/	1970-01-20 18:48:21	Name: i Value: 69ace3fc-47f8-4f4e-89fa-393b0733b384\|1677765971
.meups.com.br/	1970-01-20 19:24:21	Name: cto_bundle Value: PVKUhV9OYU1WZm5qTUJmbjZERmtab3M1ajlUR1JjN1FpaVdRNGpFTUhrc3BCcWxsYyUyRkZjbDRtUENyUWszUjVkalQlMkZjT0hIclMlMkY3T2lVaXNqa1htWUt0YlN6Y1dEVGd6S0VqSDN2Vmp6S2F3VHFTdWVDU1hNcks4ZDB6MUkxaTdpSThpZEYzdW8weVBZOW11WjVYRHI5YnUxM2clM0QlM0Q
.adnxs.com/	1970-01-20 12:12:21	Name: uuid2 Value: 2047810794492013666
.casalemedia.com/	1970-01-20 12:12:21	Name: CMPS Value: 2150
.casalemedia.com/	1970-01-20 12:12:21	Name: CMPRO Value: 2150
.casalemedia.com/	1970-01-20 18:48:21	Name: CMID Value: ZACtVD7R-kZsfrYA6qwkDQAA
.adnxs.com/	1970-01-20 12:12:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTtG`5!F!@wnfH8K6pQK`!5=E<L5?%M74LIb<j4a/.dYU)!b^+3C/n)Vj>zOOzZCPhO%nugO%v4VB%nmI-#@6e
.3lift.com/	1970-01-20 12:12:21	Name: tluid Value: 1356580353970476168926
.yahoo.com/	1970-01-20 18:48:43	Name: A3 Value: d=AQABBFStAGQCEFRJKIVBKcS9Gt8k6Qap634FEgEBAQH-AWQKZAAAAAAA_eMAAA&S=AQAAAo3ntfqX9ha1fmAXiC9ypys
.analytics.yahoo.com/	1970-01-20 18:48:21	Name: IDSYNC Value: 18yx~2aae
.mathtag.com/	1970-01-20 19:28:41	Name: uuid Value: 89bb6400-ad54-4400-8037-b503fe8801a3
.mathtag.com/	1970-01-20 10:45:57	Name: mt_mop Value: 4:1677765972
.de17a.com/	1970-01-20 18:41:09	Name: guid Value: 1.864018544428941155
.bidswitch.net/	1970-01-20 18:48:21	Name: c Value: 1677765972
.bidswitch.net/	1970-01-20 18:48:21	Name: tuuid_lu Value: 1677765972
.bidswitch.net/	1970-01-20 18:48:21	Name: tuuid Value: 089d0ad4-4454-48c1-a910-89b2de36bc57
.creative-serving.com/	1970-01-20 19:24:21	Name: tuuid Value: d0d02f8d-233a-4eee-8fdc-51bafa7d4af0
.creative-serving.com/	1970-01-20 19:24:21	Name: c Value: 1677765972
.creative-serving.com/	1970-01-20 19:24:21	Name: tuuid_lu Value: 1677765972
.tribalfusion.com/	1970-01-20 12:12:21	Name: ANON_ID Value: a3nseFM0ing9PBmSUT9Za9i37ZbFxVX4hurPZasohLGtKbYFdWh4VWaEMYsq53kZaB8cHKD2TkyYLKVbyIZbpdImG
.doubleclick.net/	1970-01-20 19:24:21	Name: IDE Value: AHWqTUmHeF44KW6tQvZh7iza0HAK6V6-Np1IYm81tXu4Bkz1TqGTo0tc-bMVW0H4Mis
.meups.com.br/	1970-01-20 19:24:21	Name: __gads Value: ID=8f3520ef772fdb5e:T=1677765970:S=ALNI_MbXBZGOo7YUfGnkmF2rME-jsoEKGQ
.meups.com.br/	1970-01-20 19:24:21	Name: __gpi Value: UID=00000bbd9e70ef12:T=1677765970:RT=1677765970:S=ALNI_MaU-UF9z_v9oDkVX2TNkLO11J5wEQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://meups.com.br/wp-content/cache/min/1/f0cd6a3f192a9993406feb6659b82de4.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

035df0f80d41553b3af7be609657a605.safeframe.googlesyndication.com
a.tribalfusion.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
assoc-na.associates-amazon.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
meups.com.br
meups4.com.br
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.mathtag.com
tag.curiosidadesdigitais.com
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z-na.associates-amazon.com
13.224.189.97
13.225.78.14
13.225.78.37
13.225.86.12
141.95.98.65
142.250.185.226
142.250.186.130
142.250.27.154
178.250.1.11
185.29.134.244
185.80.39.216
185.89.211.12
2001:4860:4802:32::36
213.155.156.181
2600:1f13:800:7782:212:ba9d:cb03:8ae5
2600:9000:21f3:b000:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:4b8
2606:4700:20::ac43:45f6
2606:4700::6810:3865
2606:4700::6810:5614
2606:4700::6812:19ad
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400d:803::2003
2a00:1450:400d:803::2006
2a00:1450:4025:401::9c
2a02:2638:3::3
2a02:2638::1c
2a06:98c1:3120::c
3.71.149.231
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.156.42.0
35.190.39.111
52.208.98.204
52.59.47.198
54.217.61.24
72.21.195.65
76.223.111.18
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
049f38b27bebc779141ae0386ad181dfee1b6b48b7109c8d567d0da5d49e7b46
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
07e6f3168093c33bfa27220377734d37ae59e13e3ad1d6220fe1ee429d10a255
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b97eb120f46e4a06b3baab365c14499325a4bf8dbdb19dbc0f5e11f48d62c53
0da868798203d37ebd7e6873b47cec701bea2bc1b74ce0b7262587edfa45e4da
0e6ff9be6facb2fc4ef2e3a0c0050679cab7751339aba04de9c15b3e19e2c540
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fc6ea694020dde69ced4ea6c1d47dbdbb68ace8868fc0cf19d468f5a2e0c7bd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1b293efd12492e5472ff8ea3cf507a6e36f16cc1dfecd90757625c1910131049
1dd6e1b2da5fd629419a8cc7787a4fad30feb755a843919e2502b3c34c873e6f
21357349703b6d70b179f2c4305f6434715ed48af88df302e8d6ffbb8d6913ec
233a9209c444376564cf5b7217f9e52c82c4133ee2a5691474337a2226bcc6bf
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
2ccdb637c0fcd55b6628c5b59e1377bdd01c67ddaa2dac2ec64c5eec567a711f
30038a4c060b2c2e9608a13061ef813e062beb8414af760911c610c970c5c0ae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bcd0a8875743f0c65a690184b6e2b169112943445163cfc77c23440fb135db
3263ab0324cbc3f666b5695ef43a52025f80131b7246d5276d47a18a1b61dad7
3d3febed42dcd5e2e07a3dadc143416da5982853a602b159a6ad3540e7f2e3ea
3d534465678590b93676e9ebd905a98c8e5fe5380ea8203f2a8949c1aaab82d3
40bf314b787533bc9edebdd1790edbfe96567b115b9f04e9c87b864368f72638
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479f5771e914af5b74ba365b8719613c89a00975939c2d472c4061483f96f800
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de595a836328ac4a40ae13394485ff134aa34723398add6d188bfa17ee0ef7b
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ef4c8883c7cce8adc427049ca96946e759ce76eab2c8a0dc5aadb3bb56c743
51056c85b4b0b52de045da4d3a7c3edcfe3cb4e62e74e32f717d935443ea88da
5352951bf989e18e3743de2c0bffcbe58dbb225a7f4ea33c205df304b5665bd8
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54b81f9de5a85c8755771be7b864d44851b36c46faccf7d7edf8d2a4df0a4c54
555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
6168d6413a7a67ead5fea1455b688fa397ce4351d0356d389424dc6348137a89
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648d58cb04c803361aa168d62b553d1a247ff843ef920fc1de19f7bb441d1bbc
6c5ba79634c51e17055da96bd96a6dbe3e14bbfbf6f0012f6cd7aa634074c4ea
74486676dc0787638869a383c98fd684d1548ec6bb99cacff7326a8cf73a9c52
752645f928be20f56407f82495b4addb3b490ee9285bff92ed678b12a322d178
7653dbb66ab7c858958b003771010673548979ec0a419798a7996d4e60f03872
78b6feb565d0100f5807715c96245813967447efa483cd0222b689b0098382dd
7a97629f7b7fafb922b1a6a4efabd6fb0844f542ddc6d473600893e8edf93931
7aa70b50c97fb3214b0cb69dba5ef0b9521eb4e622d5ac5079d0564cc3addd97
7d7f0358465c5c028a5ed0d3c594b4d034135df53c0931bb688440ef2ba0c1b4
8340de71adcb169b98d9723f6f92040a1ce5cbce6ac8db329450b2d9eba2ba5d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
8ff5116ab200896f52b28613a5c0d0e4c2c7d03948a1d889f950dd7a7e8a4733
90e9077ecc93dc2604e7ba8d0e108492690726648c81309b78ebe2f66e1f56b5
9177750020c7dba717d1161c40bad51f2ade20b8b41e2bd2be6e4c764d4b0965
9303358950d98db2ace51617e837bbcb1b61f5656ae31733e9c0af46f6d8425c
972a280f5082360c5d7b1397776d3b224243ac07fa8186f4edb4dd998cacf613
98e6ddf10e05cf2eaf9ac9c90d396ea7e3e9c80658c956206581c1a88282bf98
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff7fd53c5fc0ef7b3669349f2514eb7c4b533b8d63dbc973cbac7a27143c923
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6ac045b6849b74d069a80b54d87570f77c8b4cbbc494e2df579ca6d8a702f76
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a7c56000312821b7a218f4c40ab54d1b72d072f2b27c58cf6906f9b376abd38d
aaa84e017eb7b9c399e4712bb7fd59ef2cd6a849b4f6a0f25af5e26454a264f1
acef92c13f7aa857d4497fba895e1f80c96463cffddf8c9e39fc735c84719aee
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b0b973e1e39449ce5d1b956033524846a1db2460bd0d704859d5678f63130b8e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b493f7ee8bda6197e891ae7395c686515334c9a4967fd8dc181b4d254cf71e54
b65b9d1a00e0eeb02ad961a7ea0dd7f283b9cf5a096971abdd554fd9b884dc78
b7e8afb66065def15ecac663a216b6570ff32dbe2e3fc4e2610bd9bc1cf890f2
b872dbd6b1974afc18b51b9373d871fd676f173f055470998b39f1c17014e9a9
be04dcb48dba63fe5949a8a9b25fa49eb21663b82bfcaaee8d77a4b709e7c831
c08a41c76ec1f46d447fb3e28065617cdc55b55a3293c14d9c41e505ab53d83c
c0bc3c539e37fa79837326d4c6f9dded360c9c668a30253daec6e71560ec41d3
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d0e6ad0e03fff07b5a1715c93496836075fba3bc819328569ce6300f66cbf357
d26b75762bc60491323aeb3fa43948d2337535322b1442392db0530fe527893c
d5e2bd88a25187a5e59931a5fb61fb4458698d5e572a6bf217da8af0da99d381
d7198ed08224b2fea5a70914f123e85414971809c2caba304a603c2797eccf5a
dbe52452ca91d5add21ca01c8418f8f6eeed8b4a864f3e24114d9dbac4005a56
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b8cabeb857435dec8f4cfaea8d4a557b4198e2d0fe8d25c826005c79a8d8de
e7ff1e8d07dea4c5c56486568f15378acb29730929bb1c1d4da69f0c9ba38de1
ed1ced4c458a870652a99ed4b49af524a9d49f86800bd02c14d2085de49ae8a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b6d1d46eae5114244e530ba0579f0eda1c5a979f6a7d433981971d6b6a309
f462889b8bf8b3a715550c8785f785e85a747cff6e835d91fb821f93ba144d84
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
f98ee02eba1f39feae4ef3af212645f4769c6aa058f0ffb681365cb9013c936d
fc98f281139c88d4be512824a0cafaf4f6b484f723a646c39ca2167ccaea16ad
ff45e0eaff3ffbe06a09ceb10d168f78976a2cc1c4eaeaebec5a7e4d91436446

meups.com.br Open in urlscan Pro 2606:4700:20::ac43:45f6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

91 %HTTPS

52 %IPv6

34 Domains

53 Subdomains

46 IPs

8 Countries

3476 kBTransfer

7091 kBSize

34 Cookies

12 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

meups.com.br Open in urlscan Pro
2606:4700:20::ac43:45f6 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

91 %
HTTPS

52 %
IPv6

34
Domains

53
Subdomains

46
IPs

8
Countries

3476 kB
Transfer

7091 kB
Size

34
Cookies

158 HTTP transactions
6 data transactions