urlscan.io logo urlscan.io
SecurityTrails logo

www.contate.me Open in urlscan Pro
104.21.41.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://contate.me/consultoriabenvenuto
Effective URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20se...
Submission: On January 15 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 3 countries across 24 domains to perform 124 HTTP transactions. The main IP is 104.21.41.244, located in and belongs to CLOUDFLARENET, US. The main domain is www.contate.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 15th 2023. Valid for: a year.
This is the only time www.contate.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 104.21.41.244 13335 (CLOUDFLAR...)
14 172.253.122.155 15169 (GOOGLE)
1 104.18.40.68 13335 (CLOUDFLAR...)
1 52.219.94.154 16509 (AMAZON-02)
3 151.101.65.229 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 13 172.253.63.155 15169 (GOOGLE)
4 172.64.165.7 13335 (CLOUDFLAR...)
2 142.251.16.94 15169 (GOOGLE)
2 172.253.63.95 15169 (GOOGLE)
16 172.253.122.132 15169 (GOOGLE)
3 142.251.167.156 15169 (GOOGLE)
4 172.253.63.94 15169 (GOOGLE)
3 23.222.192.28 16625 (AKAMAI-AS)
7 184.31.52.28 16625 (AKAMAI-AS)
1 4 142.251.16.105 15169 (GOOGLE)
2 142.251.167.94 15169 (GOOGLE)
2 142.251.16.157 15169 (GOOGLE)
2 23.223.17.198 20940 (AKAMAI-ASN1)
1 1 172.253.62.157 15169 (GOOGLE)
1 23.212.72.24 16625 (AKAMAI-AS)
6 34.111.96.116 396982 (GOOGLE-CL...)
2 172.253.63.97 15169 (GOOGLE)
1 23.40.207.233 ()
4 142.251.167.101 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
1 18.238.4.108 ()
2 23.34.59.41 ()
2 104.21.75.196 13335 (CLOUDFLAR...)
1 142.251.167.113 15169 (GOOGLE)
3 172.253.62.94 15169 (GOOGLE)
1 172.253.115.153 ()
1 31.13.66.35 ()
124 33
15    104.21.41.244 (None, )

ASN13335 (CLOUDFLARENET, US)
contate.me
www.contate.me
14    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
pagead2.googlesyndication.com
1    104.18.40.68 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    52.219.94.154 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
static-umbler.s3.us-east-2.amazonaws.com
3    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
4    172.64.165.7 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    142.251.16.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f94.1e100.net
fonts.gstatic.com
2    172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net
fonts.googleapis.com
16    172.253.122.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f132.1e100.net
tpc.googlesyndication.com
3    142.251.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f156.1e100.net
www.googletagservices.com
4    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
3    23.222.192.28 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-192-28.deploy.static.akamaitechnologies.com
contextual.media.net
7    184.31.52.28 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-52-28.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
4    142.251.16.105 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f105.1e100.net
www.google.com
2    142.251.167.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f94.1e100.net
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com
2    142.251.16.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f157.1e100.net
www.googleadservices.com
2    23.223.17.198 (Toronto, Canada)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-223-17-198.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
1    172.253.62.157 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f157.1e100.net
cm.g.doubleclick.net
1    23.212.72.24 (Irving, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-72-24.deploy.static.akamaitechnologies.com
cs.media.net
6    34.111.96.116 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.96.111.34.bc.googleusercontent.com
dts.clnmde.com
dts6.clnmde.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    23.40.207.233 (None, )

ASN- ()
qsearch-a.akamaihd.net
4    142.251.167.101 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f101.1e100.net
www.google-analytics.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
1    18.238.4.108 (None, )

ASN- ()
assets.customer.io
2    23.34.59.41 (None, )

ASN- ()
analytics.tiktok.com
2    104.21.75.196 (None, )

ASN13335 (CLOUDFLARENET, US)
www.routecdn.com
tracker.routecdn.com
1    142.251.167.113 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f113.1e100.net
analytics.google.com
3    172.253.62.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f94.1e100.net
www.google.ca
1    172.253.115.153 (None, )

ASN- ()
gtm-nq5q6wf-zgnly.uc.r.appspot.com
1    31.13.66.35 (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
565 KB
15 contate.me
contate.me
www.contate.me
189 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
112 KB
11 media.net
contextual.media.net — Cisco Umbrella Rank: 709
warp.media.net — Cisco Umbrella Rank: 2526
lg3.media.net — Cisco Umbrella Rank: 6650
hblg.media.net — Cisco Umbrella Rank: 2000
cs.media.net — Cisco Umbrella Rank: 1236
105 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com
51 KB
6 clnmde.com
dts.clnmde.com — Cisco Umbrella Rank: 24531
dts6.clnmde.com — Cisco Umbrella Rank: 28716
1 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
2 KB
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1448
ka-f.fontawesome.com — Cisco Umbrella Rank: 3140
35 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
72 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 9185
622 B
3 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 22091
qsearch-a.akamaihd.net
47 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
195 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
33 KB
2 routecdn.com
www.routecdn.com
tracker.routecdn.com
14 KB
2 tiktok.com
analytics.tiktok.com
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
210 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 facebook.com
www.facebook.com
185 B
1 appspot.com
gtm-nq5q6wf-zgnly.uc.r.appspot.com
455 B
1 customer.io
assets.customer.io
track.customer.io Failed
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
1 amazonaws.com
static-umbler.s3.us-east-2.amazonaws.com
2 KB
124 24
Domain Requested by
16 tpc.googlesyndication.com www.contate.me
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 pagead2.googlesyndication.com www.contate.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
14 www.contate.me www.contate.me
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.contate.me
googleads.g.doubleclick.net
5 dts.clnmde.com pxlclnmdecom-a.akamaihd.net
googleads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.google.com 1 redirects tpc.googlesyndication.com
4 www.gstatic.com www.contate.me
googleads.g.doubleclick.net
4 ka-f.fontawesome.com kit.fontawesome.com
3 www.google.ca
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 hblg.media.net googleads.g.doubleclick.net
3 lg3.media.net googleads.g.doubleclick.net
contextual.media.net
3 contextual.media.net www.contate.me
contextual.media.net
googleads.g.doubleclick.net
3 www.googletagservices.com www.contate.me
googleads.g.doubleclick.net
3 cdn.jsdelivr.net www.contate.me
2 analytics.tiktok.com www.contate.me
analytics.tiktok.com
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 www.googletagmanager.com www.contate.me
www.googletagmanager.com
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
2 www.googleadservices.com www.contate.me
2 p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com
2 fonts.googleapis.com googleads.g.doubleclick.net
www.contate.me
2 fonts.gstatic.com www.contate.me
1 www.facebook.com
1 tracker.routecdn.com www.routecdn.com
1 gtm-nq5q6wf-zgnly.uc.r.appspot.com www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 www.routecdn.com www.contate.me
1 assets.customer.io www.contate.me
1 qsearch-a.akamaihd.net
1 dts6.clnmde.com googleads.g.doubleclick.net
1 cs.media.net contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 warp.media.net www.contate.me
1 cdnjs.cloudflare.com www.contate.me
1 static-umbler.s3.us-east-2.amazonaws.com www.contate.me
1 kit.fontawesome.com www.contate.me
1 contate.me 1 redirects
0 track.customer.io Failed
124 40

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-15 -
2024-02-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
dts.clnmde.com
GTS CA 1D4		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.customer.io
Amazon RSA 2048 M03		 2023-10-19 -
2024-11-15		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
routecdn.com
GTS CA 1P5		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Frame ID: 3A6EA5933241655D3764A412D1D07506
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: DA8E0E6CE0A208BFD959489570534B69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8087468988098477&output=html&adk=1812271804&adf=3025194257&lmt=1705277325&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705277324612&bpp=557&bdt=200&idt=812&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=859819047605&frm=20&pv=2&ga_vid=634487327.1705277325&ga_sid=1705277325&ga_hid=97391175&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795922%2C44809004%2C95320378%2C95321626&oid=2&pvsid=4026012994216817&tmod=1994298513&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=832
Frame ID: E5FFA0D1586DA9B454A62981180EEB83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8087468988098477&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705277326&rafmt=1&to=qs&pwprc=4849755504&format=1200x280&url=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705277325991&bpp=2&bdt=1579&idt=8&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=859819047605&frm=20&pv=1&ga_vid=634487327.1705277325&ga_sid=1705277325&ga_hid=97391175&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795922%2C44809004%2C95320378%2C95321626&oid=2&pvsid=4026012994216817&tmod=1994298513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=18
Frame ID: 5B5C114BD184EDD356977545C02010E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 71CE7DD873DE26BE315FFE01937A354C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: A0BEC61CAA5DA77C66F26D692E6FFD1F
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: A919C173234D3DB95707E7B3FC334C65
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 2F45DDE5E68D6EFEB9063C7F5DDDDFCC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46789C58CD2AFBF0AB1C79B2A081670E
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Frame ID: 2478513E08E831D18A36C58372139888
Requests: 20 HTTP requests in this frame

Frame: https://p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 97D546C6C810F1847C4BEA38A6418EE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 438FE899CB9EF76019D5C3B454D52059
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 32A38347F21575792F5541B077F9F0CC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2972&&kkdd=AA%7Cu%7CAn*93H&53=w&444=d9gziy*5zy~dQbHziRJqPzUqE.Hlzonp)halW)fm9449J*8X_XyA7wuOZke1gucEed3wQta~5t)%3D&fU=weCx-eeQ-ejjuIQeQQb&1hR4=C&VZRl=C&*hf=wwIe&dZ*o=yQeu&*Uh=jNYeJeewk&*R*h=J*718.nH~OknWw~~z44O*3%3D%3D&*4Uh=bjIx-ex-x&ZU9o=wbC.bCC&**=N0&Z*=FT&*iMV=t0g)FTp&RUh=jDFbNLJbb&dRUh=qLDknvb&iddRZ=w&MZo=x&H1h=I&lhdw=jNYYuOmjt&lhd-=IwCxwuIbj&Xhldl=Zh-%3DMH55Sdd%3DCSUH45~5%3D-CSH5V~R%3DCKCQxuS81o4RV%3DCKCeSf3~o.*%3DCKjuSfUZ~Zh%3DQIbSh*-%3DwSZ*h%3D8MSf~lZM%3DwQbejeSf5-4~Zh%3D-C-ICwwIwISUH45~X%3Dw--QKubSH45~dc*%3DCSZdh%3DlZ3Uad~C~i8ZdS5lZd%3DSfUZ~H45~X%3DCKxbSUR%3Dw9gowWSaXX%3DCSfUZ~H45~5%3DwCS4UURHl%3DI%2CxSod%3DwxS4*%3D-%2C-S4RZ~Zh%3D-C-ICwwIwCSfUZ~X%3DeexKIISH45~X%3DCKj-Sf5-4~H45~X%3DCSf5-4~H45~fU%3DwkzwbSH45~dfU%3DCSH45~5%3D-CS1*ld%3DxCCQ-QSXX%3DwubSff%3DCS5-4~X%3DwCCCSo4RV%3DCKCeSf5-4~H45~c*%3DCkCSRZU~*%3Dw%2Cw%2CC%2CC%2CC%2CC%2CC%2CCSXV%3DwSRZU~h%3DCSlQR~X%3D-KQ-%2CQbKjISZUh%3DbjIx-ex-xSZh%3DCSHUh%3DQQujUTPPxMhnFxY0)WSXdh%3Dexxu-Cew-ebCxxbexb-ux-xxjQbjwu--eQ-CIw-QbQeuIu-CQQuwbjQIQw-QeQwbbexeujjCbbex-xuwQu-I-Qejjbb-bbuQQQbbejISf3H%3DCKjuSh-R~5%3DwCSQR*a%3DwCCCSHUV%3DCS81~VZi%3DCKCjShVV~Zd41%3Dil4V8MWSh-R~X%3DCKubS81h-R~X%3DCKu-SfH45~X%3DwKw-SZZ%3DT0S**%3DN0SHU3%3DzwS*o%3DCS4RZ~X%3DQbKjISfH45~5%3D-CSNP%3DQCuCScX~H*%3Dz-SMdZ%3D-ScX~**cZ%3Dz-S*d%3Dd848Md8SXZZ~6qB%3DT0%2CT0SXlZUZ-%3DwubSXhd%3DweCx-eeQ-xSXlZUZw%3DwubSUZgoa%3DCSUfH45~X%3DCKjuSUZUa%3DCSXUh%3DCKCeSh*%3DjSf5-4~X%3D-KQ-SUfH45~5%3D-CS*XhR%3DCKC-CSUdWRo~Uh%3DweSZo55o4~dl1~Uh%3DlZ3Uad~C~i8ZdSZHRR5W~dl1~Uh%3DShodo*doh~dl1~Uh%3DlZ3Uad~C~i8ZdSfUo3lXU5UdW%3DCKjuSR8Z%3DwS*d4%3DIKej-ICCjkzISl*~dWRo%3DwSlhX5c%3Dwjw--ewjCISlVR%3DwS81XUh%3DCKCeCSXa54%3DCKCwCSZHUh%3DShd*%3D3oZd~84ShVV~o4RV%3Dal5ZoShVV%3Dil4V8MWSXhR*lRh%3DCShl51%3DHMUZ8M-bSZ8XR%3DS.Uh%3D0E_zRHXzjCjeIbjujjCujIeeSidV5%3DwSlh~R8Z%3D%7B%22d%22%3AC%2C%22R%22%3AI%7DSh*Hd%3DeCSh81X%3DCzwSo*R~HZoh%3D7wCSo*R~RCx%3DCKCQCQbI-xIxeeQxxQbxSo*R~RwC%3DCKCxjCQxxIIbwuCQC-xSo*R~Rwx%3DCKw--ewuxbCbwCwebwuSo*R~R-C%3DCKwbCuxCeIujuwCbCujSo*R~R-x%3DCKwjbuj-CQj-jIwjuwQSo*R~RQC%3DCK-weuCejIIxejubjjQSo*R~RQx%3DCK-I-uCCwQxexbCCQISo*R~RIC%3DCK-eweee-ebwIj-bxjbSo*R~RIx%3DCKQC-QubebuIjIbuxbSo*R~RxC%3DCKQ-bQIuw-j-bub--bSo*R~Rxx%3DCKQeCu-jCuueejxexQSo*R~RbC%3DCKIw--wwwIj-CjeQbuISo*R~Rbx%3DCKIbw-exxjCxuCej-IISo*R~ReC%3DCKIuIQjICeeuwb-eQbSo*R~Rex%3DCKxxICju-CCbeweQuxSo*R~RjC%3DCKbQwCIIujQeCwebuwSo*R~Rjx%3DCKexbxQ-ue-jjCQj-xSo*R~RuC%3DwKCwuxuCexbwuujwIjSo*R~Rux%3DwKjeQCIb--CjIeCe-bSo*R~Ruu%3DbKxbxCjwQCICQQCIQSUX*%3DwSMZ9%3D-Sd1Z%3Dw-C.bCC%7CwbC.bCCSXZX%3DCSXZR%3DCSdV.%3D-Qx&Mdf=C&VVV=H_8ZTaPE7kc%3D&U3=C&UMPa4=w&Xh4Ph=IbC&XUh=QIuCbb&V*a=ebxu-&WhZR4=w&Xlo=n.o91..%2F19Sn.o91..l19SIoo&cldR4o=w&cldXUh=zwC-&*lh8VlUM=d9gziy*5zyztLiTI-zHHahMxF_i-UNCTb7hQ-WIPL*2vFt2~cW2891%3D%3D&WR5R=w&UZUh=x&lhf=PMfoZd84%20m8*HZ&ZZV*4~fo4=x&R1Uh=RwwwjuwQwx-wd-C-ICwwxCCCj&ZZ5h=%7B%22ZZUR%22%3A%22jbKIjKwIKC%22%2C%22ZZ**%22%3A%22N0%22%2C%22ZZZ*%22%3A%22FT%22%2C%22ZZ*dW%22%3A%22d848Md8%22%7D&idV5Z4*=w&sflct=9134454&ure=1
Frame ID: 7C1C52AE567F99812E2652BDA008901C
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 8C7A24E5355B4831A9C2961648162BC5
Requests: 2 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 292D68DA5DB0BDCBDA703ED3296A3088
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21F68E656148EBB98B3EEFD3C2379009
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E833EC8D16DABBF36C047F5508DED7B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://contate.me/consultoriabenvenuto HTTP 302
    https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20An... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

124
Requests

98 %
HTTPS

0 %
IPv6

24
Domains

40
Subdomains

33
IPs

3
Countries

1741 kB
Transfer

5874 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://contate.me/consultoriabenvenuto HTTP 302
    https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CSKv1jXekZfnSH8i-kgO0ppWoCe7x4I10tqz_xuMR2dkeEAEgn_mhnQFg_aiNgegDoAHzj_upKcgBAakCnF5Mi3Zfsj6oAwHIA8sEqgSRAk_QbRZiB2xjAfZ935oVZaFb1zcRZ_wITR0LDt5hBXlOBBzaCWX8BApUYhgoPR-cfON3OtuHPzTWAmIJ2IJCWeckQxkHVjvIVbOrDdmcCQiPDiet2N4CEe22KN413Hr978HhqEwngWJ0QW0zuvZUADMMRRgqawxCNzUEZ52t5wnyemVUIxNG_5JWkh5MOqm5jZaDDspPf8zTlF86i6LhdfmbcgJkW4aCvsV91TZ75-_dJ4zL2lDbztacSzt7J7npQU2QG5_-agr675VgGHpnQ6cwtT-F8uyztavIP40xvBxf9kOrRGxM_ZJqloFS3-00Wmr6m1hCOYFh784VdcG_Sn-6zV6kSacMCUt4OqDWjJjEBsAEiOvaz78EiAWfl53WTJIFBAgEGAGSBQQIBRgEoAYCgAfzx8uJBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKLkA9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYko7qiY3egwOaCbUBaHR0cHM6Ly9jYS5zaG9mYXN0LmNvbS9kc3I_cT1iZXN0JTIwZW50ZXJwcmlzZSUyMHJhbnNvbXdhcmUlMjBwcm90ZWN0aW9uJmFzaWQ9em13X2NoMzI1JmRlPWMmc2NsaWQ9MC0yNDAxNSZnY2xpZD17Z2NsaWR9JnJhYz1iZXN0JTIwZW50ZXJwcmlzZSUyMHJhbnNvbXdhcmUlMjBwcm90ZWN0aW9uJmxvY2FsZT1lbl9BVYAKAcgLAdoMEQoLEODIiMqGhqP0zwESAgED2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgwODc0Njg5ODgwOTg0NzcYAA&sigh=_CKvki1UOYs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_EuVigNNQstouQdwILheQbsY8djvnFeXFRm6g2SjyNzG9J-jzQqHRSLaMoHl_gL5WVpcJk3zIwlkX2oGUEaO_AJB7jz62LE6bUhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x540734371e025d3f0000000000000000%22,%222%22:%220x9062be126a624c000000000000000000%22,%223%22:%220x8a964d59593a416a0000000000000000%22,%224%22:%220x993969fb0ddce2590000000000000000%22,%225%22:%220xc0af0c3a6e466c7d0000000000000000%22},%22debug_key%22:%229423680489805644059%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226586505100016319105%22}&andc=true
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ4Mjc4OTI3ODk5NTE4NzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEO4rvmrxe83VI_EMqjIp8q8&google_cver=1

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request consultoriabenvenuto
www.contate.me/redirect/
Redirect Chain
  • https://contate.me/consultoriabenvenuto
  • https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
24 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
b13c78313b465e08f46bdb511cdbd97dc2760d2d62945cd2624c72ab326bae59
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8459e2caccaf53e9-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 00:08:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4X6mGLB1SurSKOtj4uPeG7pNh7mALNpr40NvgRaGR6cFs62uBg8Dol9SDI5V7X3GDI19gx8EKLK9cKEPvyx%2BhAYAGwyQmyfn8cA4JfvjdWAUwZiJ59FE3EOFHP7y%2FPmggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8459e2c7df1d53e9-YYZ
content-type
text/html; charset=utf-8
date
Mon, 15 Jan 2024 00:08:43 GMT
location
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj025ALY0niI9fbMY%2FGvjPP6nJhJc3K%2Fl%2B4sEG6daWzUtFrnusuSGcm4pGOgMcvlwNLRCtLNArkZ1K0czIN7qIU9eq5leX9eUX6c82L9FT9FVbLmw7rFtJLAkqfO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept
x-powered-by
Express
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
d106950468ec8cf3f14d04d8e9daf2850eb6da310ee1d3d84e5fe9e10cff316c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51494
x-xss-protection
0
server
cafe
etag
195282661544711272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 15 Jan 2024 00:08:44 GMT
styles.css
www.contate.me/umstyles/css/ 		357 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/umstyles/css/styles.css
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef77e7ef0bbf3f0cda95afad5d737b8aa66bbe59ebc981e29ae3f0446459f4e0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 27 Dec 2023 15:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"593c8-18cabfc7450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdLQIEZScf1uPxbD0by0jcWqtNeu5IF5LCUwZf12l8mK66TvFSNFdjOzmmvquyKeTFcLn%2FFtdPcRI0%2FZ6f%2FdH6uAuQCMU3SkNBLvYDL2FNsg9hBzEj86uXWXtWPoAcsfBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=259200
cf-ray
8459e2cda8ce53e9-YYZ
alt-svc
h3=":443"; ma=86400
style.css
www.contate.me/styles/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/styles/style.css
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d00d4c6e02bbd9df12b60623cbcc68a5d992818092b21f843e9e71c717b3ac8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 27 Dec 2023 15:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"b6d-18cabfc7450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcF1Rb2NnLTgRUHkOu%2BZ9xqSNiTMy7EouBvAoWTivBpGW4vlsVQDl3xQXGSrnew29CIWE0LmnJWJi8YqnTOF2jqirzDtln%2F3BAJEX8yKt%2FLYkR4dcQEw8%2FdCwzigPiAfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=259200
cf-ray
8459e2cda8d353e9-YYZ
alt-svc
h3=":443"; ma=86400
f3f3ed8b0d.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/f3f3ed8b0d.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85865508ae159639967ac5625223ad6593134f219c299967a7643a957cec33b

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:44 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8459e2cdeb9f711d-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F58mXa3NnGhOKhjN4-yi
webpack-1b7475845033e00e.js
www.contate.me/_next/static/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/chunks/webpack-1b7475845033e00e.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfcf68d7479d7f5d3244af0971d7b67c12bc9fe8f6d6eab36e1b721550bec12d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Dec 2023 15:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1064093
etag
W/"d2b-18cabfdfaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3%2BFE7qbRRKMYPzFp0wnVo3U9hro8ReroUSG2zrfw%2FDrornI2D4GM2EbQXzF1k9KwkTgqHPU0vXhbg5wA1b3%2B3y397kg1cbcuAWZo5bTPu63qNl85ETg9OdbhJ6pzw7ABg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d23e4fa1f6-YYZ
alt-svc
h3=":443"; ma=86400
framework-4c3194704528425d.js
www.contate.me/_next/static/chunks/ 		137 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/chunks/framework-4c3194704528425d.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Dec 2023 15:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
795650
etag
W/"225e3-18cabfdfaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5kBJJe3cjHLnXrvmnds30DhQiaIKBsgkKKEbNY6yXnO3CV6DW0q%2BuK%2FEH2cE%2B2tz0mgH1%2Fl5Y6Jlo%2BRV6371ZUxLhjCz0rTvLZwXDFwps7YkeWDvIrcKERRqYzwvK0HZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e76a1f6-YYZ
alt-svc
h3=":443"; ma=86400
main-52d79d0e091148ea.js
www.contate.me/_next/static/chunks/ 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/chunks/main-52d79d0e091148ea.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86b014f0d148f0961c9e70622eb9db2f1e8efd55901f09e14913049eed57a721
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 18:34:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4015524
etag
W/"15642-18bcf1cb900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulpx9daKTC2GLAqXOV5W779zzU0oTxC7Yw1NnDG9ElCdtMy7pQttrpktgVHQGYOAbUePeJ9sXOJdnFaLD6SmmQpdHNvq%2F4XO2onj82Mg4CwKHZQ56uHTcpZgn694CWalbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e79a1f6-YYZ
alt-svc
h3=":443"; ma=86400
_app-d2fad0e84d208414.js
www.contate.me/_next/static/chunks/pages/ 		104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/chunks/pages/_app-d2fad0e84d208414.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780fef0d13fd88989022f1d7a5b63ef3ad72455a4657dce2a9340cb402f4d0a0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 18:34:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3862510
etag
W/"1a083-18bcf1cb900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q2skrYRnUzdAIHPIBZ9WRhHOKM3FwX9wgbEKhhozQMW3Q71xhqDRCJfc81X%2BnqWoYUfCb65wc4IoZKK%2B%2BIh%2BPwOdsZ8PLj3K9JyiqYTWUjV7OsOs7S6A4btrNBhNjCPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e7aa1f6-YYZ
alt-svc
h3=":443"; ma=86400
%5Blink%5D-f53d809e6c8c6642.js
www.contate.me/_next/static/chunks/pages/redirect/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/chunks/pages/redirect/%5Blink%5D-f53d809e6c8c6642.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1554b4fa9a9ed10894685688b767410e6d3c31c20a796d24c62d0da0c44cbd36
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 11:35:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5756525
etag
W/"1ca8-18ba9913df0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzQB5zxDIUNEn8GMiqkr9zOkwij3zVg6FVJ30QPmUWccfIpa3jasg%2FZ8Mkj5O57uqRoDfoGx8soX6gi%2BOVIVmHx4BWw2ssI7J45LB0ZRZHcUXpv12%2B2l3YqbeArNgO%2BP%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e7ba1f6-YYZ
alt-svc
h3=":443"; ma=86400
_buildManifest.js
www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/_buildManifest.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f52c8ff00887f1ff709cded4ca1083adaf47dc699657ba33633d19632d1c836
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Dec 2023 15:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1064093
etag
W/"14a2-18cabfdfaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpB%2F%2Bhgupx3GFJVpDLlml6V0iSJyynJwblcsc2uLnf83qNtGgkYINg7DK0L1TJjqV3Msd%2FjMDEjSaq2paDl1uXdc91jEs72e5gJbc6QwjhA4Oao5WnKoN2jbDSnjhGRuWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e7da1f6-YYZ
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/ 		77 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/_ssgManifest.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Dec 2023 15:56:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1064093
etag
W/"4d-18cabfdfaf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbVpvcB3wZvLEqUWj%2BByzee%2BELOcX%2Bg%2BeBtSK3hF6uNsYgK0CU6T4LFKQN6NwX5lXr51OoRYxsPOOfyQHkRPvazdJeue1WS7cVkHNctHXNuk01zhR%2BF7ck0df9gr2Dd4Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e7ea1f6-YYZ
alt-svc
h3=":443"; ma=86400
_middlewareManifest.js
www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/ 		92 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/_next/static/0KRoBgr3shgKLzpNel8EA/_middlewareManifest.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 27 Dec 2023 15:56:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1064093
etag
W/"5c-18cabfe4528"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BAXBWjiAj4gXE9Kkl%2Bz8CULdu95kZcLsVAV94x%2BXNpVp%2FZQQC%2FxRkvvnsLt9safUH%2FC18vg0YaWr%2Ft5Sc7vivUe9RakwszFhDnWUKMLEOdlUddkG74shZImqbDwcA4dpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8459e2d25e80a1f6-YYZ
alt-svc
h3=":443"; ma=86400
contateme-umbler.webp
static-umbler.s3.us-east-2.amazonaws.com/contateme/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-umbler.s3.us-east-2.amazonaws.com/contateme/contateme-umbler.webp
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.94.154 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
4b9b91f60d928f6bcbb51c70c52d968257b784c043dd7432130eb8f5eaed41d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 00:08:45 GMT
x-amz-version-id
UDqe4iw9MuX5aYM4o__7hFvFY7g2DRYZ
Last-Modified
Tue, 05 Sep 2023 18:17:59 GMT
Server
AmazonS3
x-amz-request-id
CKV581GK2V0R90WV
ETag
"c64ed413086550e574e883406402429d"
x-amz-server-side-encryption
AES256
Content-Type
image/webp
Accept-Ranges
bytes
Content-Length
2032
x-amz-id-2
GQZQwVvVpufcWaZKABJh4dKMA1xVkOsDXLfpxq1CTzfLmN57zpO7J+oNS/byQyaYCQQReIJlf3A=
index.js
www.contate.me/umstyles/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/umstyles/js/index.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387bdef729359ac18426a8e9b37cc472f0fe3a7e9b82e65f47014e93faf9339f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 27 Dec 2023 15:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"131d7-18cabfc7450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6OOTYrCOIh%2FDbTsz4nz5zeFv%2FwnDyBS%2Bp0SWN7rxTLcKY8Bbkwcor%2FGEeMLEkNPDrVYdWI59xaBFwMsjdOJ5ew75UxZQeVtCuj%2F9gnrc4PYHoXG8mAuwFuo73kxMRd85A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=259200
cf-ray
8459e2cda8d453e9-YYZ
alt-svc
h3=":443"; ma=86400
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Jan 2024 00:08:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
11107530
x-jsd-version
1.16.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7831
x-served-by
cache-fra-eddf8230124-FRA, cache-yyz4562-YYZ
x-jsd-version-type
version
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/ 		77 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Jan 2024 00:08:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
517864
x-jsd-version
5.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24059
x-served-by
cache-fra-etou8220091-FRA, cache-yyz4562-YYZ
x-jsd-version-type
version
etag
W/"13417-CF7M/QNtoe32ATiKaM/lyzFrHiw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
darkmode.min.js
cdn.jsdelivr.net/npm/bootstrap-dark-5@1.1.3/dist/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-dark-5@1.1.3/dist/js/darkmode.min.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c91420d424894795d019a0e6a1506c66a2d731251895d99c0bdb3b70ff4b196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 Jan 2024 00:08:44 GMT
x-content-type-options
nosniff
content-encoding
br
age
2758106
x-jsd-version
1.1.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1409
x-served-by
cache-fra-eddf8230031-FRA, cache-yyz4574-YYZ
x-jsd-version-type
version
etag
W/"112a-tNY2yro+/w/lGlYtg5QmmwT4+jI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3857728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6714
last-modified
Mon, 04 May 2020 16:17:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffc-619d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htU8B3u%2BsNg%2BRNGAEG2aukjcf2MDR3l7VT8DbXFWhlSGst5fHDUh9FDlleQzY0C%2FOyXv90eyWSswVqzW8%2BLv0qFBR5vG2YtmciUvoU9lZuHYADQLlQ%2F87CVPwM3GaBsPb%2Fg%2BamYQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8459e2cfdbb636ca-YYZ
expires
Sat, 04 Jan 2025 00:08:44 GMT
script.js
www.contate.me/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/script.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7815ba157ef92eed30e05c3e32fd143b2f61a8c764a0ca1aca2ce5a6136f607b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 27 Dec 2023 15:54:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"519-18cabfc7450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OyB9pf5Hg1W52D1qRsLlhgYn8Ui98ILwLP%2BHGiXzVkJn8rPb2dtVOTqbUYgroNVYCH2OrSwOEd3P3xFXa1F0SJNiJiKdb%2B5NHO6BCnpPAA1EaltQr1B8mUD%2Bly%2BLJyWag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=259200
cf-ray
8459e2d00a5ea1f6-YYZ
alt-svc
h3=":443"; ma=86400
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
d0de96421eff1016d5bc5dba1eac3e3d69e119aa65002b4cec1634ab3b8d047d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139352
x-xss-protection
0
server
cafe
etag
15951509360401147011
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:45 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame DA8E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3639
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:08:05 GMT
etag
3009746639812436877
expires
Sun, 28 Jan 2024 23:08:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
free.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		101 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=f3f3ed8b0d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f3f3ed8b0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.165.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
via
1.1 e14852d4795a20bca94d54bc63e09250.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
3896610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:52 GMT
server
cloudflare
etag
W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJzGPe5UrIY0Dza%2B0XhCRkDMBHXJ7hgjhkeKHW0RCV1CA6u%2BOqQumFIMgT%2F58W8H%2BPB%2Fn0k8tP6RM82QMBVyTgkJtwT0v%2B5YH7DEBNbChCA%2B4%2FMoPGh0tfBXWeglxg88qPn046Vpyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8459e2d2cab442e7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
iBcebmbhDtSFtEKSwldiZOKfXlP5WsdiQs1n4eBiobFr-WFZdwzLdA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=f3f3ed8b0d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f3f3ed8b0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.165.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
via
1.1 2da1a465458d2c4bd692e693d75f0780.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
3896610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q043vSMQKOVhXkkqDa15bP0Q56Cnq7SO2b4dLbNQVj5QTuu8GAKmdZ%2F3Z1NZA6EuQp0mmSA3PAEfP9yP0%2FhVIP43hBHcGiIsufDYUmMvwQTWTO46D%2FsMgD0LAv6IWSYdIz0nx0cgNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8459e2d2cab242e7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
udyD2XKL4cARLjEPOvWV8_DUxhVB8Huwq72sWijWpEMdAF-ijVj1RA==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=f3f3ed8b0d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f3f3ed8b0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.165.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
via
1.1 b8a14e264cc616c0c59fba7aea8f19be.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
3896610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8oCipJMo2kN4%2BMkWumr9Z8hKvVPMKbmz1WU1tnEHWDS21FbaJnxWCzKF7t4DebUaZ%2BRfo0owwhg2lExuZ3Lm%2B4qeZwNFpEVxW%2BMsJ4FTGviNRUDa5f5NPODwBGEim2unLDKiygXnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8459e2d2cab342e7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
bgNgwavj4xozeE5T_ilWYwK12sJXCuJ0EXAoSUVY2NHoopO0Brwx9g==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=f3f3ed8b0d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/f3f3ed8b0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.165.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
via
1.1 c456cd1dcda544d97e59ee05afbea4a2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
3896610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 30 Nov 2023 17:25:51 GMT
server
cloudflare
etag
W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocyVB%2F%2BlgZP7br%2FOncRsl%2Ft98Xx6yG7fMJq5vPoNsJZHdbtC0xguqMbxp7cREyYNWI2U01WQEGT7qpgmJPkIFZ7y%2Bph2xygW2vAs5qlPf6iVzCxnBm%2FvtYKXsqZb%2FiwfR9WNOAE5uA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8459e2d2caae42e7-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
v6OH5v2nHnYGg58RwJfSO0LUVjVlN87stgPdCfb8hPV_tHy4R5M7ng==
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:22:53 GMT
x-content-type-options
nosniff
age
276352
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:22:53 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 19:36:48 GMT
x-content-type-options
nosniff
age
275517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Jan 2025 19:36:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Requested by
Host: www.contate.me
URL: https://www.contate.me/_next/static/chunks/main-52d79d0e091148ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
4d7b12016a30ccf0b21c216a5ea587481b887d650c48296296fc177a6078ecec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51488
x-xss-protection
0
server
cafe
etag
1513532547556643417
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:45 GMT
session
www.contate.me/api/auth/ 		2 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.contate.me/api/auth/session
Requested by
Host: www.contate.me
URL: https://www.contate.me/_next/static/chunks/pages/_app-d2fad0e84d208414.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.41.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaeEafaJBA3kSq7BE9zwgIraRWpZ3pqh0e0GrKugjnpmnm8IUKmL%2B1GcK5KaQXSXxxf0fci032Fn8wuyi1wwYxG4I%2B38Q7nfqQnwMimBAAWcfdhcz%2BZd9p0glvhOPtAbQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
8459e2d33ffda1f6-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2
ads
googleads.g.doubleclick.net/pagead/ Frame E5FF 		433 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8087468988098477&output=html&adk=1812271804&adf=3025194257&lmt=1705277325&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705277324612&bpp=557&bdt=200&idt=812&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=859819047605&frm=20&pv=2&ga_vid=634487327.1705277325&ga_sid=1705277325&ga_hid=97391175&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795922%2C44809004%2C95320378%2C95321626&oid=2&pvsid=4026012994216817&tmod=1994298513&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=832
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
a78e834d5198b5c4902488636ca128f284fc1169b6b68106523900ef87bdfef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
96039
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:45 GMT
expires
Mon, 15 Jan 2024 00:08:45 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
27d03843252cb6d09c622d237c33188beac9e4e7dcb25a2c0ad42af873481cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56405
x-xss-protection
0
server
cafe
etag
18423703627517955774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5B5C 		715 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8087468988098477&output=html&h=280&adk=3809598800&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705277326&rafmt=1&to=qs&pwprc=4849755504&format=1200x280&url=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705277325991&bpp=2&bdt=1579&idt=8&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=859819047605&frm=20&pv=1&ga_vid=634487327.1705277325&ga_sid=1705277325&ga_hid=97391175&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795922%2C44809004%2C95320378%2C95321626&oid=2&pvsid=4026012994216817&tmod=1994298513&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
2f979ec8bc1dfc35cc4bad965f2ed5f5dca3e1f95d770bf00964281fb7a3da76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:46 GMT
expires
Mon, 15 Jan 2024 00:08:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 71CE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:10:37 GMT
etag
3009746639812436877
expires
Sun, 28 Jan 2024 23:10:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame A0BE 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:10:37 GMT
etag
3009746639812436877
expires
Sun, 28 Jan 2024 23:10:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame A919 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3489
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4168
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 23:10:37 GMT
etag
3009746639812436877
expires
Sun, 28 Jan 2024 23:10:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 71CE 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 22:33:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 00:08:46 GMT
css
fonts.googleapis.com/ Frame 2F45 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jan 2024 23:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jan 2024 00:08:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2F45 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
69342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:53:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 2F45 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
71283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:20:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4678 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
421
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:01:45 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2F45 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
70390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2F45 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2F45 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:46 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 2F45 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 18:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 Apr 2024 18:36:21 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 71CE 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:36:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
70349
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:36:17 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 71CE 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 15:35:57 GMT
x-content-type-options
nosniff
age
30770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 13 Jan 2025 15:35:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 71CE 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 15:42:03 GMT
x-content-type-options
nosniff
age
30404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 13 Jan 2025 15:42:03 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 71CE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:33:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
70543
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:33:03 GMT
nmedianet.js
contextual.media.net/ Frame 2478 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-192-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a13bb62183cd9a94e3971e7f5bf2a528812a6b88295c7cbf09d342e158de1dc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-mnt-h
22-5h9m
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 15 Jan 2024 00:08:47 GMT
server
Apache
etag
"a5999b9dc00bcd710153a6a062948d18"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-s1v0
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
38783
expires
Mon, 15 Jan 2024 00:13:47 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 2478 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 15 Jan 2024 00:08:46 GMT
x-guploader-uploadid
ABPtcPrSYC032sCo2CRaNB3yjxl-63qnN5CeXLnpmc-wdAPD0gxALFp56h5n-I81vtUv-wcpDvg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Mon, 15 Jan 2024 01:08:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2478 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
70390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2478 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2478 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A0BE 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
69342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:53:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A0BE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
71283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:20:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A0BE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
70390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A0BE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 04:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
70393
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Jan 2024 04:35:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A0BE 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f156.1e100.net
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:46 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame A0BE 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 18:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 Apr 2024 18:36:21 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4678
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:47 GMT
expires
Mon, 15 Jan 2024 00:08:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Requested by
Host: www.contate.me
URL: https://www.contate.me/_next/static/chunks/main-52d79d0e091148ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
c18c2bca4bc55564c2f39c7d9fa1a8af7f5c5d7d721529e9bc9c1c3935eb01e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51490
x-xss-protection
0
server
cafe
etag
17326332430593951499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:46 GMT
redir.html
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 97D5 		247 B
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
50126888c6b8a3130c16fbcce572c5850d1bf81f05fa3c7a1b99b04dab2aea23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
202
content-security-policy-report-only
script-src 'nonce-jpnN_WKpqVuKmgYtNGABMg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iframe.html
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 97D5 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
e7c6e6af183bdd6ca610aa285a24a365bfa663b2a8079b443eae466d2b93cc58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1988
content-security-policy-report-only
script-src 'nonce-mzpjzQKx6WrTW78zmd5Lpg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:46 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
11568132904948361583
tpc.googlesyndication.com/daca_images/simgad/ Frame A0BE 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/11568132904948361583?w=360&h=640&tw=1&q=75
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
95bce7aba1c3a16b4a5263ac105d8fe36173f4f1215c89e6c85b68e4fb9aabc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Mon, 15 Jan 2024 00:08:47 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29857
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 18:13:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 22 Jan 2024 00:08:47 GMT
truncated
/ Frame A0BE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c92f1ec3dfce9902818e1b48f5a94e163900b56db26cc2056044a50c146a3e7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 438F 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
155473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 04:57:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame A0BE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CSKv1jXekZfnSH8i-kgO0ppWoCe7x4I10tqz_xuMR2dkeEAEgn_mhnQFg_aiNgegDoAHzj_upKcgBAakCnF5Mi3Zfsj6oAwHIA8sEqgSRAk_QbRZiB2xjAfZ935oVZaFb1zcRZ_wITR0LDt5...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x540734371e025d3f0000000000000000%22,%222%22:%220x9062be126a624c000000000000000000%22,%223%22:%220x8a964d...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x540734371e025d3f0000000000000000%22,%222%22:%220x9062be126a624c000000000000000000%22,%223%22:%220x8a964d59593a416a0000000000000000%22,%224%22:%220x993969fb0ddce2590000000000000000%22,%225%22:%220xc0af0c3a6e466c7d0000000000000000%22},%22debug_key%22:%229423680489805644059%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226586505100016319105%22}&andc=true
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:47 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x540734371e025d3f0000000000000000","2":"0x9062be126a624c000000000000000000","3":"0x8a964d59593a416a0000000000000000","4":"0x993969fb0ddce2590000000000000000","5":"0xc0af0c3a6e466c7d0000000000000000"},"debug_key":"9423680489805644059","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"6586505100016319105"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 Jan 2024 00:08:47 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 15 Jan 2024 00:08:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x540734371e025d3f0000000000000000","2":"0x9062be126a624c000000000000000000","3":"0x8a964d59593a416a0000000000000000","4":"0x993969fb0ddce2590000000000000000","5":"0xc0af0c3a6e466c7d0000000000000000"},"debug_key":"9423680489805644059","debug_reporting":true,"destination":"https://shofast.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11093854195"],"22":["true"],"4":["01-15"],"6":["true"]},"priority":"500","source_event_id":"6586505100016319105"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
pagead2.googlesyndication.com/bg/ Frame 32A3 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 04:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
155473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19690
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 Jan 2025 04:57:34 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x540734371e025d3f0000000000000000%22,%222%22:%220x9062be126a624c000000000000000000%22,%223%22:%220x8a964d59593a416a0000000000000000%22,%224%22:%220x993969fb0ddce2590000000000000000%22,%225%22:%220xc0af0c3a6e466c7d0000000000000000%22},%22debug_key%22:%229423680489805644059%22,%22debug_reporting%22:true,%22destination%22:%22https://shofast.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211093854195%22],%2222%22:[%22true%22],%224%22:[%2201-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226586505100016319105%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 00:08:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 2478 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.17.198 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-17-198.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
3c7c6dad04fd7289c756aa32a1697ecd774570d6417cea6080a83eb2ea956aa3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Mon, 15 Jan 2024 00:08:47 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Mon, 15 Jan 2024 00:13:47 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 7C1C 		79 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2972&&kkdd=AA%7Cu%7CAn*93H&53=w&444=d9gziy*5zy~dQbHziRJqPzUqE.Hlzonp)halW)fm9449J*8X_XyA7wuOZke1gucEed3wQta~5t)%3D&fU=weCx-eeQ-ejjuIQeQQb&1hR4=C&VZRl=C&*hf=wwIe&dZ*o=yQeu&*Uh=jNYeJeewk&*R*h=J*718.nH~OknWw~~z44O*3%3D%3D&*4Uh=bjIx-ex-x&ZU9o=wbC.bCC&**=N0&Z*=FT&*iMV=t0g)FTp&RUh=jDFbNLJbb&dRUh=qLDknvb&iddRZ=w&MZo=x&H1h=I&lhdw=jNYYuOmjt&lhd-=IwCxwuIbj&Xhldl=Zh-%3DMH55Sdd%3DCSUH45~5%3D-CSH5V~R%3DCKCQxuS81o4RV%3DCKCeSf3~o.*%3DCKjuSfUZ~Zh%3DQIbSh*-%3DwSZ*h%3D8MSf~lZM%3DwQbejeSf5-4~Zh%3D-C-ICwwIwISUH45~X%3Dw--QKubSH45~dc*%3DCSZdh%3DlZ3Uad~C~i8ZdS5lZd%3DSfUZ~H45~X%3DCKxbSUR%3Dw9gowWSaXX%3DCSfUZ~H45~5%3DwCS4UURHl%3DI%2CxSod%3DwxS4*%3D-%2C-S4RZ~Zh%3D-C-ICwwIwCSfUZ~X%3DeexKIISH45~X%3DCKj-Sf5-4~H45~X%3DCSf5-4~H45~fU%3DwkzwbSH45~dfU%3DCSH45~5%3D-CS1*ld%3DxCCQ-QSXX%3DwubSff%3DCS5-4~X%3DwCCCSo4RV%3DCKCeSf5-4~H45~c*%3DCkCSRZU~*%3Dw%2Cw%2CC%2CC%2CC%2CC%2CC%2CCSXV%3DwSRZU~h%3DCSlQR~X%3D-KQ-%2CQbKjISZUh%3DbjIx-ex-xSZh%3DCSHUh%3DQQujUTPPxMhnFxY0)WSXdh%3Dexxu-Cew-ebCxxbexb-ux-xxjQbjwu--eQ-CIw-QbQeuIu-CQQuwbjQIQw-QeQwbbexeujjCbbex-xuwQu-I-Qejjbb-bbuQQQbbejISf3H%3DCKjuSh-R~5%3DwCSQR*a%3DwCCCSHUV%3DCS81~VZi%3DCKCjShVV~Zd41%3Dil4V8MWSh-R~X%3DCKubS81h-R~X%3DCKu-SfH45~X%3DwKw-SZZ%3DT0S**%3DN0SHU3%3DzwS*o%3DCS4RZ~X%3DQbKjISfH45~5%3D-CSNP%3DQCuCScX~H*%3Dz-SMdZ%3D-ScX~**cZ%3Dz-S*d%3Dd848Md8SXZZ~6qB%3DT0%2CT0SXlZUZ-%3DwubSXhd%3DweCx-eeQ-xSXlZUZw%3DwubSUZgoa%3DCSUfH45~X%3DCKjuSUZUa%3DCSXUh%3DCKCeSh*%3DjSf5-4~X%3D-KQ-SUfH45~5%3D-CS*XhR%3DCKC-CSUdWRo~Uh%3DweSZo55o4~dl1~Uh%3DlZ3Uad~C~i8ZdSZHRR5W~dl1~Uh%3DShodo*doh~dl1~Uh%3DlZ3Uad~C~i8ZdSfUo3lXU5UdW%3DCKjuSR8Z%3DwS*d4%3DIKej-ICCjkzISl*~dWRo%3DwSlhX5c%3Dwjw--ewjCISlVR%3DwS81XUh%3DCKCeCSXa54%3DCKCwCSZHUh%3DShd*%3D3oZd~84ShVV~o4RV%3Dal5ZoShVV%3Dil4V8MWSXhR*lRh%3DCShl51%3DHMUZ8M-bSZ8XR%3DS.Uh%3D0E_zRHXzjCjeIbjujjCujIeeSidV5%3DwSlh~R8Z%3D%7B%22d%22%3AC%2C%22R%22%3AI%7DSh*Hd%3DeCSh81X%3DCzwSo*R~HZoh%3D7wCSo*R~RCx%3DCKCQCQbI-xIxeeQxxQbxSo*R~RwC%3DCKCxjCQxxIIbwuCQC-xSo*R~Rwx%3DCKw--ewuxbCbwCwebwuSo*R~R-C%3DCKwbCuxCeIujuwCbCujSo*R~R-x%3DCKwjbuj-CQj-jIwjuwQSo*R~RQC%3DCK-weuCejIIxejubjjQSo*R~RQx%3DCK-I-uCCwQxexbCCQISo*R~RIC%3DCK-eweee-ebwIj-bxjbSo*R~RIx%3DCKQC-QubebuIjIbuxbSo*R~RxC%3DCKQ-bQIuw-j-bub--bSo*R~Rxx%3DCKQeCu-jCuueejxexQSo*R~RbC%3DCKIw--wwwIj-CjeQbuISo*R~Rbx%3DCKIbw-exxjCxuCej-IISo*R~ReC%3DCKIuIQjICeeuwb-eQbSo*R~Rex%3DCKxxICju-CCbeweQuxSo*R~RjC%3DCKbQwCIIujQeCwebuwSo*R~Rjx%3DCKexbxQ-ue-jjCQj-xSo*R~RuC%3DwKCwuxuCexbwuujwIjSo*R~Rux%3DwKjeQCIb--CjIeCe-bSo*R~Ruu%3DbKxbxCjwQCICQQCIQSUX*%3DwSMZ9%3D-Sd1Z%3Dw-C.bCC%7CwbC.bCCSXZX%3DCSXZR%3DCSdV.%3D-Qx&Mdf=C&VVV=H_8ZTaPE7kc%3D&U3=C&UMPa4=w&Xh4Ph=IbC&XUh=QIuCbb&V*a=ebxu-&WhZR4=w&Xlo=n.o91..%2F19Sn.o91..l19SIoo&cldR4o=w&cldXUh=zwC-&*lh8VlUM=d9gziy*5zyztLiTI-zHHahMxF_i-UNCTb7hQ-WIPL*2vFt2~cW2891%3D%3D&WR5R=w&UZUh=x&lhf=PMfoZd84%20m8*HZ&ZZV*4~fo4=x&R1Uh=RwwwjuwQwx-wd-C-ICwwxCCCj&ZZ5h=%7B%22ZZUR%22%3A%22jbKIjKwIKC%22%2C%22ZZ**%22%3A%22N0%22%2C%22ZZZ*%22%3A%22FT%22%2C%22ZZ*dW%22%3A%22d848Md8%22%7D&idV5Z4*=w&sflct=9134454&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU7Q771E&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-192-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46677766341d84366c50ec4b72473e0d042cbf29eba0b29bf22e7af04b7e639a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
31169
content-type
text/html
date
Mon, 15 Jan 2024 00:08:47 GMT
expires
Mon, 15 Jan 2024 00:08:47 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-z5ms
bping.php
lg3.media.net/ Frame 2478 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2746&&vgd_cdv=1147&vgd_cage=3&vgd_tsce=L379&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=684527525&vi=1705277327889437336&ugd=4&lf=6&cc=CA&sc=ON&lper=100&wsip=170785191&r=1705277327716&rrr=tzR-hLcl-L_t36u-hpQTI-iTDxua-eBYMdfayMvFzrrzQcobXbLGq19JsE7gR9kD7tw13Hf_lHM%3D&requrl=https%3A%2F%2Fwww.contate.me%2F&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~xjYMEv9.9AXi~myJLEYv9.9h~eBMJ-Nv9.Wi~e8QMQOvAHF~ONfvu~QNOvmz~eM1QzvuAFhWh~ejfLMQOvf9fH9uuHuH~8xLjMGvuffA.iF~xLjM7UNv9~Q7Ov1QB8k7M9MwmQ7~j1Q7v~e8QMxLjMGv9.XF~8EvulDJu5~kGGv9~e8QMxLjMjvu9~L88Ex1vH%2CX~J7vuX~LNvf%2Cf~LEQMQOvf9fH9uuHu9~e8QMGvhhX.HH~xLjMGv9.Wf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vX99AfA~GGvuiF~eev9~jfLMGvu999~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.Af%2CAF.WH~Q8OvFWHXfhXfX~QOv9~x8OvAAiW8IVVXzORaXPKc5~G7OvhXXif9hufhF9XXFhXFfiXfXXWAFWuiffhAf9HufAFAhiHif9AAiuFWAHAufAhAuFFhXhiWW9FFhXfXiuAifHfAhWWFFfFFiAAAFFhWH~eBxv9.Wi~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9W~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.if~exLjMGvu.uf~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAF.WH~exLjMjvf9~%3DVvA9i9~UGMxNvof~z7Qvf~UGMNNUQvof~N7v7mLmz7m~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9XfhhAfX~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.Wi~8Q8kv9~G8Ov9.9h~ONvW~ejfLMGvf.Af~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~N7LvH.hWfH99W4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoW9WhHFWiWW9iWHhh~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9A9AFHfXHXhhAXXAFX~JNEMEu9v9.9XW9AXXHHFui9A9fX~JNEMEuXv9.uffhuiXF9Fu9uhFui~JNEMEf9v9.uF9iX9hHiWiu9F9iW~JNEMEfXv9.uWFiWf9AWfWHuWiuA~JNEMEA9v9.fuhi9hWHHXhWiFWWA~JNEMEAXv9.fHfi99uAXhXF99AH~JNEMEH9v9.fhuhhhfhFuHWfFXWF~JNEMEHXv9.A9fAiFhFiHWHFiXF~JNEMEX9v9.AfFAHiufWfFiFffF~JNEMEXXv9.Ah9ifW9iihhWXhXA~JNEMEF9v9.HuffuuuHWf9WhAFiH~JNEMEFXv9.HFufhXXW9Xi9hWfHH~JNEMEh9v9.HiHAWH9hhiuFfhAF~JNEMEhXv9.XXH9Wif99FhuhAiX~JNEMEW9v9.FAu9HHiWAh9uhFiu~JNEMEWXv9.hXFXAfihfWW9AWfX~JNEMEi9vu.9uiXi9hXFuiiWuHW~JNEMEiXvu.WhA9HFff9WHh9hfF~JNEMEiivF.XFX9WuA9H9AA9HA~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&ssld=%7B%22QQ8E%22%3A%22WF.HW.uH.9%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22aI%22%2C%22QQN75%22%3A%227mLmz7m%22%7D&vgd_bid=349066&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=136787&vgd_rakh=1705277327177616922&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_pgid=p11189131521t202401150008&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00001705277327711014459899518544&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 15 Jan 2024 00:08:47 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
35
expires
Mon, 15 Jan 2024 00:08:47 GMT
checksync.php
contextual.media.net/ Frame 8C7A 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.192.28 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-192-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
310c66eaee56d4aacdcff95721e1105b7cb5ea3abef176b7c0d36e1397eb6b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
9640
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 00:08:47 GMT
expires
Wed, 17 Jan 2024 00:08:47 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 2478 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6250&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUU9JF8H&reqid=Q3mZnh8gg02W8L7Z0RkebQ&vid=Q3mZnh8gg02W8L7Z0RkebQ&dn=contate.me&rawDn=contate.me&requrl_dn=contate.me&pid=8PR113JGC&ugd=4&fleet=ebda&requrl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=ON&ct=toronto&zip=m6c+1c7&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-ebda-6c4c994d4d-bs4fv.OR&dtc=west_or&zone=b&ptype=23&tmax=300&xtmax=280&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=136787&sckfl=0&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm7HuJIgV49JEMcrq5jCqSkgxdf0W-EseUPhPnEaCYzrYrADTvs6PYlXhgfc5pOcoAur&pexid=ADX-pub-8087468988098477&geoll=false&is_ortb=false&commit_id=4f4eb818&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-12+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CA&ipcc=CA&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=54&req_tid_present=false&pvid=460&prvAccId=684527525&prvApiId=8CU7Q771E&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=410519468&prspt=headerBid&prvReqId=42133565714810_594288305_4105194684601&size=160x600&chnl=HARMONY&bdp=0.070&bid_uuid=a2dcdd6e3547e34c5052c77bafeed3c6&cbdp=0.020&og_cbdp=0.070&ogbdp=0.07&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.020&dsrc=-2&dp=0&dbf=1&epc=684527525&s=1&snm=SUCCESS&pcrid=8CU7Q771E-684527525-3-25&tpbTkn=false&exid=218&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=89&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1705277325622&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.07&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700090000481000160060000059500&strg=HARMONY&stagid=aswift_0_host&vls=0&scrid=1700090000481000160060000059500&mang=1&pvdTmax=235&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CU7Q771E&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=120x600%7C160x600&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=2bf0eb232d&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23Mcid%3Atoken_1%23%23NedCkflWithData%3ALesBlk%23%23RealTimeValidBid%3A15m%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=739b640d0b470c94bb69d1cefcb0050c&rtime=22.0&wsip=mowx-69bd7c5888-7q9nz&ltime=29.0&act=headerBid&abs=0%7C0%7Cxtmax%3D280%7Cbrr%3D0&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&psrc=cid_abk_div&mowxReqId=739b640d0b470c94bb69d1cefcb0050c_1&policy_enf=2&pub_blk_enf=1&req_size=120x600%7C160x600&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=4.7824008E-4&ctr_vendor=EXCHANGE&rfc=-1&skadidfl=0&dfpDiv=aswift_0_host&feedback_id=Q3mZnh8gg02W8L7Z0RkebQ_1&supplyTagId=1812271804&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-01-15+00%3A08%3A45&__expireat=1705277925877&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.070&lo_cbdp=0.020&actltime=29&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D20~ulm_p%3D0.0359~ogerpm%3D0.07~vw_exc%3D0.89~vis_sd%3D346~dc2%3D1~scd%3Don~v_asn%3D136787~vl2r_sd%3D2024011414~iurl_b%3D1223.96~url_tkc%3D0~std%3Daswift_0_host~last%3D~vis_url_b%3D0.56~ip%3D1zRe1y~fbb%3D0~vis_url_l%3D10~riipua%3D4%2C5~et%3D15~rc%3D2%2C2~rps_sd%3D2024011410~vis_b%3D775.44~url_b%3D0.82~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D500323~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.07~vl2r_url_kc%3D0E0~psi_c%3D1%2C1%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D0~a3p_b%3D2.32%2C36.84~sid%3D684527525~sd%3D0~uid%3D3398iNII5ndBO5UAMy~btd%3D7559207127605567562952558368192273204123637949203391683431237316675798806675259139242378866266933366784~vwu%3D0.89~d2p_l%3D10~3pcf%3D1000~uim%3D0~og_msh%3D0.08~dmm_strg%3Dharmony~d2p_b%3D0.96~ogd2p_b%3D0.92~vurl_b%3D1.12~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D36.84~vurl_l%3D20~CI%3D3090~kb_uc%3D-2~nts%3D2~kb_ccks%3D-2~ct%3Dtoronto~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1705277325~basis1%3D196~isRef%3D0~ivurl_b%3D0.89~isif%3D0~bid%3D0.07~dc%3D8~vl2r_b%3D2.32~ivurl_l%3D20~cbdp%3D0.020%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Esupply_tag_id%3D%7Edetected_tag_id%3Daswift_0_host%7Eviewability%3D0.89%7Epos%3D1%7Ectr%3D4.7824008E-4%7Eac_type%3D1%7Eadblk%3D1812271804%7Eamp%3D1%7Eogbid%3D0.070%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dwest_or%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison26%7Esobp%3D%7Exid%3DADX-pub-8087468988098477%7Ehtml%3D1%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Edcut%3D70%7Edogb%3D0-1%7Eecp_used%3Dq10%7Eecp_p05%3D0.030364254577355365%7Eecp_p10%3D0.05803554461903025%7Eecp_p15%3D0.12271956061017619%7Eecp_p20%3D0.16095074989106098%7Eecp_p25%3D0.18698203828418913%7Eecp_p30%3D0.21790784457896883%7Eecp_p35%3D0.2429001357560034%7Eecp_p40%3D0.27177727614826586%7Eecp_p45%3D0.3023967694846956%7Eecp_p50%3D0.3263491282696226%7Eecp_p55%3D0.3709280997785753%7Eecp_p60%3D0.41221114820873694%7Eecp_p65%3D0.46127558059078244%7Eecp_p70%3D0.4943840779162736%7Eecp_p75%3D0.5540892006717395%7Eecp_p80%3D0.6310449837017691%7Eecp_p85%3D0.7565329728803825%7Eecp_p90%3D1.0195907561998148%7Eecp_p95%3D1.8730462208470726%7Eecp_p99%3D6.565081304033043~ibc%3D1~nsz%3D2~tgs%3D120x600%7C160x600~bsb%3D0~bsp%3D0~tmx%3D235&utime=2110&sf=0&cpr=0.6119270825591749
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:47 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 15 Jan 2024 00:08:47 GMT
cksync
cs.media.net/ Frame 8C7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ4Mjc4OTI3ODk5NTE4NzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEO4rvmrxe83VI_EMqjIp8q8&google_cver=1
57 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEO4rvmrxe83VI_EMqjIp8q8&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.212.72.24 Irving, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-72-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 00:08:48 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
57
x-mnet-hl2
E
Expires
Mon, 15 Jan 2024 00:08:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEO4rvmrxe83VI_EMqjIp8q8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 292D 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.223.17.198 Toronto, Canada, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-223-17-198.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3751
Content-Type
text/html; charset=utf-8
Date
Mon, 15 Jan 2024 00:08:47 GMT
Expires
Mon, 15 Jan 2024 00:13:47 GMT
Vary
Accept-Encoding
x-powered-by
Express
ptmdP
dts.clnmde.com/ Frame 2478 		7 B
357 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdP
dts.clnmde.com/ Frame 2478 		7 B
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdDual
dts6.clnmde.com/ Frame 2478 		70 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%2217052773279153642191543%22%2C%22za%22%3A1%2C%22gcd%22%3A1705277327935%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
ptmd
dts.clnmde.com/ Frame 2478 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=17052773279153642191543_N4IgxmAWDWIFwG0QDYAcAWArAJgOw8xAF0AaEABwEsATAF3iQAZiyAnAUwDMBVVgG3qIQLEAGdWYXgIYhItWuVEBSAMwBBJdgBimrQHcDAOjAB7AHa0AhrXaGAtu10iAbqID6NQQjMBXPn1JZVw86GUZwxgBGXEYcXFwVPFxIyKj0LABOVAyMzEjUTHSRMB9RWhCvEFQAYW5cAEV4yIBRYtZnGWAAHRQMOIIeuG6QWgBPcnZBnrBWEJ6SHudKOfge6NikxNxUbPQVBJVkeZ7IYJopkAiomLiEpJS0zOzc-ML0HoBfD5EzSwZ0bAZdAZZC4bDIdAkSIqdCMVAxFQZEiYFThDCoVGBX6ieCAsiUSx2BiMQIEnFwVBkMrWUr-EgqFT0yEqTD05D03D0ymIkiAwIALz+cEiZHIAHN4CAOmQxZBJetblsMpEURDsJFlYUVCAyK5JchDIxDJgwTqQJY+PBGSBOGB4ABaEUgdi0Sjym6bPBmiDUSXVNRmsoSuCMKmwOAgBWe3BudI7fDYbKofJm9iUciS1AG9CoQyRdCGZDa3XsViS8isEy+sjsHxCp0+N3CmvOS2IUC-BySgBGNGopZCZuo1iFoF71H7sxokvQyGYuuW04jUfiWx2QP2DOQIC+JA7hPYkssYGnZGHVngoGPS5ACQy3YhjGojG76BiYCB3YfGWokTAXDAbtwkwRg7QXQdlw9Vc8HXPYDm3L5AnIPVEECUQ+DKd0Nmg7ZkEIMg+E4eAnW7aQ4FwdlwFKcobxqOpGmSVpwJvFc7m2XZN0OM0xTtYUoLYkFsDIABHQ9mxtJsVA+IA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
bql.php
lg3.media.net/ Frame 7C1C 		15 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6628&&vgd_canary=0&vgd_l2type=scs_newfl&fp=wHfaMX3-5DKDYG-3FFsq2VzqS1gpvp_AKv3nRiMUI0N2dy1ebOe1pZpMONZZ0eb-YvszC9fHeNiPfwMuKGiWyV5CDM5igcpAq7QtU_hyx0QCCvEslB6eAR-7kx5amEL6mUVES3jgLbU%3D&cme=qH9rgZdqA0dYn-5n71DGIcNl5jvNdED4zrwCVO0K_gyUeacoxTZV39vHCvjjKFDXWgpdsZpML8RQvQtAM8wozcQbpxLmPEIEWw5TnYww2jF9SJXX-68xEtbY-uNaWV0r69eK6FeeFNRdjNWNq-AzP2v0AyJbQ1Oiec0CFYhrq2SHGaC9-aiGbeITR8J5LbhKsVIyRIBkrPMnFk4NNdgTX2JdDjDggQpxroIL7pHfe18P31LrhK8lDQ%3D%3D%7C%7CNc8dsNVKdPrd3bGJPCzjIfR8SzQkyY_dhbQYii6MSBnmjz_rjsUdBlyhw_csGMfs8mcv5rv579Xj-WlxvFBIWfocJTRgOBgFu8A-y3-jJLh04D1ULZxCcLnUd6nkvC28zw4zgTyyQM9JEv88GyRMj0hr5n14lXVCv8W0cZAN8cIen4Geml37NuQzvMI3Lovu3or3uUJ8m87TKygeDT0J5exrgpZudkBdz50QUZtHodM3BYAUOd7O0gw5BbeL_TzrpuCYyJZAoCMNbph2RMHeKZUqwBU_SMz7rw968gLh-Mo%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CYfC2eZepuu0iO4bN1L0Y5DHOMnHYLvLj%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Cz2FXWLyX46KiLtiHm-nm8Dk6EDVO3V-0RMsQmPlwAg9Dim8E20WXSd3BVshSymgZi_X9V6EztbVm1NOK1LHezw%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7C&subBdr=196&bdrid=460&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Stocks+to+Invest+In&kwt[]=391&kbc[]=1262292604&kwp[]=1&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011402%7C13%3D0.0590%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D0.12%7C2%3D1.87&ktd[]=4503874539028736&kwd[]=Quick+Personal+Loans&kwt[]=391&kbc[]=1262292604&kwp[]=2&kid[]=23633332&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0002%7C8%3D011402%7C13%3D0.0631%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D0.42%7C2%3D4.44&ktd[]=274911658240&kwd[]=No.1+Stock+to+Buy+Now&kwt[]=391&kbc[]=1262292604&kwp[]=3&kid[]=324947967&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011402%7C13%3D0.0433%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D0.17%7C2%3D1.64&ktd[]=274894881024&kwd[]=Bank+Owned+Cars+for+Sale&kwt[]=391&kbc[]=1262292604&kwp[]=4&kid[]=299487099&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D011402%7C13%3D0.0416%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D1.26%7C2%3D2.59&ktd[]=4503874539028736&kwd[]=Best+Dentists+Near+Me&kwt[]=391&kbc[]=1262292604&kwp[]=5&kid[]=324977595&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D011402%7C13%3D0.0294%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D0.10%7C2%3D0.79&ktd[]=274894881024&kwd[]=Rental+Homes+by+Owner&kwt[]=391&kbc[]=1262292604&kwp[]=6&kid[]=24236124&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D011402%7C13%3D0.0274%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D1.07%7C2%3D4.23&ktd[]=274894881024&kwd[]=Who+Owns+This+Phone&kwt[]=391&kbc[]=1262292604&kwp[]=7&kid[]=213940948&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D011402%7C13%3D0.0258%7C14%3D011416%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.513%7C1%3D0.13%7C2%3D0.81&ktd[]=274894881024&v=1&geo=43.68%7C-79.43&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=CA&wsip=170774818&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%227mLmz7m%22%2C%22QQ8E%22%3A%22WF.HW.uH.9%22%2C%22QQQN%22%3A%22aI%22%7D&cid=8CU7Q771E&vi=1705277327889437336&vsid=3482789278995115&tdAdd[]=asnum%3D136787&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=4&vgd_tsce=L379-S379&vgd_imdtl=1&vgd_l3_sc=ON&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3000ca2a&vgd_nrrsf=scrr&vgd_cty=toronto&vgd_ifrmode=14&sttm=1705277327711&upk=1705277328.2947&hvsid=00001705277327711014459899518544&verid=3111299&sbdrId=196&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1705277327177616922&vgd_ecrid=1700090000481000160060000059500&vgd_isiolc=1&kbbq=%26asn%3D136787&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3482789278995115&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~xjYMEv9.9AXi~myJLEYv9.9h~eBMJ-Nv9.Wi~e8QMQOvAHF~ONfvu~QNOvmz~eM1QzvuAFhWh~ejfLMQOvf9fH9uuHuH~8xLjMGvuffA.iF~xLjM7UNv9~Q7Ov1QB8k7M9MwmQ7~j1Q7v~e8QMxLjMGv9.XF~8EvulDJu5~kGGv9~e8QMxLjMjvu9~L88Ex1vH%2CX~J7vuX~LNvf%2Cf~LEQMQOvf9fH9uuHu9~e8QMGvhhX.HH~xLjMGv9.Wf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vX99AfA~GGvuiF~eev9~jfLMGvu999~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.Af%2CAF.WH~Q8OvFWHXfhXfX~QOv9~x8OvAAiW8IVVXzORaXPKc5~G7OvhXXif9hufhF9XXFhXFfiXfXXWAFWuiffhAf9HufAFAhiHif9AAiuFWAHAufAhAuFFhXhiWW9FFhXfXiuAifHfAhWWFFfFFiAAAFFhWH~eBxv9.Wi~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9W~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.if~exLjMGvu.uf~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAF.WH~exLjMjvf9~%3DVvA9i9~UGMxNvof~z7Qvf~UGMNNUQvof~N7v7mLmz7m~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9XfhhAfX~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.Wi~8Q8kv9~G8Ov9.9h~ONvW~ejfLMGvf.Af~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~N7LvH.hWfH99W4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoW9WhHFWiWW9iWHhh~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9A9AFHfXHXhhAXXAFX~JNEMEu9v9.9XW9AXXHHFui9A9fX~JNEMEuXv9.uffhuiXF9Fu9uhFui~JNEMEf9v9.uF9iX9hHiWiu9F9iW~JNEMEfXv9.uWFiWf9AWfWHuWiuA~JNEMEA9v9.fuhi9hWHHXhWiFWWA~JNEMEAXv9.fHfi99uAXhXF99AH~JNEMEH9v9.fhuhhhfhFuHWfFXWF~JNEMEHXv9.A9fAiFhFiHWHFiXF~JNEMEX9v9.AfFAHiufWfFiFffF~JNEMEXXv9.Ah9ifW9iihhWXhXA~JNEMEF9v9.HuffuuuHWf9WhAFiH~JNEMEFXv9.HFufhXXW9Xi9hWfHH~JNEMEh9v9.HiHAWH9hhiuFfhAF~JNEMEhXv9.XXH9Wif99FhuhAiX~JNEMEW9v9.FAu9HHiWAh9uhFiu~JNEMEWXv9.hXFXAfihfWW9AWfX~JNEMEi9vu.9uiXi9hXFuiiWuHW~JNEMEiXvu.WhA9HFff9WHh9hfF~JNEMEiivF.XFX9WuA9H9AA9HA~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&vgd_cfud=230323&vgd_scsver=318&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=0_0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1147&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=ON&vgd_l1rhst=contextual.media.net&hvsid=00001705277327711014459899518544&rc=0&rand=1705277327976&acid=739b640d0b470c94bb69d1cefcb0050c&matm=1705277327976&vgd_ltimesrc=1&vgd_ltime=1744&vgd_rtime=1742&vgd_etm=7&vgd_l1hcsd=S5h9m%7C224&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6203&vgd_pgid=p11189131521t202401150008&vgd_csip=rtb-ebda-6c4c994d4d-bs4fv.OR&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SL%7CBODY%7CHTML%7Cundefined&vgd_eadm=1&vgd_matchstr=hr%3D0%7C&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2972&&kkdd=AA%7Cu%7CAn*93H&53=w&444=d9gziy*5zy~dQbHziRJqPzUqE.Hlzonp)halW)fm9449J*8X_XyA7wuOZke1gucEed3wQta~5t)%3D&fU=weCx-eeQ-ejjuIQeQQb&1hR4=C&VZRl=C&*hf=wwIe&dZ*o=yQeu&*Uh=jNYeJeewk&*R*h=J*718.nH~OknWw~~z44O*3%3D%3D&*4Uh=bjIx-ex-x&ZU9o=wbC.bCC&**=N0&Z*=FT&*iMV=t0g)FTp&RUh=jDFbNLJbb&dRUh=qLDknvb&iddRZ=w&MZo=x&H1h=I&lhdw=jNYYuOmjt&lhd-=IwCxwuIbj&Xhldl=Zh-%3DMH55Sdd%3DCSUH45~5%3D-CSH5V~R%3DCKCQxuS81o4RV%3DCKCeSf3~o.*%3DCKjuSfUZ~Zh%3DQIbSh*-%3DwSZ*h%3D8MSf~lZM%3DwQbejeSf5-4~Zh%3D-C-ICwwIwISUH45~X%3Dw--QKubSH45~dc*%3DCSZdh%3DlZ3Uad~C~i8ZdS5lZd%3DSfUZ~H45~X%3DCKxbSUR%3Dw9gowWSaXX%3DCSfUZ~H45~5%3DwCS4UURHl%3DI%2CxSod%3DwxS4*%3D-%2C-S4RZ~Zh%3D-C-ICwwIwCSfUZ~X%3DeexKIISH45~X%3DCKj-Sf5-4~H45~X%3DCSf5-4~H45~fU%3DwkzwbSH45~dfU%3DCSH45~5%3D-CS1*ld%3DxCCQ-QSXX%3DwubSff%3DCS5-4~X%3DwCCCSo4RV%3DCKCeSf5-4~H45~c*%3DCkCSRZU~*%3Dw%2Cw%2CC%2CC%2CC%2CC%2CC%2CCSXV%3DwSRZU~h%3DCSlQR~X%3D-KQ-%2CQbKjISZUh%3DbjIx-ex-xSZh%3DCSHUh%3DQQujUTPPxMhnFxY0)WSXdh%3Dexxu-Cew-ebCxxbexb-ux-xxjQbjwu--eQ-CIw-QbQeuIu-CQQuwbjQIQw-QeQwbbexeujjCbbex-xuwQu-I-Qejjbb-bbuQQQbbejISf3H%3DCKjuSh-R~5%3DwCSQR*a%3DwCCCSHUV%3DCS81~VZi%3DCKCjShVV~Zd41%3Dil4V8MWSh-R~X%3DCKubS81h-R~X%3DCKu-SfH45~X%3DwKw-SZZ%3DT0S**%3DN0SHU3%3DzwS*o%3DCS4RZ~X%3DQbKjISfH45~5%3D-CSNP%3DQCuCScX~H*%3Dz-SMdZ%3D-ScX~**cZ%3Dz-S*d%3Dd848Md8SXZZ~6qB%3DT0%2CT0SXlZUZ-%3DwubSXhd%3DweCx-eeQ-xSXlZUZw%3DwubSUZgoa%3DCSUfH45~X%3DCKjuSUZUa%3DCSXUh%3DCKCeSh*%3DjSf5-4~X%3D-KQ-SUfH45~5%3D-CS*XhR%3DCKC-CSUdWRo~Uh%3DweSZo55o4~dl1~Uh%3DlZ3Uad~C~i8ZdSZHRR5W~dl1~Uh%3DShodo*doh~dl1~Uh%3DlZ3Uad~C~i8ZdSfUo3lXU5UdW%3DCKjuSR8Z%3DwS*d4%3DIKej-ICCjkzISl*~dWRo%3DwSlhX5c%3Dwjw--ewjCISlVR%3DwS81XUh%3DCKCeCSXa54%3DCKCwCSZHUh%3DShd*%3D3oZd~84ShVV~o4RV%3Dal5ZoShVV%3Dil4V8MWSXhR*lRh%3DCShl51%3DHMUZ8M-bSZ8XR%3DS.Uh%3D0E_zRHXzjCjeIbjujjCujIeeSidV5%3DwSlh~R8Z%3D%7B%22d%22%3AC%2C%22R%22%3AI%7DSh*Hd%3DeCSh81X%3DCzwSo*R~HZoh%3D7wCSo*R~RCx%3DCKCQCQbI-xIxeeQxxQbxSo*R~RwC%3DCKCxjCQxxIIbwuCQC-xSo*R~Rwx%3DCKw--ewuxbCbwCwebwuSo*R~R-C%3DCKwbCuxCeIujuwCbCujSo*R~R-x%3DCKwjbuj-CQj-jIwjuwQSo*R~RQC%3DCK-weuCejIIxejubjjQSo*R~RQx%3DCK-I-uCCwQxexbCCQISo*R~RIC%3DCK-eweee-ebwIj-bxjbSo*R~RIx%3DCKQC-QubebuIjIbuxbSo*R~RxC%3DCKQ-bQIuw-j-bub--bSo*R~Rxx%3DCKQeCu-jCuueejxexQSo*R~RbC%3DCKIw--wwwIj-CjeQbuISo*R~Rbx%3DCKIbw-exxjCxuCej-IISo*R~ReC%3DCKIuIQjICeeuwb-eQbSo*R~Rex%3DCKxxICju-CCbeweQuxSo*R~RjC%3DCKbQwCIIujQeCwebuwSo*R~Rjx%3DCKexbxQ-ue-jjCQj-xSo*R~RuC%3DwKCwuxuCexbwuujwIjSo*R~Rux%3DwKjeQCIb--CjIeCe-bSo*R~Ruu%3DbKxbxCjwQCICQQCIQSUX*%3DwSMZ9%3D-Sd1Z%3Dw-C.bCC%7CwbC.bCCSXZX%3DCSXZR%3DCSdV.%3D-Qx&Mdf=C&VVV=H_8ZTaPE7kc%3D&U3=C&UMPa4=w&Xh4Ph=IbC&XUh=QIuCbb&V*a=ebxu-&WhZR4=w&Xlo=n.o91..%2F19Sn.o91..l19SIoo&cldR4o=w&cldXUh=zwC-&*lh8VlUM=d9gziy*5zyztLiTI-zHHahMxF_i-UNCTb7hQ-WIPL*2vFt2~cW2891%3D%3D&WR5R=w&UZUh=x&lhf=PMfoZd84%20m8*HZ&ZZV*4~fo4=x&R1Uh=RwwwjuwQwx-wd-C-ICwwxCCCj&ZZ5h=%7B%22ZZUR%22%3A%22jbKIjKwIKC%22%2C%22ZZ**%22%3A%22N0%22%2C%22ZZZ*%22%3A%22FT%22%2C%22ZZ*dW%22%3A%22d848Md8%22%7D&idV5Z4*=w&sflct=9134454&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 15 Jan 2024 00:08:48 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Mon, 15 Jan 2024 00:08:48 GMT
cenw.js
dts.clnmde.com/ Frame 292D 		36 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
666f2634c0b03396a7938c04b6a168142fec4f6e26a1881acc7c6d863494c3d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
etag
W/"24-4wgXANFR28Ypa/jfb5yvMw"
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
alt-svc
clear
gtm.js
www.googletagmanager.com/ 		392 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P6M9WT
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ef44ef29bf4b186080ca220259af504007aa006e8fc2e2dc744eb4c8c605586c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
116580
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 00:08:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
1b19604debfcfbec5a45c0f6584b9c081429e05f6346fafe1a1fd1f62df54f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12185
x-xss-protection
0
truncated
/ Frame 2478 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25770e9f24fa0e4a3e9c4629e5c2813dff6cf72a70c10bcb7f9ee5dc04b4d45a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 2478 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPpIrjXekZfrSH8i-kgO0ppWoCb6VpK9s99rS06wMwI23ARABIABg_aiNgegDggEXY2EtcHViLTgwODc0Njg5ODgwOTg0NzfIAQmoAwHIAwKqBPYBT9D4z911ioh1wLlXJQYDwzsU4J0ihaspr2IRpULVE4o8bt4GWblSEZ9gLh9xNWG-vMGR8vfpbgo89sKaXr4PPgO4EM5I500iecGh6s5SgT4OpJMmbt4CS6CJnqWVNOmasDKmXxkM81_xVc-Wa6pad5M1OqL72X-Qa_k2l1lGxtte6MpiLPSwjKwZihDPqzwBcvXIQPKVjMqcp3iEGZ0Jr6bcZcsbZrGz4aGV2VPM9CeDuc-w4WpAuRe_qZY0GZm_OI3EljuF3tc6_HOknxAtGH3MhdeMBx4Q9F6Ei1LYf27pdcS5dRT6Xtk2UrW7Jju_58bdXGflgAb_7rnzuN2V3bcBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJKO6omN3oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgwODc0Njg5ODgwOTg0NzcYAA&sigh=N09IFSVwR7M&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_EuVigNNQstouQdwILheQbsY8djvnFeXFRm6g2SjyNzG9J-jzQqHRSLaMoHl_gL5WVpcJk3zIwlkX2oGUEaO_AJB7jz62LE6bUhgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 2478 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATDQyMTMzNTY1NzE0ODEwXzU5NDI4ODMwNV80MTA1MTk0Njg0NjAxQDczOWI2NDBkMGI0NzBjOTRiYjY5ZDFjZWZjYjAwNTBjmAfsUbgeheuxP2hodHRwczovL3d3dy5jb250YXRlLm1lL3JlZGlyZWN0L2NvbnN1bHRvcmlhYmVudmVudXRvBENBgLiA4wroAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2FGNvbnRhdGUubWUSOENVVTlKRjhICA4xNjB4NjAwCjAuMDIwDndlc3Rfb3IGQURYCAhudXJsAAAAAAAAQFZA7ISYp6FjAjEuGtSAiVc_PzhydGItZWJkYS02YzRjOTk0ZDRkLWJzNGZ2Lk9SPjE3MDAwOTAwMDA0ODEwMDAxNjAwNjAwMDAwNTk1MDACEDRmNGViODE4AmIC&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 15 Jan 2024 00:08:48 GMT
log
qsearch-a.akamaihd.net/ Frame 2478 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=739b640d0b470c94bb69d1cefcb0050c&algo=unison26&bdp=0.0700&bidfp=0.0100&capd=0&cc=CA&cid=8CUU9JF8H&crid=410519468&ct=toronto&dc=west_or&dfpbd=0.0196&dn=contate.me&iwb=1&ogcbdp=0.0700&other_bids=0.07&other_prv=460&pbshr=100.0000&prdp=0.0196&requrl=contate.me%2Fredirect%2Fconsultoriabenvenuto%2F&sat=1&sc=ON&sc_pvid=460&send_erpm=true&server=1&size=160x600&strg=harmony&totalTime=3340800&ugd=4&ver=9.6.4&cliIP=1445989888&time_stamp=2024-01-15%2000%3A08%3A45&seat=BID_API&itype=adx&req_id=Q3mZnh8gg02W8L7Z0RkebQ&dfp_bucket=0.0&level_base=0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.216%20Safari%2F537.36&br_ver=120.0.6099.216&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_1-cid_0&ogerpm=0.0700&ogerpm_used=false&rawbid=0.0700&totalTimeBucket=3&as_cache=1&sub_bidder=196&current_day=0.0&current_hour=23&cut=72&floor_bucket=0.00&model_version=202401140921_generic_adx_1-cid_0&erpm_bucket=0.05&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8900&stid=aswift_0_host&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=0&predicted_wr=61.4939&bdp_wider_bucket=1&adblk=1812271804&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=70&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&url_l1=redirect&url_l2=consultoriabenvenuto&clisp=rtb-ebda-6c4c994d4d-bs4fv.OR&dmm_m1=2024-01-15%2000%3A08%3A45.623769803&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700090000481000160060000059500&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.3263491282696226&ecp_p75=0.5540892006717395&ecp_avg=0.02&ecp_status=Success&ecp_used=q10&ecp_rtime=1102.0&sfm_key=mowx_8CUU9JF8H_460&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-69bd7c5888-7q9nz&rel_cut_bkt=85&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.18698203828418913&ecp_p60=0.41221114820873694&ecp_p70=0.4943840779162736&ecp_p80=0.6310449837017691&ecp_p85=0.7565329728803825&ecp_p90=1.0195907561998148&ecp_p95=1.8730462208470726&ecp_p99=6.565081304033043&optimal_cut=0.0&cut_cluster=0.0&cbvp=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Jan 2024 00:08:49 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 15 Jan 2024 00:08:49 GMT
truncated
/ Frame 7C1C 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7C1C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7C1C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Jan 2024 00:08:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 21F6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
25253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jan 2024 17:07:55 GMT
expires
Mon, 13 Jan 2025 17:07:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0E83 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f105.1e100.net
Software
GSE /
Resource Hash
85f18ee4a98c5a0093967cd598a3a2faf2cc97b501ff3691faec188964d0e0f4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xx7oVACS4c2zvxCwdAdglw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.contate.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Xx7oVACS4c2zvxCwdAdglw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Jan 2024 00:08:48 GMT
expires
Mon, 15 Jan 2024 00:08:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 21F6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sun, 14 Jan 2024 15:28:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
31225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Jan 2025 15:28:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A0BE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwyzcnh2vCfsCa0YMcTs8Y3Mw2VfFog6K6tdjBdb-ceHy7ui6fzUZIGTPYU-UXRmOp3FmOsG0Xbx2sf6qJyZeneqrdyJUJxvgxytAUziAX6fSNBRAPAJgwk-dCKHVgeLPq3kxOxPRqnPujilP5ktMiq9Lu&sai=AMfl-YS18S-0PnBWfduzMz5sFIPZxbWz5nIQho-bIGmtFAEPROBt5IAhuZQiz7JOP1W6xjO3cBiSSjhwXWbLhmY7FkfempD6LvB21wEfSeaMYq2RLVN84lPMtrO6qoh9uJIZLW8NFM_qFioohNkxVp2p&sig=Cg0ArKJSzE-1Ho1bQOP4EAE&cid=CAQSTgAvHhf_EuVigNNQstouQdwILheQbsY8djvnFeXFRm6g2SjyNzG9J-jzQqHRSLaMoHl_gL5WVpcJk3zIwlkX2oGUEaO_AJB7jz62LE6bUhgB&id=lidar2&mcvt=1006&p=-72,0,428,200&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705277326084&rpt=1402&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0E83 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=4026012994216817&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		302 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YSHL9KB5ZR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6M9WT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c175e469988a10bde2be526e60aaaac42f3cdd428c224d9a4ec00e6fa80651d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98354
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 00:08:48 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6M9WT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 14 Jan 2024 23:01:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4030
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 15 Jan 2024 01:01:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		212 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6M9WT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Jan 2024 00:08:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kqV82b61G9MRjPgwWg1El1qa59QeDhIGiXUsD6dPWinTiCJMD/fUCCNU4WpU/oi8544dfigPEIST0feTtFnIAQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
track.js
assets.customer.io/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.108 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding
gzip
via
1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront)
date
Sun, 14 Jan 2024 13:57:56 GMT
last-modified
Fri, 11 Aug 2023 18:01:41 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
36654
x-amz-server-side-encryption
AES256
etag
W/"92f4f643083ddfd3fc572a181243cb46"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ElLODEL85rv6U-p5R847jqb0kYmksb5EJneuv2YLbUmYtA18qsVkXg==
events.js
analytics.tiktok.com/i18n/pixel/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJHUKKRC77UDFRIUFTIG&lib=ttq
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
41214c4a3abaf761271a9c28d3ef593ca0d5ff0cc3833f9359a48938ad6b700c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
b8674996.7b4cacc
date
Mon, 15 Jan 2024 00:08:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401150008495D6BE26D07C8AE361B52-6925F027B035F360-00
x-cache
TCP_MISS from a23-40-16-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
30,23.40.16.41
server-timing
cdn-cache; desc=MISS, edge; dur=24, origin; dur=7, inner; dur=3
content-length
1734
pragma
no-cache
server
nginx
x-tt-logid
202401150008495D6BE26D07C8AE361B52
x-cache-remote
TCP_MISS from a23-48-200-211.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.200.211
x-tt-trace-host
01957d3da87ed8dc7a7d9f04cf5747df6a4052e93acdb2003063afa502d49e034a34210b33179bc292d1387bc6ba3627ebc362dd63c955c4d49245b921109798a1b09719b178ffbef941890e7452453b34cb290a5c4b148463b4baefd8966302d48a02bd79b082a64ee56798b8b7f0e9bd
expires
Mon, 15 Jan 2024 00:08:49 GMT
route-tracker-min.js
www.routecdn.com/tracker/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.routecdn.com/tracker/route-tracker-min.js
Requested by
Host: www.contate.me
URL: https://www.contate.me/redirect/consultoriabenvenuto?cp=5511953939063&message=Ol%C3%A1%20Marco%20Antonio,%20recebi%20seu%20e-mail%20e%20quero%20saber%20mais%20informa%C3%A7%C3%B5es.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.75.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f574476f256a297153530890f674a1ce63afa9bc19c1e480d830c22d433f36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Apr 2021 19:59:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20762
etag
W/"a544-5bfcbf354fc02-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZVFCXH34CraquhoVaW9u2lDDxUu5Q0Z%2FA8ZNEhZekqUqTZMtiMFijqFub3IkQBUWcUOaioMV9h222kTEwIIDoyt1DLQA2YhrttVUkEML%2BAGNwF7oUbqb0jIIJUyOEjATX7I"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=86400
cf-ray
8459e2e7fdc23a0b-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Jan 2024 18:22:46 GMT
ptmd
dts.clnmde.com/ Frame 2478 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=17052773279153642191543_N4IgtgniBcDasEYA0AGJCBsa1ZQXTyRAHcBHGWQ8CAJwqoGMwGAjGEDADgBYBWAJgDsA3iCIMaYAA4UQCQSgGDBAZiGdOATm4rVKjAH0wAQwCWAOwMIQVYwBsALhV4p8RAM4B7GMhABTAA92FDEQdwZvaDkFJVUhA25uDWF+LU4ETlDwzwAzHw8Ipyj5RSE4wQSkzhS0jINOFn4UapYEFH4GTT8VP14cnL8AEwQGBG5BTiGGiazCvOhfbIdB9gA5AEFZz2X5gFp+Ij8Aa2N2bnljSZddlhUVY12EBD8-Xc1B64xeTQZjQZVBn4cjpQsc2AtxAA3dzsYAAHRAdk8vzsBncDk8NGMAHM-AjoAjzoJLr0UDc7g8ni83h8yV8fn8AUCdAikAj3H53O5TJ5LOjMTi8TBCRcrmTbvdHs9Xu9Pt9fv9AcCVKyERFPEdTH4DINjA5jPiRcSxeTJVSZbTdvSFUzlQiAL5ZfUOACuMLgKiQ-E9TSoAC9ThCQFJsexIaFsQALdglWJqQSaBC8fTcfgIRO8EFEaHsDAAOhQed4gn4oXsME9IByDBgj0ODlMMZiZXjoQYDBWUQAwpsPA5Q9A0GEjk3Ssp45VkgJaplDqYZFFOPmknmxnmMCpQpC-HQolIaJ4VocXYHfC7G0G-JC7BRQOZjGA-OwWKZBoCaAZX6FdfqYKAX2+O6fp2IDcFgW6mMBo5xuoWg6HoGAgPa9pIHeD5PlExgMF+RA-oGoBYV+USqJoLAYNwKCDCgLDjCgnTcCwZHvCMQKsK4Lg1tmkFEdEY7lBo2i6HciHIVQUg5nAVDuHY6LQS26hfKEdjzL4LCODAggYOIboOFBi5dgAqoIACKygIAAohBem8TBExwUJ+igsYC6wCAS55iua4bjYRA5CGRQgJogihDQQwwEO2I1gszbjqkxaaEQpAYb4OQXtwRBSAuvBYPaQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-YSHL9KB5ZR&gtm=45je41a0v887881818z86998674&_p=1705277328315&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=634487327.1705277325&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705277328&sct=1&seg=0&dl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&dt=&en=page_view&_fv=1&_ss=1&tfd=5293
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSHL9KB5ZR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contate.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YSHL9KB5ZR&cid=634487327.1705277325&gtm=45je41a0v887881818z86998674&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSHL9KB5ZR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contate.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YSHL9KB5ZR&cid=634487327.1705277325&gtm=45je41a0v887881818z86998674&aip=1&dma=0&gcd=11l1l1l1l1&z=770364835
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
gtm-nq5q6wf-zgnly.uc.r.appspot.com/g/ 		0
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gtm-nq5q6wf-zgnly.uc.r.appspot.com/g/collect?v=2&tid=G-YSHL9KB5ZR&gtm=45je41a0v887881818z86998674&_p=1705277328315&gcd=11l1l1l1l1&dma=0&cid=634487327.1705277325&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1705277328&sct=1&seg=0&dl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&dt=&en=PageView&ep.event_id=1705277328555.681485.1&ep.x-fb-ud-external_id=null&_et=3&tfd=5311
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YSHL9KB5ZR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.153 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:49 GMT
server
Google Frontend
content-type
text/html
x-cloud-trace-context
5797c11bceb2d5e07b929b67e9ef5f92
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 15 Jan 2024 00:08:49 GMT
pageviews
tracker.routecdn.com/track/ 		115 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.routecdn.com/track/pageviews?organizationId=53ea4a11ab3e3811086bce56
Requested by
Host: www.routecdn.com
URL: https://www.routecdn.com/tracker/route-tracker-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.75.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
95fd79238ed272e6caae369b19c081235113072440254b8293c468fb9942d6f2

Request headers

Accept
text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
https://www.contate.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 15 Jan 2024 00:08:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFtVD%2Fk6i%2FnmtGmua3kHBT4xhUbWKXoD%2Fmps4s9qie8Z9cl5ZOpB2yfvkdEsOgR5wPPbj%2FpO1tOK512OPA3eL0kgnx45Y5Kq%2FgaW39DmGRc66Kl30aZ%2BKf76J%2F6hcEtbMJIgw5kguQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.contate.me
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8459e2e8af5e3a0b-YYZ
expires
-1
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=97391175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=987952311&gjid=1859954480&cid=634487327.1705277325&tid=UA-56885757-1&_gid=1156744672.1705277329&_r=1&_slc=1&gtm=45He41a0n71P6M9WTv6998674&gcd=11l1l1l1l1&dma=0&z=834433761
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contate.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contate.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=159715789&gjid=620200186&_gid=1156744672.1705277329&_u=YCDAgEABRAAAAGAAI~&z=796309764
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contate.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contate.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MCD8NH6&cid=634487327.1705277325
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Google Tag Manager /
Resource Hash
e97fee8d564887d1be4d4e53a4a7bbaa1f413f548921905613dd37efee347f19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51846
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 Jan 2024 00:08:48 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=97391175&t=pageview&_s=1&dl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABRAAAACAAI~&jid=159715789&gjid=620200186&cid=634487327.1705277325&tid=UA-56885757-1&_gid=1156744672.1705277329&z=377463541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Jan 2024 02:47:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76849
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 21F6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?v60CEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
281726084193337
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/281726084193337?v=2.9.140&r=stable&domain=www.contate.me
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
d1b09657d52547d372355453b921e9ac5bfaf7d2253983e3ecbd1f11f0fe7d39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 Jan 2024 00:08:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
/PaH9MXqUOdCSMx8GqGkGi2QcrqSEYmFjUTc7Brb65jCHltqKl1kPXdjMo3OLEEMYm+JJlQctGja6msQoEiIgQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=987952311&gjid=1859954480&_gid=1156744672.1705277329&_u=YADAAEAAQAAAACAAI~&z=1063376086
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contate.me/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contate.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=159715789&_u=YCDAgEABRAAAAGAAI~&z=255409929
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=159715789&_u=YCDAgEABRAAAAGAAI~&z=255409929
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=987952311&_u=YADAAEAAQAAAACAAI~&z=1350482435
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f105.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-56885757-1&cid=634487327.1705277325&jid=987952311&_u=YADAAEAAQAAAACAAI~&z=1350482435
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=281726084193337&ev=PageView&dl=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&rl=&if=false&ts=1705277329156&sw=1600&sh=1200&ud[external_id]=74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b&v=2.9.140&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4158&fbp=fb.1.1705277328959.447040422&ler=empty&it=1705277328767&coo=false&eid=1705277328555.681485.1&tm=1&cdl=&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 Jan 2024 00:08:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8087468988098477
Requested by
Host: www.contate.me
URL: https://www.contate.me/_next/static/chunks/main-52d79d0e091148ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
edcddbfdb5fc700e6db3c332fd8e5a7daf4eedc8f33744e7255d455c2a24be41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.contate.me/
Origin
https://www.contate.me
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 00:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51489
x-xss-protection
0
server
cafe
etag
15110909720314473939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 00:08:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=4026012994216817&bg=!AAOlA0zNAAaumcC-jpk7ADQBe5WfOK4wAuOTuInswCSo0R235Ys4gKEmrI1xc__x1qP1XP9pNOsbc6KQaR5WJXTASHBVAgAAANNSAAAAA2gBB5kCveDiOSYImQI1WfgoPaPSfeyuLRQZcwB7mymICzD1R4BJll6QApjA782kVD_tGaPEku7HgQhK70VuWgURkN80VRJtrM3xqMaCf_S7IK5naB8czdS7mohC4znne8vSeT5MJttxpnQbm5M3MtKFWNXvVnx-SK78iUXxxanAA5IGLEbjVRgUQNaGpIywr65Kul6x24bs6AFnrjsh5aQKSV9Tx4ZVf_3TN5MWIwwcT1cGTYs98x4abiSIxrqMNeAiTSIIwSijSzbdZnXe75UfJqGsV9mrxwHbSJOJWWtI_Vp1BFomMx9JdeXkr4Q9VOnjiONCS1YTerScP5XGME71HZi6uyGymRU4CSvrfls08TJFySMcEb7uCZ9snVSgEpZFzb_oJuNNSz2uiF8BsUSpKe9_pYxKpwkejSFPeT4dJKbgwNselsmIhDPdvOl8VtViERWyV-wRyRRNIcRmFF9HvQiBmiuk94xFOWRR1TCiEGcrZ2PrWz_m8y6nMFv6_pCh3nkpSdpMUgdhZtkYQAQF4CqGQevuDAwDdEyB5xorIkfkfXfmje7oBS2Jjhh5Nw7KAzZaL8uTPACfpsy2h55RC1Mqf0mfUiB8clUS33FJ04JnQQ6L9EHbClWwmwgz9dvpf_XyXAOiz-Tthr8EW0N8ft6WmrP_HqRmPjZlEP9fbFhqbhkgjzV7p0Het3ANDoTQWjxPoorHdDTnKOqMkYuIGdXDjh5GE3Cm3wNd4lWpLbUwtEZEzCtINE66Fo9LBbjwJ-14rBM1SfTrrWM0jw_qbsbxhjOP_vXi0RGuc1ZgtEqn71hClJDlxPwPBIhvX49_2HROLc2uL-4hPU21RTEj78biNR59qQ8GA4E_kDsR2Yc4TbuKZYvT-BpnH-yD5RUrV-ZCuO5QCpFtxR_aHJjYn11QuKSUABF8lLohsegbIkqk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers
log
hblg.media.net/ Frame 2478 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDczOWI2NDBkMGI0NzBjOTRiYjY5ZDFjZWZjYjAwNTBj2J7AhwOYBwRDQRRjb250YXRlLm1lEjhDVVU5SkY4SBphc3dpZnRfMF9ob3N0DjE2MHg2MDAOd2VzdF9vcgQyMwZBRFgSOFBSMTEzSkdDDkJJRF9BUEkAGmFzd2lmdF8wX2hvc3QCMDhydGItZWJkYS02YzRjOTk0ZDRkLWJzNGZ2Lk9SPjE3MDAwOTAwMDA0ODEwMDAxNjAwNjAwMDAwNTk1MDACMAAiABBFWENIQU5HRQICYg&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:49 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 15 Jan 2024 00:08:49 GMT
bqi.php
lg3.media.net/ Frame 2478 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2889&lf=3&&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=410519468&vgd_tsce=L379&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349066&vgd_cdv=1147&vgd_cage=3&vgd_rensize=160_600&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~xjYMEv9.9AXi~myJLEYv9.9h~eBMJ-Nv9.Wi~e8QMQOvAHF~ONfvu~QNOvmz~eM1QzvuAFhWh~ejfLMQOvf9fH9uuHuH~8xLjMGvuffA.iF~xLjM7UNv9~Q7Ov1QB8k7M9MwmQ7~j1Q7v~e8QMxLjMGv9.XF~8EvulDJu5~kGGv9~e8QMxLjMjvu9~L88Ex1vH%2CX~J7vuX~LNvf%2Cf~LEQMQOvf9fH9uuHu9~e8QMGvhhX.HH~xLjMGv9.Wf~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vX99AfA~GGvuiF~eev9~jfLMGvu999~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvu%2Cu%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOv9~1AEMGvf.Af%2CAF.WH~Q8OvFWHXfhXfX~QOv9~x8OvAAiW8IVVXzORaXPKc5~G7OvhXXif9hufhF9XXFhXFfiXfXXWAFWuiffhAf9HufAFAhiHif9AAiuFWAHAufAhAuFFhXhiWW9FFhXfXiuAifHfAhWWFFfFFiAAAFFhWH~eBxv9.Wi~OfEMjvu9~AENkvu999~x8Yv9~myMYQwv9.9W~OYYMQ7Lyvw1LYmz5~OfEMGv9.iF~myOfEMGv9.if~exLjMGvu.uf~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvAF.WH~exLjMjvf9~%3DVvA9i9~UGMxNvof~z7Qvf~UGMNNUQvof~N7v7mLmz7m~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9XfhhAfX~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.Wi~8Q8kv9~G8Ov9.9h~ONvW~ejfLMGvf.Af~8exLjMjvf9~NGOEv9.9f9~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~e8JB1G8j875v9.Wi~EmQvu~N7LvH.hWfH99W4oH~1NM75EJvu~1OGjUvuWuffhuW9H~1YEvu~myG8Ov9.9h9~GkjLv9.9u9~Qx8Ov~O7NvBJQ7MmL~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzfF~QmGEv~-8OvKrtoExGoW9WhHFWiWW9iWHhh~w7Yjvu~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~ONx7vh9~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9A9AFHfXHXhhAXXAFX~JNEMEu9v9.9XW9AXXHHFui9A9fX~JNEMEuXv9.uffhuiXF9Fu9uhFui~JNEMEf9v9.uF9iX9hHiWiu9F9iW~JNEMEfXv9.uWFiWf9AWfWHuWiuA~JNEMEA9v9.fuhi9hWHHXhWiFWWA~JNEMEAXv9.fHfi99uAXhXF99AH~JNEMEH9v9.fhuhhhfhFuHWfFXWF~JNEMEHXv9.A9fAiFhFiHWHFiXF~JNEMEX9v9.AfFAHiufWfFiFffF~JNEMEXXv9.Ah9ifW9iihhWXhXA~JNEMEF9v9.HuffuuuHWf9WhAFiH~JNEMEFXv9.HFufhXXW9Xi9hWfHH~JNEMEh9v9.HiHAWH9hhiuFfhAF~JNEMEhXv9.XXH9Wif99FhuhAiX~JNEMEW9v9.FAu9HHiWAh9uhFiu~JNEMEWXv9.hXFXAfihfWW9AWfX~JNEMEi9vu.9uiXi9hXFuiiWuHW~JNEMEiXvu.WhA9HFff9WHh9hfF~JNEMEiivF.XFX9WuA9H9AA9HA~8GNvu~zQlvf~7yQvuf9-F99%7CuF9-F99~GQGv9~GQEv9~7Y-vfAX&vgd_lbt=1000&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CU7Q771E&crid=684527525&rrr=tzR-hLcl-L_t36u-hpQTI-iTDxua-eBYMdfayMvFzrrzQcobXbLGq19JsE7gR9kD7tw13Hf_lHM%3D&requrl=https%3A%2F%2Fwww.contate.me%2F&vi=1705277327889437336&ugd=4&cc=CA&sc=ON&bdrid=460&subBdr=196&startTime=1705277327704&l1ch=1&l1hcsd=l1!S5h9m|224&mmm=uXosNfIDqEk=&buid=349066&sttm=1705277327711&upk=1705277328.2947&hvsid=00001705277327711014459899518544&acid=739b640d0b470c94bb69d1cefcb0050c&verid=3111299&infr=1&twna=1&stime=1705277326242&tsrc=entity&kafm_ull_cache=00&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1705277327177616922&vgd_sc=ON&vgd_ecrid=1700090000481000160060000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p11189131521t202401150008&vgd_pgids=1&vgd_end=2
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
184.31.52.28 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-52-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

quic-version
0x00000001
pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 15 Jan 2024 00:08:49 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
15
expires
Mon, 15 Jan 2024 00:08:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2478 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPzHg06Z0VSQfnNhj5wXWbib1e0osk-bWmcEnkBdMYH0ihuQ8IVCEBBkJvVTAMPMKKegWzv3-st_lDSdzS6SgskIjoF1hwHJJwpWyk7hoKg3tT9QfhNjtp&sig=Cg0ArKJSzHjP6AF62ev2EAE&id=lidar2&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705277326230&rpt=1547&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Jan 2024 00:08:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.MTc3MGUxMzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		366 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJHUKKRC77UDFRIUFTIG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.34.59.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.contate.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
7b4cae0
date
Mon, 15 Jan 2024 00:08:49 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240112163221D1D38F4CD40B8B675B4F
x-tt-trace-id
00-240112163221D1D38F4CD40B8B675B4F-1A7AAEB866AD6E0E-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-40-16-41.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0169b1bd034b6b5d0083c278b8a3f29da2e86c46846006b2bad5aded8e40ef2d9269ecdc6dce155dd44436220155511ccea722aa7ed3d1f50170cf89f89f296f831f5de2afe9bff0c639a42ff498c6a8818160f59816ab1059a834ed306ca6cc4f
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
105338
page.gif
track.customer.io/events/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
track.customer.io
URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.contate.me%2Fredirect%2Fconsultoriabenvenuto%3Fcp%3D5511953939063%26message%3DOl%25C3%25A1%2520Marco%2520Antonio%2C%2520recebi%2520seu%2520e-mail%2520e%2520quero%2520saber%2520mais%2520informa%25C3%25A7%25C3%25B5es.&data%5Bcp%5D=5511953939063&data%5Bmessage%5D=Ol%C3%A1+Marco+Antonio%2C+recebi+seu+e-mail+e+quero+saber+mais+informa%C3%A7%C3%B5es.&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=4dd11156-af99-3bca-ceb0-787e18fbb831&site_id=d0f8d9f90ad2a29c1829&timestamp=1705277329792

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| FontAwesomeKitConfig function| google_spfd number| google_unique_id object| google_sv_map number| uidEvent function| Popper object| bootstrap function| Tether object| webpackChunk_N_E object| regeneratorRuntime object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| google_sa_queue function| google_sa_impl object| googletag object| dataLayer object| GoogleGcLKhOms function| postscribe object| google_tag_manager_external object| google_tag_manager string| GoogleAnalyticsObject function| ga string| _randomPageId function| fbq function| _fbq object| _fbq_gtm_ids object| sbjs object| _cio function| gtag string| TiktokAnalyticsObject object| ttq function| _route function| onYouTubeIframeAPIReady object| _rq object| gaplugins object| gaData object| google_optimize

20 Cookies

Domain/Path Name / Value
www.contate.me/ Name: __Host-next-auth.csrf-token
Value: faa732fbf0253ce570bb1b279724c57ee656a487a60bf8c3bce6d224f4456d40%7C2241fc6cb16c693c6f2545dd10c632435a635585386399601f47f04d74b916f8
www.contate.me/ Name: __Secure-next-auth.callback-url
Value: https%3A%2F%2Fwww.contate.me
.contate.me/ Name: __gads
Value: ID=2ef5604d6e714b1d:T=1705277325:RT=1705277325:S=ALNI_MZhuoM3roQATGRB2G71TIYjG91-CA
.contate.me/ Name: __gpi
Value: UID=00000db745d67519:T=1705277325:RT=1705277325:S=ALNI_MY5tnWM8JiWFaJzLMOVYHqJkQN7Fw
.doubleclick.net/ Name: IDE
Value: AHWqTUlFxzxLGdGXduz1I0z9sfXE7QMiAfjB1ouiH4W3ho1OBCbDvdnjPbQw0actTJY
.doubleclick.net/ Name: DSID
Value: NO_DATA
.media.net/ Name: visitor-id
Value: 3482789278995115000V10
.googleadservices.com/ Name: ar_debug
Value: 1
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1705277327_448875289818
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1705277327_448875289818_8b2087b102c9e3e5ffed1c1478ed8b78
.media.net/ Name: data-g
Value: CAESEO4rvmrxe83VI_EMqjIp8q8~~6
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: 417a8e50-b33a-11ee-9d50-659cad3def43
.contate.me/ Name: _gcl_au
Value: 1.1.1584417545.1705277329
.contate.me/ Name: gclid
Value: null
.contate.me/ Name: _ga_YSHL9KB5ZR
Value: GS1.1.1705277328.1.0.1705277328.60.0.0
.contate.me/ Name: _ga
Value: GA1.2.634487327.1705277325
.contate.me/ Name: _gid
Value: GA1.2.1156744672.1705277329
.contate.me/ Name: _gat_UA-56885757-1
Value: 1
.contate.me/ Name: _gat
Value: 1
.contate.me/ Name: _fbp
Value: fb.1.1705277328959.447040422

2 Console Messages

Source Level URL
Text
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU7Q771E&noCookies=true(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://tracker.routecdn.com/track/pageviews?organizationId=53ea4a11ab3e3811086bce56
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
assets.customer.io
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contate.me
contextual.media.net
cs.media.net
dts.clnmde.com
dts6.clnmde.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-nq5q6wf-zgnly.uc.r.appspot.com
hblg.media.net
ka-f.fontawesome.com
kit.fontawesome.com
lg3.media.net
p4-db6wfwz52valq-7nibzuxg64fqrhcw-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
static-umbler.s3.us-east-2.amazonaws.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.customer.io
tracker.routecdn.com
warp.media.net
www.contate.me
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.routecdn.com
track.customer.io
104.17.24.14
104.18.40.68
104.21.41.244
104.21.75.196
142.251.16.105
142.251.16.157
142.251.16.94
142.251.167.101
142.251.167.113
142.251.167.156
142.251.167.94
151.101.65.229
172.253.115.153
172.253.122.132
172.253.122.155
172.253.62.157
172.253.62.94
172.253.63.155
172.253.63.94
172.253.63.95
172.253.63.97
172.64.165.7
18.238.4.108
184.31.52.28
23.212.72.24
23.222.192.28
23.223.17.198
23.34.59.41
23.40.207.233
31.13.66.19
31.13.66.35
34.111.96.116
52.219.94.154
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
1554b4fa9a9ed10894685688b767410e6d3c31c20a796d24c62d0da0c44cbd36
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b19604debfcfbec5a45c0f6584b9c081429e05f6346fafe1a1fd1f62df54f73
1d00d4c6e02bbd9df12b60623cbcc68a5d992818092b21f843e9e71c717b3ac8
25770e9f24fa0e4a3e9c4629e5c2813dff6cf72a70c10bcb7f9ee5dc04b4d45a
27d03843252cb6d09c622d237c33188beac9e4e7dcb25a2c0ad42af873481cea
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f979ec8bc1dfc35cc4bad965f2ed5f5dca3e1f95d770bf00964281fb7a3da76
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
310c66eaee56d4aacdcff95721e1105b7cb5ea3abef176b7c0d36e1397eb6b75
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
387bdef729359ac18426a8e9b37cc472f0fe3a7e9b82e65f47014e93faf9339f
3c7c6dad04fd7289c756aa32a1697ecd774570d6417cea6080a83eb2ea956aa3
41214c4a3abaf761271a9c28d3ef593ca0d5ff0cc3833f9359a48938ad6b700c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46677766341d84366c50ec4b72473e0d042cbf29eba0b29bf22e7af04b7e639a
4b9b91f60d928f6bcbb51c70c52d968257b784c043dd7432130eb8f5eaed41d7
4c91420d424894795d019a0e6a1506c66a2d731251895d99c0bdb3b70ff4b196
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7b12016a30ccf0b21c216a5ea587481b887d650c48296296fc177a6078ecec
50126888c6b8a3130c16fbcce572c5850d1bf81f05fa3c7a1b99b04dab2aea23
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
666f2634c0b03396a7938c04b6a168142fec4f6e26a1881acc7c6d863494c3d4
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
780fef0d13fd88989022f1d7a5b63ef3ad72455a4657dce2a9340cb402f4d0a0
7815ba157ef92eed30e05c3e32fd143b2f61a8c764a0ca1aca2ce5a6136f607b
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7f52c8ff00887f1ff709cded4ca1083adaf47dc699657ba33633d19632d1c836
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f18ee4a98c5a0093967cd598a3a2faf2cc97b501ff3691faec188964d0e0f4
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86b014f0d148f0961c9e70622eb9db2f1e8efd55901f09e14913049eed57a721
8c92f1ec3dfce9902818e1b48f5a94e163900b56db26cc2056044a50c146a3e7
95bce7aba1c3a16b4a5263ac105d8fe36173f4f1215c89e6c85b68e4fb9aabc7
95fd79238ed272e6caae369b19c081235113072440254b8293c468fb9942d6f2
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
a13bb62183cd9a94e3971e7f5bf2a528812a6b88295c7cbf09d342e158de1dc5
a78e834d5198b5c4902488636ca128f284fc1169b6b68106523900ef87bdfef6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b13c78313b465e08f46bdb511cdbd97dc2760d2d62945cd2624c72ab326bae59
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
b85865508ae159639967ac5625223ad6593134f219c299967a7643a957cec33b
bfcf68d7479d7f5d3244af0971d7b67c12bc9fe8f6d6eab36e1b721550bec12d
c175e469988a10bde2be526e60aaaac42f3cdd428c224d9a4ec00e6fa80651d2
c18c2bca4bc55564c2f39c7d9fa1a8af7f5c5d7d721529e9bc9c1c3935eb01e9
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9f574476f256a297153530890f674a1ce63afa9bc19c1e480d830c22d433f36
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0de96421eff1016d5bc5dba1eac3e3d69e119aa65002b4cec1634ab3b8d047d
d106950468ec8cf3f14d04d8e9daf2850eb6da310ee1d3d84e5fe9e10cff316c
d1b09657d52547d372355453b921e9ac5bfaf7d2253983e3ecbd1f11f0fe7d39
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7c6e6af183bdd6ca610aa285a24a365bfa663b2a8079b443eae466d2b93cc58
e97fee8d564887d1be4d4e53a4a7bbaa1f413f548921905613dd37efee347f19
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
edcddbfdb5fc700e6db3c332fd8e5a7daf4eedc8f33744e7255d455c2a24be41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef44ef29bf4b186080ca220259af504007aa006e8fc2e2dc744eb4c8c605586c
ef77e7ef0bbf3f0cda95afad5d737b8aa66bbe59ebc981e29ae3f0446459f4e0
f4003166721fe2a3d37daee2b042bb3ebe0dde68c0276a73c6abab7ef947836b
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f