www.nsctotal.com.br Open in urlscan Pro
151.101.2.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.nsctotal.com.br/
Effective URL:
https://www.nsctotal.com.br/home
Submission: On September 16 via manual (September 16th 2022, 8:58:49 pm UTC) from BR — Scanned from DE

Summary HTTP 292 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 61 IPs in 10 countries across 46 domains to perform 292 HTTP transactions. The main IP is 151.101.2.133, located in United States and belongs to FASTLY, US. The main domain is www.nsctotal.com.br. The Cisco Umbrella rank of the primary domain is 853297.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 8th 2021. Valid for: a year.

This is the only time www.nsctotal.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 88	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:b7b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:e200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
17	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.86.116.177 54.86.116.177	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
13	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2010	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 5	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:4d12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.189.51 13.224.189.51	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	44.237.248.18 44.237.248.18	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	52.216.18.16 52.216.18.16	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.67 13.224.189.67	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:350... 2a02:26f0:3500:898::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:303... 2606:4700:3037::ac43:cb88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.85.120 147.75.85.120	54825 (PACKET) (PACKET)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 9	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
3	147.75.83.64 147.75.83.64	54825 (PACKET) (PACKET)
4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.132.138.70 18.132.138.70	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	72.251.249.14 72.251.249.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.124 13.225.78.124	16509 (AMAZON-02) (AMAZON-02)
2	3.8.108.133 3.8.108.133	16509 (AMAZON-02) (AMAZON-02)
292	61

88 151.101.2.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.nsctotal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.nsctotal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.nsctotal.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b7b1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:e200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.116.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-116-177.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4d12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-51.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.248.18 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-248-18.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.18.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ac-landing-pages-user-uploads-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-67.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:898::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:cb88 (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2a69 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.120 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

api.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.83.64 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Nagold, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.149 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.138.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (Istanbul, Turkey) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.8.108.133 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-8-108-133.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
88	nsctotal.com.br 1 redirects www.nsctotal.com.br — Cisco Umbrella Rank: 853297 files.nsctotal.com.br api.nsctotal.com.br	1 MB
38	googlesyndication.com 02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	733 KB
33	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 120080	395 KB
13	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	127 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
11	tinypass.com cdn.tinypass.com — Cisco Umbrella Rank: 5533 buy.tinypass.com — Cisco Umbrella Rank: 4532	340 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 47178 hal90009.redintelligence.net — Cisco Umbrella Rank: 292856	39 KB
8	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 4864 api.cxense.com — Cisco Umbrella Rank: 6864 p1cluster.cxense.com — Cisco Umbrella Rank: 7411 comcluster.cxense.com — Cisco Umbrella Rank: 4637 id.cxense.com — Cisco Umbrella Rank: 9015	71 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	60 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	766 B
6	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 120461 osp-assets.pn.vg — Cisco Umbrella Rank: 138391 cookies.pn.vg — Cisco Umbrella Rank: 146406 api.pn.vg — Cisco Umbrella Rank: 155336	66 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 24031 usr.navdmp.com — Cisco Umbrella Rank: 28043 cdn.navdmp.com — Cisco Umbrella Rank: 6010 sync2.navdmp.com — Cisco Umbrella Rank: 47169 sync.navdmp.com — Cisco Umbrella Rank: 9156	6 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	116 KB
5	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 959	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	175 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9081 www.google.de — Cisco Umbrella Rank: 6352	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	279 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 23027 api.webgains.io — Cisco Umbrella Rank: 59421	85 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 50445 medialead.de — Cisco Umbrella Rank: 50019	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	3 KB
3	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 869 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	914 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852	69 KB
3	gstatic.com fonts.gstatic.com	42 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1317 mab.chartbeat.com — Cisco Umbrella Rank: 2270	25 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 gadasource.storage.googleapis.com — Cisco Umbrella Rank: 56199	26 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 597	1 KB
2	amazonaws.com ac-landing-pages-user-uploads-production.s3.amazonaws.com — Cisco Umbrella Rank: 387387	317 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 7865 prism.app-us1.com — Cisco Umbrella Rank: 8177	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	163 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591	438 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 873	75 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 754	335 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	351 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2350	172 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16122	702 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 130001	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 48798	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 358813	728 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 49584	629 B
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 7939	289 B
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 117251	461 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	16 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1220	201 B
1	piano.io c2.piano.io — Cisco Umbrella Rank: 4225	2 KB
292	46

	Domain	Requested by
43	files.nsctotal.com.br	www.nsctotal.com.br
42	www.nsctotal.com.br	1 redirects www.nsctotal.com.br cdn.pn.vg
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.nsctotal.com.br
17	securepubads.g.doubleclick.net	www.nsctotal.com.br securepubads.g.doubleclick.net buy.tinypass.com www.googletagservices.com
16	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com tpc.googlesyndication.com www.nsctotal.com.br www.googletagservices.com
13	cdnjs.cloudflare.com	www.googletagmanager.com buy.tinypass.com
10	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com cdnjs.cloudflare.com
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
9	www.google.com	www.nsctotal.com.br securepubads.g.doubleclick.net 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com tpc.googlesyndication.com
6	www.facebook.com	www.nsctotal.com.br
6	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
6	www.google-analytics.com	www.googletagmanager.com www.nsctotal.com.br www.google-analytics.com
5	hal90009.redintelligence.net	1 redirects 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com hal90009.redintelligence.net
5	pixel.mathtag.com	1 redirects www.googletagmanager.com pixel.mathtag.com www.nsctotal.com.br
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	hal9000.redintelligence.net	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com hal90009.redintelligence.net
4	www.googletagservices.com	securepubads.g.doubleclick.net 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
4	cdn.cxense.com	www.nsctotal.com.br cdn.cxense.com
4	connect.facebook.net	www.nsctotal.com.br connect.facebook.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.de	www.nsctotal.com.br
3	googleads.g.doubleclick.net	www.googleadservices.com 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com www.nsctotal.com.br
3	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
3	api.nsctotal.com.br	www.nsctotal.com.br
3	fonts.gstatic.com	fonts.googleapis.com
2	api.webgains.io	analytics.webgains.io
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.nsctotal.com.br
2	pv.medialead.de	2 redirects
2	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ac-landing-pages-user-uploads-production.s3.amazonaws.com	buy.tinypass.com
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	tag.navdmp.com	www.nsctotal.com.br tag.navdmp.com
2	www.googletagmanager.com	www.nsctotal.com.br www.googletagmanager.com
2	static.chartbeat.com	www.nsctotal.com.br
2	fonts.googleapis.com	www.nsctotal.com.br hal90009.redintelligence.net
1	cdn.track.production.webgains.team	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	ssbsync.smartadserver.com	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	onetag-sys.com	1 redirects
1	image6.pubmatic.com	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	rtb.openx.net	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	tr.blismedia.com	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	www.awin1.com	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	ad-server.eu	800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	www.nsctotal.com.br
1	adv.office-partner.de	hal90009.redintelligence.net
1	pb.media01.eu	hal90009.redintelligence.net
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	p1cluster.cxense.com	cdn.cxense.com
1	cms.analytics.yahoo.com	www.nsctotal.com.br
1	sync.navdmp.com	www.nsctotal.com.br
1	sync2.navdmp.com	www.nsctotal.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	api.pn.vg	cdn.pn.vg
1	api.cxense.com	cdn.cxense.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	cookies.pn.vg	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	usr.navdmp.com	tag.navdmp.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	vars.hotjar.com	static.hotjar.com
1	ivccf.ivcbrasil.org.br	www.nsctotal.com.br
1	02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	diffuser-cdn.app-us1.com	www.nsctotal.com.br
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	gadasource.storage.googleapis.com	www.nsctotal.com.br
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.nsctotal.com.br
1	c2.piano.io	cdn.tinypass.com
1	cdn.tinypass.com	www.nsctotal.com.br
292	79

This site contains links to these domains. Also see Links.

Domain
www.atlantidasc.com.br
www.itapemafm.com.br
nsctotal.com.br
clubensc.com.br
especiais.nsctotal.com.br
loja.nsctotal.com.br
flip.nsctotal.com.br
enem.nsctotal.com.br
adrenaline.com.br
mundoconectado.com.br
trivela.com.br
www.euquerosc.com.br
www.facebook.com
www.instagram.com
www.nsccomunicacao.com.br
negociossc.com.br
publicidadelegal.nsctotal.com.br
blogdoenem.com.br
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
*.nsctotal.com.br Go Daddy Secure Certificate Authority - G2	`2021-09-08` - `2022-10-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-12` - `2023-09-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-26` - `2022-09-24`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.ivcbrasil.org.br Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-17` - `2023-04-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2022-09-03` - `2022-12-02`	3 months	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-08-08` - `2023-09-06`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.nsctotal.com.br/home
Frame ID: 6EF763259C68AD044865A21D0D5BBADD
Requests: 177 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
Frame ID: 851A8BCAF96F09AE306B5C617A11DE6A
Requests: 26 HTTP requests in this frame

Frame: https://02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22CA70CE3E3EE215BFCD26E67AAEBC30
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=782b6324-e381-4d00-a42a-afd6552e9d8d&no_iframe=1&mt_adid=207808&source=mathtag
Frame ID: 5403A8EF40012A5D8F57C742D5BF9CA3
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 8544D1368B079A5558334A1F48FB599C
Requests: 1 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: A0B88C6CC3615C878967C0BF57F5344D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBDIRfla-NtNL2Y4j8_qWmMH4YMpxxJasRvyu0UAHYPpmcUmD758jogBAdOXTPASH-dY0z3WH1-v0oeOWusnvs0c8yC4BR3Yt1cWvQRr9BltNpaReKYdt6lpfmKRgdrAwiZ6Li6wgjnZL9CAP664dbWKDGd7cMeuZPpnqe_rEUErNRjSdl61COMYx8AuMIDkhsarMjzvXNvWlB516xp2fzaBXnZ7thNyRrfBHz98td45ZacmyEGwFjLyT9BIXe8h0eR8tvJ-3dlGyQ6_8s7Dt0InbIVNJpWcSq9l44rh1LMKqSim6mAmw9X-ltDeMbtyiq0HAmbmPj7aAkC4tiabY&sai=AMfl-YRqhr-tu1MzYewucThZieSozQHNtkevGoo5ehxyoW1xXgr8jVG_7_cHGriHyN-HfTYZV3ie2O3r0185GW-78hYQvZuC13LF7U66y7DX3rCOfLeAPjAEr5lyFGXZ6xpsyQ&sig=Cg0ArKJSzCSVNBQqQdh_EAE&uach_m=[UACH]&adurl=
Frame ID: EBD3CE21F56D839A825D61C8E0349513
Requests: 9 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: D181E11A8FCB5B5748502DED72692C1A
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN2sNILqXQAwZEQcgCx8agmCdEfQqUcaRcYJ8WW2_dPCuQw2NV7Q-LkebuVjiYuj3htkUvw-YYmPa95KXrNt27MlUHM830m3EObrPampdI4Xjt4JmwhJ7ZPHKjYftex4x_TcE5w2ODx3sCPVUP9nY8SYK3qJreBw0mBfCpOb5j532WmW4vd-KSo-XonoUIY3nHjtF6P4n_m_xmEogs60HeLTD3TobZDpmey-JRPdKqvAH_DMp3xIpOVSMWl0BmToz8huzpfJkY36ZGIE2YsNpYxG8kT3UCyBNqG-t5PzvjH_bE61P8xAfFnnZV0DiVuWWoc-Pu-oXdPL8iRSZmnf7N&sai=AMfl-YQ6PSNjjE1_xI8Lyaz4H92nTW2UuJXHLKRIuYXP13JkdPoJ88KrDoOZsukqo_rZ40gNE4T1WO6Xf6L3L-EZq1acnQ6_bMH0a4v78ZfbjL8z1bo9Ssq54-jBLcsu2VaeAw&sig=Cg0ArKJSzJKgS3JU-qCNEAE&uach_m=[UACH]&adurl=
Frame ID: C165E91EA79E4B3687B835D43896CBC2
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK0jcv93XcJ5kjtPRlb18W9STjSQRZ6sLVv4s6P6KR2jrqktDGMquXSJ6Svlye9ABR4YCIqtS3beut89qDHrRmhy-HOVGKl22zZNWPdWaVjIThkjury7iIEvpCV7zCSuz4OZSA54m5uUMDAt5oRSBu7DWnOhAUnXq-mrnR_6I_VBliEBy_EP6fIWHd8dwcAzT9B7B818KtF_19YitCe7dkziBzx4quFuuPRCjO8WozgsOM88bxkbok18yTIzAAUhoIkV68bnMyvYdSNDvcFMAXJ6ew5lvWBRPIXMQF-6C7qPYGevYYX_GotPYjRKw9Jaxy5Fy6Jcb1ksYpWkX9rAm3&sai=AMfl-YRT4LSDtA21hIPqVgUgydiR2Y2WdJYMaXEMGV6mrPZgYKkSfHr_ow_4g6pa8cEM81MOXmq0X4J9tS6e8hoZ-G33-Jl115qr1tkbB7Z4BfCT8-7jFhufRoGx7mwLg7OGDw&sig=Cg0ArKJSzHpL6HJgMnv0EAE&uach_m=[UACH]&adurl=
Frame ID: BDD5FAE2C570FAD9E85B0C1303290F5D
Requests: 9 HTTP requests in this frame

Frame: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C90BA6B7282D27F5830B92D79AF10AEA
Requests: 1 HTTP requests in this frame

Frame: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4EFB12176DA67A2C7856A3C1C61CA6F5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVB-YAHnhAi4qsSySK6f3FrJNvq_1WBoKUma2KlA5XhgqaOdYzsVCXUyepzQlRKnry84o4jWa12os2GqRMrPtIXQO-Gb2GHXzT1MdcN4PVPYfiPxFeX6s2EFqPIv31vgjQB6X86vBWLioZcLGOu-GCL3CCHcbWhmAZ0quRvhFbOLhIPVDs
Frame ID: 07DB45A7E9EB2B6E64630B352AE326EA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3597A43635FEA61FAB6A88F160C7736
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5F9E18C838FD13D36B074901834DCF0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 93E19CE149E300CA22AA64D6AD24AC94
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Frame ID: DE43B8FBDBB30E36461C6A912312B3AF
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 10EEC61F66900414F8378FD38D3C486E
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113
Frame ID: 7B46C7A811FCDA46854F05296AF2CDBC
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Frame ID: 88C68E436C67A456169B073FDDE019BA
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51E0152E08B4B508DB9D2B54EB6AC989
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2EE337C5BD7F5C46B85DB73D9F65C979
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0C536177FF9B0B9B6BD35916E01D7D00
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NSC Total - Notícias de Santa Catarina, Brasil e do MundoBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://www.nsctotal.com.br/ HTTP 301
https://www.nsctotal.com.br/home Page URL

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

292
Requests

96 %
HTTPS

46 %
IPv6

46
Domains

79
Subdomains

61
IPs

10
Countries

4237 kB
Transfer

10724 kB
Size

57
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.atlantidasc.com.br/
Title: Atlântida

Search URL Search Domain Scan URL

URL: http://www.itapemafm.com.br/
Title: Itapema

Search URL Search Domain Scan URL

URL: https://nsctotal.com.br/especiais/clube-nsc
Title: Clube NSC

Search URL Search Domain Scan URL

URL: https://www.itapemafm.com.br/

Search URL Search Domain Scan URL

URL: https://clubensc.com.br/

Search URL Search Domain Scan URL

URL: https://especiais.nsctotal.com.br/guia-das-eleicoes-2022/?_ga=2.48216676.2133939864.1659607291-1363646647.1659607291
Title: guia das eleições 2022

Search URL Search Domain Scan URL

URL: https://loja.nsctotal.com.br/newsletter
Title: newsletters nsc total

Search URL Search Domain Scan URL

URL: https://flip.nsctotal.com.br/
Title: jornal digital

Search URL Search Domain Scan URL

URL: http://nsctotal.com.br/monitor-vacina
Title: monitor da vacina

Search URL Search Domain Scan URL

URL: https://enem.nsctotal.com.br/
Title: educação - blog do enem

Search URL Search Domain Scan URL

URL: https://adrenaline.com.br/?utm_source=NSCTotal&utm_medium=games&utm_campaign=parceiro&utm_content=menu
Title: games - adrenaline

Search URL Search Domain Scan URL

URL: https://mundoconectado.com.br/?utm_source=NSCTotal&utm_medium=tech&utm_campaign=parceiro&utm_content=menu
Title: tech - mundo conectado

Search URL Search Domain Scan URL

URL: https://trivela.com.br/?utm_source=NSCTotal&utm_medium=futebol&utm_campaign=parceiro&utm_content=menu
Title: futebol - trivela

Search URL Search Domain Scan URL

URL: https://www.euquerosc.com.br/
Title: empregos

Search URL Search Domain Scan URL

URL: http://nsctotal.com.br/horoscopo
Title: horóscopo

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nsctotal

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nsctotal/

Search URL Search Domain Scan URL

URL: https://www.nsccomunicacao.com.br/trabalhe-conosco/#trabalhe-conosco
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://www.nsccomunicacao.com.br/contato/#contato
Title: Fale Conosco

Search URL Search Domain Scan URL

URL: https://negociossc.com.br/
Title: anuncie na

Search URL Search Domain Scan URL

URL: https://publicidadelegal.nsctotal.com.br/
Title: Publicidade Legal: confira editais, balanços e publicações de exigência legal de SC

Search URL Search Domain Scan URL

URL: https://adrenaline.com.br/?utm_source=NSCTotal
Title: Adrenaline

Search URL Search Domain Scan URL

URL: https://adrenaline.com.br/noticias/v/78721/hollow-knight-silksong-e-confirmado-tambem-para-ps4-e-ps5
Title: "Hollow Knight: Silksong" é confirmado também para PS4 e PS5

Search URL Search Domain Scan URL

URL: https://mundoconectado.com.br/?utm_source=NSCTotal
Title: Mundo Conectado

Search URL Search Domain Scan URL

URL: https://mundoconectado.com.br/videos/v/28400/como-a-intel-faz-seus-chips-visitei-a-fabrica-em-israel
Title: Como a Intel faz seus chips? Visitamos a fábrica em Israel

Search URL Search Domain Scan URL

URL: https://trivela.com.br/?utm_source=NSCTotal
Title: Trivela

Search URL Search Domain Scan URL

URL: https://trivela.com.br/espanha/um-racista-resolveu-chamar-vinicius-junior-de-macaco-na-tv-espanhola-e-foi-de-uma-critica-ridicula-ao-crime/
Title: Vinícius Júnior é alvo de racismo em TV espanhola; entenda o caso

Search URL Search Domain Scan URL

URL: https://blogdoenem.com.br/?utm_source=NSCTotal
Title: Blog do Enem

Search URL Search Domain Scan URL

URL: https://blogdoenem.com.br/
Title: Simulado, apostilas e notas de corte: saiba tudo sobre o Enem

Search URL Search Domain Scan URL

URL: https://especiais.nsctotal.com.br/guia-das-eleicoes-2022/

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nsctotal.com.br/ HTTP 301
https://www.nsctotal.com.br/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=74728169801 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=74728169801&google_gid=CAESEF1FD4nXoTVZX7v8JcxcP3Y&google_cver=1

Request Chain 205

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=782b6324-e381-4d00-a42a-afd6552e9d8d

Request Chain 237

https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 238

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyTjg4tk-OXMtRJBOqEYzAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECE1WhcjCxrQtedPZqGWH8Y&google_cver=1

Request Chain 241

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzQ5MTM1MTYwNjU1MjYxMw%3D%3D

Request Chain 245

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=

Request Chain 248

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113

Request Chain 250

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 261

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJzDEHNFjQGaBPVoZA5MoDs&google_cver=1&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJzDEHNFjQGaBPVoZA5MoDs&google_cver=1&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35&google_hm=FU-KpGZHXHCeNcP4TjOGM4nu

Request Chain 262

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFyWeDDaUF7wfg8CYfOGA_k&google_cver=1&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYWchPJxYhaJtL4WLBD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYWchPJxYhaJtL4WLBD

Request Chain 264

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECDkWzDUjxAA1vbWl-Ydf5Y&google_cver=1&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL7dnLevWD-9EtKOs2KXnjmWWV7o HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECDkWzDUjxAA1vbWl-Ydf5Y&google_cver=1&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL7dnLevWD-9EtKOs2KXnjmWWV7o&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaU1yeHVGRTJ1RzdmMk9OeTN5U0U1SDhUY0VBVVpmRn5B&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL7dnLevWD-9EtKOs2KXnjmWWV7o

292 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request home Show response
www.nsctotal.com.br/
Redirect Chain

https://www.nsctotal.com.br/
https://www.nsctotal.com.br/home

443 KB
62 KB

10ms
9ms

Document
text/html

151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Next.js

Resource Hash

54c9b3caa0c53ed38ee347b57cdc8acfbf0f8ac13bce735314f87a4836b8dbd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 303
cache-control: public, max-age=0
content-encoding: gzip
content-length: 63068
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 20:58:38 GMT
etag: "6ea7c-VVLH5aNB8sRWfVWKlXo9O+/oQp4"
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-powered-by: Next.js
x-served-by: cache-cgh11147-CGH, cache-hhn4045-HHN
x-timer: S1663361919.595362,VS0,VE3

Redirect headers

accept-ranges: bytes
age: 2117285
cache-control: public, max-age=0
content-length: 66
content-type: text/html; charset=utf-8
date: Fri, 16 Sep 2022 20:58:38 GMT
location: /home
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31557600
vary: Accept
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-powered-by: Express
x-served-by: cache-cgh11143-CGH, cache-hhn4045-HHN
x-timer: S1663361919.585983,VS0,VE2

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 324 KB
94 KB 94ms
31ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8722
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: M1FRGT5ES6YX41Z3
x-amz-id-2: El4GxwuQaZk84M4VYsMXIIoLq2+URkCwNaM5R/JyZ+CAr2nBQoofNw8bIzg7n6zfftK2Pdb+TjA=
last-modified: Fri, 16 Sep 2022 09:29:34 GMT
server: cloudflare
etag: W/"15581b223b4f44668855811bdcfb4bae"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
x-amz-version-id: D7jP9lM0viGhWei0PFS5RAKzqM2zrSNi
cf-ray: 74bc8577cd569c0c-FRA
expires: Sat, 17 Sep 2022 00:58:38 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700|Source+Serif+Pro:400|Roboto:400,700&display=swap

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16a46797835f96a806f286dcadc587390caff0d6c2f26e1a665f84ff9924b39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 20:58:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 20:58:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 20:58:38 GMT

GET
H2 200 home.js Show response
www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/pages/ 1 KB
792 B 16ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/pages/home.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a8c6bf6cfa12e2869a8c4ea1ae7bfe4e780be410d6010e38d6e983de369d69f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305901
x-powered-by: Express
x-cache: HIT, HIT
content-length: 682
x-served-by: cache-cgh11150-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.635249,VS0,VE1
etag: W/"4ab-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 _app.js Show response
www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/pages/ 5 KB
2 KB 15ms
6ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/pages/_app.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

0e8864299c990b35e5ea70c2f1950ad526024364202940e41631c7151480deb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305901
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2331
x-served-by: cache-cgh11123-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.635470,VS0,VE1
etag: W/"1476-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 webpack-1b60a8d52a52b65fd7b4.js Show response
www.nsctotal.com.br/_next/static/runtime/ 4 KB
2 KB 47ms
39ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/runtime/webpack-1b60a8d52a52b65fd7b4.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

bf494305df34dcf69021b9c924cc5670b19b5e259be3e4c05b484028bb033647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305901
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2041
x-served-by: cache-cgh11165-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.635456,VS0,VE11
etag: W/"e4f-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 framework.57bcec62c39ab624af97.js Show response
www.nsctotal.com.br/_next/static/chunks/ 143 KB
45 KB 15ms
8ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/framework.57bcec62c39ab624af97.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

60c1d5c94daed3fea1c1934db2a7cee4fd4a0a7e3daaede741644846b027659f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743207
x-powered-by: Express
x-cache: HIT, HIT
content-length: 46150
x-served-by: cache-cgh11145-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:15:54 GMT
server: nginx
x-timer: S1663361919.635432,VS0,VE1
etag: W/"23b96-182a46f9b90"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 17839, 1

GET
H2 200 commons.453eed4a1a604262ade8.js Show response
www.nsctotal.com.br/_next/static/chunks/ 28 KB
10 KB 22ms
14ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/commons.453eed4a1a604262ade8.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

9c9c3f901fde00341ee3cd9d48726c805c871cffa975b8bdcd975e4fababf357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743207
x-powered-by: Express
x-cache: HIT, HIT
content-length: 9962
x-served-by: cache-cgh11145-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:15:54 GMT
server: nginx
x-timer: S1663361919.636858,VS0,VE4
etag: W/"6fa9-182a46f9b90"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 7685, 1

GET
H2 200 05fde37666419507b81960698199297f7875eb51.dc319e48b62b5354fbd7.js Show response
www.nsctotal.com.br/_next/static/chunks/ 137 KB
41 KB 20ms
12ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/05fde37666419507b81960698199297f7875eb51.dc319e48b62b5354fbd7.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

eaa407741c5d8f9461727714a604711a40babebb95f911f8ebd25626b2d1deb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305901
x-powered-by: Express
x-cache: HIT, HIT
content-length: 42106
x-served-by: cache-cgh11147-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.636850,VS0,VE1
etag: W/"22593-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 2b018f3c2e76210e4a9ecbdceaa03b526a954de9.56bfe2aa15347c96ca17.js Show response
www.nsctotal.com.br/_next/static/chunks/ 610 KB
162 KB 22ms
15ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/2b018f3c2e76210e4a9ecbdceaa03b526a954de9.56bfe2aa15347c96ca17.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

90ce7100029ba04e44bb3bb47a81b10ab0c4853575d4694725f6b164bc71dc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 165222
x-served-by: cache-cgh11153-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.636802,VS0,VE6
etag: W/"9879b-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 9c2a33cd0f13d7c0abaf86c4c89c96a4321d7028.bcac1cbe3c03cd1ef2c1.js Show response
www.nsctotal.com.br/_next/static/chunks/ 33 KB
10 KB 16ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/9c2a33cd0f13d7c0abaf86c4c89c96a4321d7028.bcac1cbe3c03cd1ef2c1.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8d0a5a2a67e4e20d7b5ce3bc93a8eb53d933f5061b67559c4aec3f96eaa268ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 10243
x-served-by: cache-cgh11173-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.636789,VS0,VE1
etag: W/"84a8-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 b42b4190c4d97239713d9e613c225fd5cb4c9879.68987433612aa32bd271.js Show response
www.nsctotal.com.br/_next/static/chunks/ 21 KB
7 KB 44ms
37ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/b42b4190c4d97239713d9e613c225fd5cb4c9879.68987433612aa32bd271.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

1939ec531628d7f92e536a5aa3672724e4bead2918292dbea9e82072aed5ee03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 6585
x-served-by: cache-cgh11155-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.636762,VS0,VE8
etag: W/"52b8-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 main-54e5c3324e0d19fa8444.js Show response
www.nsctotal.com.br/_next/static/runtime/ 15 KB
6 KB 21ms
15ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/runtime/main-54e5c3324e0d19fa8444.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d13b4a1c26a77843e0b7835c3853007bd3dd22346b085101e951617179670563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743207
x-powered-by: Express
x-cache: HIT, HIT
content-length: 5708
x-served-by: cache-cgh11133-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:15:54 GMT
server: nginx
x-timer: S1663361919.636837,VS0,VE5
etag: W/"3d51-182a46f9b90"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 8288, 1

GET
H2 200 252f366e.28bc6b0ad8600bd9f9f0.js Show response
www.nsctotal.com.br/_next/static/chunks/ 5 KB
2 KB 35ms
29ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/252f366e.28bc6b0ad8600bd9f9f0.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

d9fb0e4d820f394c0e82bf90eb8c869bbbe75031e8fb9d319c1a0aa9063e8df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 1662
x-served-by: cache-cgh11120-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:15:54 GMT
server: nginx
x-timer: S1663361919.642354,VS0,VE1
etag: W/"1590-182a46f9b90"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 15660, 1

GET
H2 200 ffd401f17c7065e52fed5b2208982840dac39299.7af1de51234ec552a920.js Show response
www.nsctotal.com.br/_next/static/chunks/ 202 KB
63 KB 40ms
34ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/ffd401f17c7065e52fed5b2208982840dac39299.7af1de51234ec552a920.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

88d998c83cc5428a639b744acc404faee76dfc256eba6e42913bbc2c3f61c47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 64747
x-served-by: cache-cgh11179-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642860,VS0,VE1
etag: W/"3283e-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 1029fcc2a0d247b0387896c763ed5a9731755977.c238f72cb8fb859f4cad.js Show response
www.nsctotal.com.br/_next/static/chunks/ 15 KB
6 KB 31ms
26ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/1029fcc2a0d247b0387896c763ed5a9731755977.c238f72cb8fb859f4cad.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

b0ab6199114c89aa20f9e01c59b942d4cc9cef5604dabb2924bc75368a3c8064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 5860
x-served-by: cache-cgh11182-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642309,VS0,VE1
etag: W/"3da9-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 cd04b9048a053cecbfdd64dcc866660ed0ddf865.bbf04251081eeea832a9.js Show response
www.nsctotal.com.br/_next/static/chunks/ 47 KB
16 KB 38ms
33ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/cd04b9048a053cecbfdd64dcc866660ed0ddf865.bbf04251081eeea832a9.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

5a5023bce99f5296d557713d010d4a6f5421b09f2c7c84625eaf224f7c8a7b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 327007
x-powered-by: Express
x-cache: HIT, HIT
content-length: 16197
x-served-by: cache-cgh11160-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642499,VS0,VE1
etag: W/"bbe3-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 07e77ab02b2f49b10d15a69576c9b302d6578806.f8b5e9be70b7359fe34d.js Show response
www.nsctotal.com.br/_next/static/chunks/ 60 KB
17 KB 35ms
30ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/07e77ab02b2f49b10d15a69576c9b302d6578806.f8b5e9be70b7359fe34d.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

7b8a59e84777990167841df8a98e4bd4cc76695bab196bdcd393edc6bae2ff22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 16776
x-served-by: cache-cgh11148-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642268,VS0,VE1
etag: W/"f015-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 168c7e066d5cf32751b0dbfdaaa077b18902507a.acf3d25973f93d7684ce.js Show response
www.nsctotal.com.br/_next/static/chunks/ 98 KB
28 KB 36ms
31ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/168c7e066d5cf32751b0dbfdaaa077b18902507a.acf3d25973f93d7684ce.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ecc7bc23ca3296009d3a8fb7e4bca8c47cf8b296733173b16d315aae3911eaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 28323
x-served-by: cache-cgh11168-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642240,VS0,VE1
etag: W/"189cd-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 f30841b9b454dc139e912f05d2ce5d7d4fd419fe.7bebfe5df7f84f416d0a.js Show response
www.nsctotal.com.br/_next/static/chunks/ 13 KB
4 KB 46ms
42ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/f30841b9b454dc139e912f05d2ce5d7d4fd419fe.7bebfe5df7f84f416d0a.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

30ba3ef0cc7a80793f3d6331f556277c00398d3d569b39e3601622fd304229b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4003
x-served-by: cache-cgh11139-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642257,VS0,VE14
etag: W/"358a-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 b41429612ba4643752ecf3c5799356d377a6eda2.8f997b632044c89a872d.js Show response
www.nsctotal.com.br/_next/static/chunks/ 10 KB
3 KB 34ms
30ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/b41429612ba4643752ecf3c5799356d377a6eda2.8f997b632044c89a872d.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

c5f164c6c493e809312ce215f857af1539ceafe4991e59234aa1acb8a227f503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 308892
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2656
x-served-by: cache-cgh11143-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642206,VS0,VE1
etag: W/"27e9-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 bb17d2fc16c1f15b79d2a541e1ffd33af9b86d00.4eb8929c7621dd5667f7.js Show response
www.nsctotal.com.br/_next/static/chunks/ 9 KB
3 KB 42ms
38ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/bb17d2fc16c1f15b79d2a541e1ffd33af9b86d00.4eb8929c7621dd5667f7.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

91af4a7239697665d8d2c6ada90c5c30471ec40b2c86b1b426a514e4d40901de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 327008
x-powered-by: Express
x-cache: HIT, HIT
content-length: 3365
x-served-by: cache-cgh11156-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642188,VS0,VE3
etag: W/"24b2-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 3430a31811986d3d7b97e7b9decdf80b7770d4d3.414bf4c881a92c2aec25.js Show response
www.nsctotal.com.br/_next/static/chunks/ 6 KB
2 KB 38ms
33ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/3430a31811986d3d7b97e7b9decdf80b7770d4d3.414bf4c881a92c2aec25.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

7740e5398a928e69c681ef867a33198d9bd3f527b0fcd1ed03807533abbb47d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2425
x-served-by: cache-cgh11142-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642180,VS0,VE2
etag: W/"1959-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 da0c0f65ec170d7da36c2e534bb83e1ad271a6da.43a61629649538f3369e.js Show response
www.nsctotal.com.br/_next/static/chunks/ 22 KB
7 KB 30ms
26ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/da0c0f65ec170d7da36c2e534bb83e1ad271a6da.43a61629649538f3369e.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ddd7f4f8e8cf53bb09a54106570cf43245e2a0902c85e586b4e803f175ae8ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 7098
x-served-by: cache-cgh11165-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642153,VS0,VE1
etag: W/"5761-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 a8daee1d1f61785e948e1b4cc6782295819b40b0.dc4881842a073e0d8129.js Show response
www.nsctotal.com.br/_next/static/chunks/ 66 KB
19 KB 27ms
24ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/a8daee1d1f61785e948e1b4cc6782295819b40b0.dc4881842a073e0d8129.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

1fac66bb2f822e090f2e934c8fd2fba2cc6bc5951dc7db30c71811c423578637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 19206
x-served-by: cache-cgh11137-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642104,VS0,VE1
etag: W/"10914-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 1e2da885be650e06823ae633df7e6708eca813cc.bb458c99d44f1c9681cb.js Show response
www.nsctotal.com.br/_next/static/chunks/ 18 KB
6 KB 27ms
23ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/1e2da885be650e06823ae633df7e6708eca813cc.bb458c99d44f1c9681cb.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

9320c7ac979cc1d22f1d105818b46611773a20ddafedcf9b1a6e14e5bd50744c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 310801
x-powered-by: Express
x-cache: HIT, HIT
content-length: 5974
x-served-by: cache-cgh11127-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642059,VS0,VE1
etag: W/"487c-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 6eedd206e430390d2df01e16db7af352fc5365b0.3c56bf44f0614d8abb56.js Show response
www.nsctotal.com.br/_next/static/chunks/ 16 KB
5 KB 29ms
26ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/6eedd206e430390d2df01e16db7af352fc5365b0.3c56bf44f0614d8abb56.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

92102028ac0c9df573e1feda3b4bbb1a2cd6a0c8b36255bb83e7459bb276ed5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 321837
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4379
x-served-by: cache-cgh11159-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.642042,VS0,VE1
etag: W/"3fd5-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 d4cba56c77c5be5394f69a5a8976fdc32372e0a9.96731d063dbc4d2b6243.js Show response
www.nsctotal.com.br/_next/static/chunks/ 119 KB
33 KB 26ms
23ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/d4cba56c77c5be5394f69a5a8976fdc32372e0a9.96731d063dbc4d2b6243.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

18bacb56ad6609957f0744afe5c22553863cd9ac895e72b6193cb5ae47e8f9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 321837
x-powered-by: Express
x-cache: HIT, HIT
content-length: 33294
x-served-by: cache-cgh11130-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.641987,VS0,VE1
etag: W/"1dc48-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 67ms
7ms Script
application/x-javascript 2600:9000:20eb:e200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 19:18:55 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 5983
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dGZsrmk45p4N1EAEOmesFJHf7cwI7eizpsfADjX8JE9FrACA7jA2kw==
expires: Fri, 16 Sep 2022 21:18:55 GMT

GET
H2 200 nsc.svg
www.nsctotal.com.br/static/logos/white/ 4 KB
2 KB 22ms
11ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/nsc.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

e8f2b629f2079e9de6d04cea04b6e89c366ed358943f49e05d44f59111ed2547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743213
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2021
x-served-by: cache-cgh11151-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.664998,VS0,VE1
etag: W/"11f4-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 10054, 1

GET
H2 200 nsc.svg
www.nsctotal.com.br/static/logos/color/ 5 KB
2 KB 30ms
19ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/color/nsc.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

260491c90c6df2b732f39e9ca55cb9ee35bd97fa596a9341c3bda216c888729d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743202
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2160
x-served-by: cache-cgh11121-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.664979,VS0,VE5
etag: W/"12e4-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 9992, 1

GET
H2 200 dc.svg
www.nsctotal.com.br/static/logos/white/ 2 KB
996 B 29ms
18ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/dc.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

355326e27a1f0b84783fc989dfd63dbf3990cd1be16859513bdc37abd455402e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743207
x-powered-by: Express
x-cache: HIT, HIT
content-length: 844
x-served-by: cache-cgh11154-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.666156,VS0,VE2
etag: W/"7d9-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 20950, 1

GET
H2 200 an.svg
www.nsctotal.com.br/static/logos/white/ 945 B
677 B 29ms
18ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/an.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

89e79fb3530dea07402743a318e894509707f61f35ffb9d32c42f4aa6a33150e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 489
x-served-by: cache-cgh11123-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.666056,VS0,VE3
etag: W/"3b1-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 17149, 1

GET
H2 200 santa.svg
www.nsctotal.com.br/static/logos/white/ 6 KB
2 KB 26ms
15ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/santa.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

697b475200f4c616d172d7273efea87aa4338f14bedf51b91fbc168f74726c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2435
x-served-by: cache-cgh11135-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.665912,VS0,VE1
etag: W/"16ef-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 26916, 1

GET
H2 200 hora_de_sc.svg
www.nsctotal.com.br/static/logos/white/ 9 KB
4 KB 26ms
15ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/hora_de_sc.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

67a3bf88efc48246d79e769fc4be97a52fbd8c52f1e5168724dba197db96bdbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4033
x-served-by: cache-cgh11134-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.666136,VS0,VE1
etag: W/"25f8-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 18831, 1

GET
H2 200 cbn_diario.svg
www.nsctotal.com.br/static/logos/white/ 1 KB
818 B 30ms
19ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/cbn_diario.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

97cb38d104baaa52414bfce8f2b9cad9c1b5cf4380ff61b8b3823be144a13808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 698
x-served-by: cache-cgh11146-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.666025,VS0,VE11
etag: W/"599-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 17187, 1

GET
H2 200 itapema_fm.svg
www.nsctotal.com.br/static/logos/white/ 3 KB
3 KB 24ms
14ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/itapema_fm.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f389d2ddb47f47947146e98aa8f795f215e736c085400dafc31458f8a4d78d6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2508
x-served-by: cache-cgh11158-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.665824,VS0,VE1
etag: W/"d10-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 15894, 1

GET
H2 200 clube.svg
www.nsctotal.com.br/static/logos/white/ 7 KB
3 KB 27ms
16ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/clube.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

c8a0daba2bc77b422f84c0f5abb3e1add90a68ac7571ffc7fd0ae9c8dc710f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 3060
x-served-by: cache-cgh11162-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.665804,VS0,VE2
etag: W/"1be5-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 8318, 1

GET
H2 200 logo.svg
www.nsctotal.com.br/static/ 2 KB
1 KB 27ms
17ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logo.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

a27f9ce5939ee78565fae1437fdef6009650d45b0b68c9a4b3057c0a50224332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743206
x-powered-by: Express
x-cache: HIT, HIT
content-length: 1144
x-served-by: cache-cgh11159-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.665797,VS0,VE2
etag: W/"975-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 1513, 1

GET
H2 200 cbn_joinville.svg
www.nsctotal.com.br/static/logos/white/ 24 KB
18 KB 43ms
34ms Image
image/svg+xml 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nsctotal.com.br/static/logos/white/cbn_joinville.svg

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

51a607a0629b7e14261ce71ef18664a754d742f1e9a87d053a603c60d7d6af18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743195
x-powered-by: Express
x-cache: HIT, HIT
content-length: 18145
x-served-by: cache-cgh11151-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:16:03 GMT
server: nginx
x-timer: S1663361919.665787,VS0,VE30
etag: W/"605f-182a46fbeb8"
strict-transport-security: max-age=31557600
content-type: image/svg+xml
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 _buildManifest.js Show response
www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/ 4 KB
2 KB 24ms
14ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/_buildManifest.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

757aca4aad1c163f70a0e8a6237714a7f074d3d1f17dd1bd85fb9407805745b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 306916
x-powered-by: Express
x-cache: HIT, HIT
content-length: 1560
x-served-by: cache-cgh11178-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.665770,VS0,VE1
etag: W/"1011-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 _ssgManifest.js Show response
www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/ 76 B
230 B 22ms
13ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/ZLYRsDOPw9xcdBElSRojP/_ssgManifest.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 305900
x-powered-by: Express
x-cache: HIT, HIT
content-length: 60
x-served-by: cache-cgh11158-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:15 GMT
server: nginx
x-timer: S1663361919.665752,VS0,VE1
etag: W/"4c-1833396a818"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 9ms
7ms Script
application/x-javascript 2600:9000:20eb:e200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:35:12 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 1406
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: P3vZJ0ok9n6BsYkOrLvh7U5pn_nI4ibwpTZXayJlv3XaJeV_gnPhLg==
expires: Fri, 16 Sep 2022 22:35:12 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 131ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700|Source+Serif+Pro:400|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nsctotal.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 178418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 19:25:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 140ms
48ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700|Source+Serif+Pro:400|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nsctotal.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 487737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 05:29:41 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 158ms
79ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700|Source+Serif+Pro:400|Roboto:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nsctotal.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 16:24:40 GMT
x-content-type-options: nosniff
age: 275638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 16:24:40 GMT

GET
H2 200 educacao-em-SC.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 18 KB
18 KB 28ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/educacao-em-SC.jpg?ZWTX2yA2rNyvhJATz74nCSuHmAtfsut0&itok=Ykfj48pQ&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c63aa17ab7bb7ef8dc1c81a3d7b48f2803952b86cd0a4bd471b3f34496dbc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 10308
x-cache: HIT, HIT
fastly-io-info: ifsz=32309 idim=660x439 ifmt=jpeg ofsz=18108 odim=660x439 ofmt=webp
fastly-stats: io=1
content-length: 18108
x-served-by: cache-cgh11123-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839354,VS0,VE3
etag: "b4sfc0VQ5vJEBNqb7W/oz6wWLCE1TtA29zjWcz0FyZk"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 coach%20reu.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 6 KB
6 KB 27ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/coach%20reu.jpg?7vGJX5K6chtsBp1rLqDTHKQsPRDmavy6&itok=Tz0YesqQ&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c99bbff66e64357ae65da6b8de7011bb35d8a51d7a4bcedbf969798b4f7778c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 8122
x-cache: HIT, HIT
fastly-io-info: ifsz=36032 idim=800x500 ifmt=jpeg ofsz=6110 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 6110
x-served-by: cache-cgh11153-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839391,VS0,VE2
etag: "2MaJWD/2zKhmy2Jgo+gyoWgUJU/tFeXy1tnuTPU4WKQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 74, 1

GET
H2 200 urnas%20tiago%20ghizoni%20dc.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 14 KB
14 KB 26ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/urnas%20tiago%20ghizoni%20dc.jpg?eFNTI1Aph.AsvNCgLTTQU1ADdfTzp3LT&itok=5U3IosHj&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb0f4143820404b4d11a3124a56ceeb46c28539c5b0606460f64158dda5898c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 17789
x-cache: HIT, HIT
fastly-io-info: ifsz=67215 idim=800x500 ifmt=jpeg ofsz=14264 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 14264
x-served-by: cache-cgh11159-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839448,VS0,VE2
etag: "vbCEb8s7JVxofrpfkqGKirvQmKExOVMJSFi8UnRDwlA"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 noticias-nsc-total-whatsapp_0.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 8 KB
8 KB 29ms
12ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/noticias-nsc-total-whatsapp_0.jpg?aXfC_s9izD4SDAiBw6o_EMMFwA.4h9dC&itok=WJMqaTLH&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4292356450a0f69922129397d015110bb1f5270420c7a3b1be9661304a0124c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 9977654
x-cache: HIT, HIT, HIT
fastly-io-info: ifsz=41042 idim=800x500 ifmt=jpeg ofsz=8050 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 8050
x-served-by: cache-gru17144-GRU, cache-cgh11180-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839396,VS0,VE6
etag: "fw/Qjx/RtcVC4kiiYK8s4gZXiRAthes5C7Q+wHLag0w"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 15, 1

GET
H2 200 podcast%20O%20Candidato%20decio%20lima%20apresentadores%20tiago%20ghizoni.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 8 KB
9 KB 28ms
11ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/podcast%20O%20Candidato%20decio%20lima%20apresentadores%20tiago%20ghizoni.jpg?cszTMfDEq.izg_AM8FKBGnbtV9X1cJ_g&itok=SJJWthlA&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

08670e2cafe6c24bc9eba04f089e1b47578a6b0c1d9cdd1fcb1ffe5b73fc6ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 7392
x-cache: HIT, HIT
fastly-io-info: ifsz=48254 idim=800x500 ifmt=jpeg ofsz=8642 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 8642
x-served-by: cache-cgh11151-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839437,VS0,VE3
etag: "rnnF+QkD0nRI5wMMk8/K/dZ3BmkN1xGKbsfiDxP6lp4"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 15, 1

GET
H2 200 jonas%20lucas%20alves%20dias%20reproducao%20facebook_0.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 9 KB
9 KB 17ms
13ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/jonas%20lucas%20alves%20dias%20reproducao%20facebook_0.jpg?RWKhZqRB09nfFVBkkJPJemvTthbGilcl&itok=j_BNKNyS&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03e9dfebd1323bb87a14f2779cffeed8a47b188b4c18153f08a9986f76b79a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 17580
x-cache: HIT, HIT
fastly-io-info: ifsz=47174 idim=800x500 ifmt=jpeg ofsz=8954 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 8954
x-served-by: cache-cgh11178-CGH, cache-hhn4045-HHN
x-timer: S1663361919.839326,VS0,VE6
etag: "/me3m1f7Z7j3e+ONSSs9fQI35Vb9zsvJ+sS52eX9tJI"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 circo%20biriba%20havan%20blumenau.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 13 KB
13 KB 10ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/circo%20biriba%20havan%20blumenau.jpg?Lc5_wGbZZMqmYjT_7IcUvb5lZG1fOePF&itok=6w7BJU0J&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e21766ba6f2ae382b7eca667d565d028e85959c20673857f9174572833b8628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 13775
x-cache: HIT, HIT
fastly-io-info: ifsz=78592 idim=800x500 ifmt=jpeg ofsz=13240 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 13240
x-served-by: cache-cgh11148-CGH, cache-hhn4045-HHN
x-timer: S1663361919.850601,VS0,VE2
etag: "TL8X/bp/AOEfqTZmfrI8jtYokcbq23is/t6aCKQPa7I"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 eleicoes%20urnas.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 6 KB
6 KB 10ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/eleicoes%20urnas.jpg?z3cWdqrdJti4nBGdi4MKqqeJFkyX1wHZ&itok=T5Ldr_gb&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df30230d5fa012cd7d78aef57c5100cd19770c0c41b0815849811bba2ebe96c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 29630
x-cache: HIT, HIT
fastly-io-info: ifsz=34688 idim=800x500 ifmt=jpeg ofsz=5650 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 5650
x-served-by: cache-cgh11134-CGH, cache-hhn4045-HHN
x-timer: S1663361919.850562,VS0,VE2
etag: "JggYS5ZCEh1TC35/hipC6MC6DxuIIAg6De+aYpGACMo"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 posto.de.gasolina.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 8 KB
8 KB 11ms
11ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/posto.de.gasolina.jpg?Y17Y1wvvSrSCwDw_1bXDXERdWpS2PKzB&itok=l3faIq6x&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c422783b259a14ed1c14b6d1b682ab9f368e03be02d78173c06b23f274c5af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 20256
x-cache: HIT, HIT
fastly-io-info: ifsz=51784 idim=800x500 ifmt=jpeg ofsz=8444 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 8444
x-served-by: cache-cgh11144-CGH, cache-hhn4045-HHN
x-timer: S1663361919.851405,VS0,VE2
etag: "b7j2cmvHJDn5jROti9vgto/JJK1P+aR7DmVZrij22GU"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 picnic-basket-park-grass.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 14 KB
14 KB 10ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/picnic-basket-park-grass.jpg?JunbrWez4HPME_W3x.lUValM_kTBEU9p&itok=VVsj0R98&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

851b086146630ab863c0b32baeff100dc980a49b4ec40077e998d4301c99b6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 187914
x-cache: HIT, HIT
fastly-io-info: ifsz=71459 idim=800x500 ifmt=jpeg ofsz=13962 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 13962
x-served-by: cache-cgh11176-CGH, cache-hhn4045-HHN
x-timer: S1663361919.851345,VS0,VE1
etag: "sicnL1QT0hzoY8CctjnPQt2e2xnWJCtmHRhBzH8zjMo"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 14, 1

GET
H2 200 sala%20cinema%20unsplash.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 10 KB
10 KB 10ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/sala%20cinema%20unsplash.jpg?78_hh6yLMAXXlt3fdV1MsVIwcpxSkuIZ&itok=keTyMVGA&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9765006df2fce8589c29e8e98c560cd4c2d132aacf07df21ca9fdcbe081b0d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 33210
x-cache: HIT, HIT
fastly-io-info: ifsz=57185 idim=800x500 ifmt=jpeg ofsz=10038 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 10038
x-served-by: cache-cgh11140-CGH, cache-hhn4045-HHN
x-timer: S1663361919.852600,VS0,VE1
etag: "VYR8pD/WTIiAqL18coalreuzl+zbsDLZ8ASnRvHArxE"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 Lula%20vem%20a%20SC%20com%20desafio%20de%20vincular%20votos.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 5 KB
5 KB 18ms
17ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Lula%20vem%20a%20SC%20com%20desafio%20de%20vincular%20votos.jpg?vD5Cx6thComSgQqKeCG_R5HWWHiQpu14&itok=Wxfobawf&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fed4d0ef4f3cac52c1fadad0550d67f02fc7da656ba81395069db828d928a20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 42587
x-cache: HIT, HIT
fastly-io-info: ifsz=32590 idim=800x500 ifmt=jpeg ofsz=4686 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 4686
x-served-by: cache-cgh11150-CGH, cache-hhn4045-HHN
x-timer: S1663361919.852581,VS0,VE11
etag: "h7pWxlVUSROsyHL8McpugOi1pt3rIxvR4HasOaNhRo8"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 14, 1

GET
H2 200 Falso%20Sequestro%20NSC%20Total%20Policia%20Civil.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 2 KB
3 KB 11ms
7ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Falso%20Sequestro%20NSC%20Total%20Policia%20Civil.jpg?d0SbbQ2X9dM4rybGigwg6wVzZxp.2KD9&itok=3vCC6K-l&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

425a465fe224f0ccec4ab2ef8c9b813cfcba0c4aa113c3119236dcc01269c017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 27310
x-cache: HIT, HIT
fastly-io-info: ifsz=17442 idim=800x500 ifmt=jpeg ofsz=2472 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 2472
x-served-by: cache-cgh11162-CGH, cache-hhn4045-HHN
x-timer: S1663361919.864735,VS0,VE1
etag: "dkr+bJXHaJKLTm0MPEJKUWXbdWKzM55Q76N7Qm6plIQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 combustiveis%20marcello%20casal%20jr%20agencia%20brasl_0.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 8 KB
9 KB 12ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/combustiveis%20marcello%20casal%20jr%20agencia%20brasl_0.jpg?MjDFHu8e4YSKylmSv5dQ_Tj6YQYbkD7I&itok=-1FhvFvP&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50189bd1200d113582253fd38c7debde8910835ca4a22004524d15acb1759051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 29807
x-cache: HIT, HIT
fastly-io-info: ifsz=43863 idim=800x500 ifmt=jpeg ofsz=8592 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 8592
x-served-by: cache-cgh11153-CGH, cache-hhn4045-HHN
x-timer: S1663361919.865110,VS0,VE2
etag: "j+Fitj7nezVeDJTvBfUIdQDXBWFASY5gPX/3yj1e6X8"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 policia%20civil%20prende%20falsa%20policial.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 9 KB
9 KB 11ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/policia%20civil%20prende%20falsa%20policial.jpg?WPHMzd8qP0J1mRoGQPnJle5M.2EUAfc.&itok=ZtFCRXD9&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8482bd069842034e27d67d4745039435086199951e8e8de8ecb0c0cbdbc670d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 42587
x-cache: HIT, HIT
fastly-io-info: ifsz=58038 idim=800x500 ifmt=jpeg ofsz=9028 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 9028
x-served-by: cache-cgh11174-CGH, cache-hhn4045-HHN
x-timer: S1663361919.865086,VS0,VE2
etag: "R1CVhrPQbq8SA1UCKjuWoI9P9uXoZ5wJfMDmUd/6Qb8"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 Banner%20PL.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 5 KB
6 KB 9ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Banner%20PL.jpg?3gVxdXRpDbMRQqpoSjERzslZTOUDztT3&itok=ehIoapXl&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78160658d43e856f1adfb1f3a63ebf58f320f5c5882b60fcb72a60fe0f6e421e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 911623
x-cache: HIT, HIT
fastly-io-info: ifsz=36701 idim=800x500 ifmt=jpeg ofsz=5464 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 5464
x-served-by: cache-cgh11177-CGH, cache-hhn4045-HHN
x-timer: S1663361919.865058,VS0,VE2
etag: "Q81QK959OGlINwxpbv3Zex+acyfB89X7FPfntiLqkrI"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 16, 1

GET
H2 200 confraria%20do%20vinho_4.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 5 KB
5 KB 22ms
21ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/confraria%20do%20vinho_4.jpg?Tf8Y3QgRI1mUTjM2WaxlFy3y7CHf6RPY&itok=bvaYWEEZ&width=325

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1471af13e7ea0de069deac3e7dc78fd16a12462a784464356611b1053bf93de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 178846
x-cache: HIT, HIT
fastly-io-info: ifsz=31843 idim=800x500 ifmt=jpeg ofsz=5178 odim=325x203 ofmt=webp
fastly-stats: io=1
content-length: 5178
x-served-by: cache-cgh11176-CGH, cache-hhn4045-HHN
x-timer: S1663361919.865043,VS0,VE15
etag: "kSdbLG2aatC48PG1pCTwVgbFnzwdejoRCnWa/wBTo10"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 justicafederalhidreletricasc.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 6 KB
6 KB 33ms
33ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/justicafederalhidreletricasc.jpg?RArBmrT4TfDp1Jwfly4zdOtV_.8Dyv97&itok=sOs1LHam&width=350

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84c1fbfb7f3fb1bf401cb040180dd645023405d633f7c1f02ac0deca56719337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 183069
x-cache: HIT, HIT
fastly-io-info: ifsz=39377 idim=800x500 ifmt=jpeg ofsz=6386 odim=350x219 ofmt=webp
fastly-stats: io=1
content-length: 6386
x-served-by: cache-cgh11142-CGH, cache-hhn4045-HHN
x-timer: S1663361919.870639,VS0,VE26
etag: "wpof4t+eDWLx9SBFT9ozo7z0xe1kmoqSvIAv5O5jFHY"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 Corpo%20no%20Rio%20Vermelho_.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 9 KB
9 KB 10ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Corpo%20no%20Rio%20Vermelho_.jpg?n4mG0yoFPs_tP599_r6YC_TmPl69OIC2&itok=1OexypKC&width=350

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b799b35896b1bf0256fb139030b4d5b4f834a5814776ade0bd10791ce18a3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 253559
x-cache: HIT, HIT
fastly-io-info: ifsz=46186 idim=800x500 ifmt=jpeg ofsz=9040 odim=350x219 ofmt=webp
fastly-stats: io=1
content-length: 9040
x-served-by: cache-cgh11134-CGH, cache-hhn4045-HHN
x-timer: S1663361919.873847,VS0,VE2
etag: "7fNopwOJ6FdQT39ROCjqKEuN2faMjTsVRi3/hW/gWx0"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 Presidencial%20Majestic.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 10 KB
10 KB 10ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Presidencial%20Majestic.jpg?J_gSpOKRJ83lm.4Np9EgSUeZ58sDBV7y&itok=3m5RVUly&width=350

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0cd2832156398597d0307db779c57820216ac71517de38991a560a77b26fb44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 263142
x-cache: HIT, HIT
fastly-io-info: ifsz=61576 idim=800x500 ifmt=jpeg ofsz=9916 odim=350x219 ofmt=webp
fastly-stats: io=1
content-length: 9916
x-served-by: cache-cgh11150-CGH, cache-hhn4045-HHN
x-timer: S1663361919.874881,VS0,VE1
etag: "y0TaHK+tOTCkDfTNb0mkocnE0VnZfTBS5zF2XvAyx2U"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 Lista%20de%20bebidas%20Guns%20capa.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 7 KB
7 KB 10ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/Lista%20de%20bebidas%20Guns%20capa.jpg?nN3k6IkBwyxY9BUJSfpg9jkhRiG7EGQV&itok=X0YPu1ul&width=350

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

805d2dc4c57beb543cf2da0a3d4b12f264eedce36b92c9780e1645022ca44b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 215469
x-cache: HIT, HIT
fastly-io-info: ifsz=52528 idim=800x500 ifmt=jpeg ofsz=6870 odim=350x219 ofmt=webp
fastly-stats: io=1
content-length: 6870
x-served-by: cache-cgh11177-CGH, cache-hhn4045-HHN
x-timer: S1663361919.875213,VS0,VE2
etag: "aYVAywOZjTGJkxNY3i0SNdrJYQZqnd2n6+Z5E83nIIQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 jonas%20lucas%20alves%20dias%20reproducao%20facebook.jpg
files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/ 11 KB
11 KB 10ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/teaser_image_style/public/graphql-upload-files/jonas%20lucas%20alves%20dias%20reproducao%20facebook.jpg?P0v0HFsPfmD2viXuw.yate8tgJLmGLUK&itok=ztfpWN9L&width=350

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b45eef0aed4115eed2ed2f66f1d39ca36b8a1523cd9776077274c403fdd13951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 114255
x-cache: HIT, HIT
fastly-io-info: ifsz=52450 idim=800x500 ifmt=jpeg ofsz=10766 odim=350x219 ofmt=webp
fastly-stats: io=1
content-length: 10766
x-served-by: cache-cgh11165-CGH, cache-hhn4045-HHN
x-timer: S1663361919.875178,VS0,VE2
etag: "Qj4Cxzak0hEd37jn5Xpg1gLV6x6ZWDxgkgMmFJC53Xc"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 16, 1

GET
H2 200 Urna%20eletronica%20Eleicoes%202022%20tiago%20ghizoni%20nsc.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 27 KB
27 KB 10ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/Urna%20eletronica%20Eleicoes%202022%20tiago%20ghizoni%20nsc.jpg?dv8AtsfqBK4SmKGMOgb3sFrM1RntD0VT&itok=GFcRG0ZT&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed6314fb95d7fb2a6271e0014e2cea359c1f5c6e9322bc0025bbfb039ac418cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 94948
x-cache: HIT, HIT
fastly-io-info: ifsz=59516 idim=1024x682 ifmt=jpeg ofsz=27766 odim=1024x682 ofmt=webp
fastly-stats: io=1
content-length: 27766
x-served-by: cache-cgh11163-CGH, cache-hhn4045-HHN
x-timer: S1663361919.884217,VS0,VE2
etag: "+XqkDTBVW0TeC61QDE1A8ESRpreFd2AwZK9JNkS+dk0"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 58, 1

GET
H2 200 hepatite_e_jorginho%20mello%20podcast%20o%20candidato.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 16 KB
17 KB 11ms
11ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/hepatite_e_jorginho%20mello%20podcast%20o%20candidato.jpg?EE0qopYpIlwFWN2YhWW4n4AUR60WCODv&itok=NmJNqfO_&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

344164232a0a57dca1833743bc10e25df8c59a8314b38d3e8990170f246590c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 78966
x-cache: HIT, HIT
fastly-io-info: ifsz=33382 idim=810x450 ifmt=jpeg ofsz=16680 odim=810x450 ofmt=webp
fastly-stats: io=1
content-length: 16680
x-served-by: cache-cgh11132-CGH, cache-hhn4045-HHN
x-timer: S1663361919.884459,VS0,VE3
etag: "D6DblwOvoQmYYdJITKPTiZo6hOLFpPt4PIt6yrYGpFA"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 shutterstock_1945692715.jpg
files.nsctotal.com.br/s3fs-public/graphql-upload-files/ 17 KB
17 KB 12ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/graphql-upload-files/shutterstock_1945692715.jpg?DadNDnhG5iduh2oncN6.DcW9wEhp9.Oj&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3222210d7fe7b1bf85a9574fdf9df00e9a58b48892fda09e3434fa9f5da2c376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 3463
x-cache: HIT, HIT
fastly-io-info: ifsz=358386 idim=800x600 ifmt=jpeg ofsz=17220 odim=800x600 ofmt=webp
fastly-stats: io=1
content-length: 17220
x-served-by: cache-cgh11133-CGH, cache-hhn4045-HHN
x-timer: S1663361919.888086,VS0,VE2
etag: "yRNFgXk1h32vgNsrNB8TQCY5eaeD98YmYa0/jGLW2vM"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 televisao.jpg
files.nsctotal.com.br/s3fs-public/graphql-upload-files/ 23 KB
23 KB 12ms
11ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/graphql-upload-files/televisao.jpg?_SQgKpyQjnH_KXH32tYgpdFaLhJDc7GA&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

082e674dcf5f6eb9d6b01b54cc7c5bdbf6f0fddcdba42ff64b2ee531b16559d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 7069
x-cache: HIT, HIT
fastly-io-info: ifsz=397452 idim=800x600 ifmt=jpeg ofsz=23284 odim=800x600 ofmt=webp
fastly-stats: io=1
content-length: 23284
x-served-by: cache-cgh11152-CGH, cache-hhn4045-HHN
x-timer: S1663361919.888083,VS0,VE2
etag: "UTvjjWMW107QwDdy8BoJGUVqrNtrsh0Y4Br5mVQdKMM"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 horoscopo_64.jpg
files.nsctotal.com.br/s3fs-public/graphql-upload-files/ 42 KB
43 KB 9ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/graphql-upload-files/horoscopo_64.jpg?FeIDDQwkdlsCjTLghRFn3Aqj72s7FSUm&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbb05cbba1621d924c779f6988edc1c9e228d9020c35c2014548bd8e3944ee6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 30372
x-cache: HIT, HIT
fastly-io-info: ifsz=403011 idim=800x600 ifmt=jpeg ofsz=43432 odim=800x600 ofmt=webp
fastly-stats: io=1
content-length: 43432
x-served-by: cache-cgh11122-CGH, cache-hhn4045-HHN
x-timer: S1663361919.888032,VS0,VE1
etag: "44XcWA6JBJYB6Cfjj+34MlIbplbtfulMLQu4Xzg+I3o"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 Hollow%20Knight.JPG.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 15 KB
16 KB 9ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/Hollow%20Knight.JPG.jpg?jB6RqjrX5e.lRgiXbVE9w68XPEaXL59l&itok=dKE3zC_z&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1c4e0f5e606f6a79eba0ac22c7e087d99417ac4bbbc3b715592d3edf89b61304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 11911
x-cache: HIT, HIT
fastly-io-info: ifsz=26426 idim=515x347 ifmt=jpeg ofsz=15750 odim=515x347 ofmt=webp
fastly-stats: io=1
content-length: 15750
x-served-by: cache-cgh11162-CGH, cache-hhn4045-HHN
x-timer: S1663361919.897329,VS0,VE1
etag: "LVH6pNMADAWEyRPzEn4aDbYjQEcIHhFXQYPCY1Ajphc"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
88 KB 157ms
72ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee68c69b6c4035718f6dbf80a0a97847928e5891d9269eb17ecdd15af8581163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89156
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 graphql Show response
api.nsctotal.com.br/ 162 B
662 B 18ms
7ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.nsctotal.com.br/graphql?operationName=%22Weather%22&variables=%7B%22city%22:%22florianopolis%22%7D&extensions=%7B%22persistedQuery%22:%7B%22version%22:1,%22sha256Hash%22:%2283ba6c4ec791395a07bb96cac6afd2bf19f3802352e471a31613c7246f0c2d15%22%7D%7D

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/_next/static/chunks/ffd401f17c7065e52fed5b2208982840dac39299.7af1de51234ec552a920.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f446f54df80a28d0a3219ae2876d72f75dace637c9ac88c058f3e952d65ae8d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

fastly-drupal-html: YES
date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1711
x-cache: MISS, HIT, HIT
x-ah-environment: prod
vary: Origin,Accept-Encoding
content-length: 153
x-request-id: v-5a44bab0-35fe-11ed-b151-ef3b4ebd53ac
x-ua-compatible: IE=edge
access-control-allow-origin: https://www.nsctotal.com.br
last-modified: Fri, 16 Sep 2022 20:30:07 GMT
server: nginx
x-timer: S1663361919.153452,VS0,VE1
etag: "1663360207"
x-served-by: cache-cgh11169-CGH, cache-hhn4045-HHN
strict-transport-security: max-age=31557600
content-language: pt-br
via: varnish, 1.1 varnish, 1.1 varnish
x-generator: Drupal 8 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=0, public, s-maxage=2764800
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1, 1

GET
H2 200 graphql Show response
api.nsctotal.com.br/ 93 B
284 B 11ms
8ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.nsctotal.com.br/graphql?operationName=%22CurrentUser%22&extensions=%7B%22persistedQuery%22:%7B%22version%22:1,%22sha256Hash%22:%2274ba8ac03d98e326a691d1dd6cf4c93f7bd96279f70dc4f351f53cad6f8d87c2%22%7D%7D

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/_next/static/chunks/ffd401f17c7065e52fed5b2208982840dac39299.7af1de51234ec552a920.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b73a3defe1f14a072bd0c86e4ed32b10b55bfd19b344a381b77d1d0e33d9dff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

fastly-drupal-html: YES
date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27587
x-cache: MISS, HIT, HIT
x-ah-environment: prod
vary: Origin,Accept-Encoding
content-length: 103
x-request-id: v-1bd43c6a-35c2-11ed-8a21-e3dac5fb4af0
x-ua-compatible: IE=edge
access-control-allow-origin: https://www.nsctotal.com.br
last-modified: Fri, 16 Sep 2022 13:18:52 GMT
server: nginx
x-timer: S1663361919.153631,VS0,VE1
etag: "1663334332"
x-served-by: cache-cgh11170-CGH, cache-hhn4045-HHN
strict-transport-security: max-age=31557600
content-language: pt-br
via: varnish, 1.1 varnish, 1.1 varnish
x-generator: Drupal 8 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=0, public, s-maxage=2764800
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/json
x-cache-hits: 14, 1

GET
H2 200 graphql Show response
api.nsctotal.com.br/ 11 KB
3 KB 8ms
8ms Fetch
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.nsctotal.com.br/graphql?operationName=%22columnistsByPage%22&variables=%7B%22path%22:%22/home%22%7D&extensions=%7B%22persistedQuery%22:%7B%22version%22:1,%22sha256Hash%22:%2219d9b5a0bc55c1fe0a7876575da9245d7f61344b465f04ee2b064b12c6ce4ba7%22%7D%7D

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/_next/static/chunks/ffd401f17c7065e52fed5b2208982840dac39299.7af1de51234ec552a920.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

021778b2ec3f14e0ed58609ec7020d4d6acaad3b0da84692a9c239c46d2d4e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
content-type: text/plain

Response headers

fastly-drupal-html: YES
date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10797
x-cache: MISS, HIT, HIT
x-ah-environment: prod
vary: Origin,Accept-Encoding
content-length: 2566
x-request-id: v-32c762fe-35e9-11ed-ab8e-df232506bd1e
x-ua-compatible: IE=edge
access-control-allow-origin: https://www.nsctotal.com.br
last-modified: Fri, 16 Sep 2022 17:58:41 GMT
server: nginx
x-timer: S1663361919.186900,VS0,VE1
etag: "1663351121"
x-served-by: cache-cgh11179-CGH, cache-hhn4045-HHN
strict-transport-security: max-age=31557600
content-language: pt-br
via: varnish, 1.1 varnish, 1.1 varnish
x-generator: Drupal 8 (https://www.drupal.org)
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=0, public, s-maxage=2764800
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/json
x-cache-hits: 5, 1

GET
H2 200 97.625dffc2cb4f4920e20c.js Show response
www.nsctotal.com.br/_next/static/chunks/ 39 KB
16 KB 7ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/_next/static/chunks/97.625dffc2cb4f4920e20c.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/_next/static/runtime/webpack-1b60a8d52a52b65fd7b4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

5bc1f880a4af69b6a54e1ae00109c4024b8590c716e4c6c416734a2c4e480fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2743212
x-powered-by: Express
x-cache: HIT, HIT
content-length: 16411
x-served-by: cache-cgh11141-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Aug 2022 02:15:54 GMT
server: nginx
x-timer: S1663361919.190841,VS0,VE1
etag: W/"9a09-182a46f9b90"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 141ms
56ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/_next/static/chunks/2b018f3c2e76210e4a9ecbdceaa03b526a954de9.56bfe2aa15347c96ca17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f008137668b6d472795ea275ed52ae81e4d2cac9efe6e376617771fc1550f7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27747
x-xss-protection: 0
server: sffe
etag: "1336 / 740 of 1000 / last-modified: 1663326538"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Sep 2022 20:58:39 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
489 B 159ms
150ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=7eRdcI7ypu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10244a1d3bca2714d7593b11fcafa01eedb14f445c959876e128f18f64ba1df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mr9mbirMCJz
pragma
wn: prod-dash-10-0-136-243
last-modified: Fri, 16 Sep 2022 20:50:55 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.005
cache-control: public, max-age=1200
cf-ray: 74bc857b3e4b9c0c-FRA
expires: Fri, 16 Sep 2022 21:18:39 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 4 KB
2 KB 181ms
142ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=7eRdcI7ypu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe764d6054dbf851d3dad3afb1ac9243ba5fe7e03989205e96f1cdccf4d1c8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: br
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: y3w8bb196v
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 74bc857bab619b71-FRA

GET
H2 200 coach%20reu.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 23 KB
23 KB 599ms
598ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/coach%20reu.jpg?3kXkOrM9A_C8hE_wfkRRI_mkhLIkSVBo&itok=as8UK1xx&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa91aff697c6b75ddfd3a04aa3bce60c14ee5683638f48aad91d5f8072562ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 8216
x-cache: HIT, MISS
fastly-io-info: ifsz=55519 idim=1024x650 ifmt=jpeg ofsz=23652 odim=1024x650 ofmt=webp
fastly-stats: io=1
content-length: 23652
x-served-by: cache-cgh11138-CGH, cache-hhn4045-HHN
x-timer: S1663361919.284747,VS0,VE590
etag: "qCEzKPKChgbG8d1+kmZZw+eiof6gZB9JuYXF73EgwvE"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 urnas%20tiago%20ghizoni%20dc.jpg
files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/ 67 KB
67 KB 9ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/banner_image_style/public/graphql-upload-files/urnas%20tiago%20ghizoni%20dc.jpg?.Sg4XjLlJvpZ1HP5K7UWd5ldiWXfBa9_&itok=G1qyLLmb&w=1220

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fc66b1f2f4900406fa749ebc994ad2fe12845e7832a43ffa1e1bd6c6eaa7b422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
via: 1.1 varnish, 1.1 varnish
age: 17846
x-cache: HIT, HIT
fastly-io-info: ifsz=110742 idim=1135x679 ifmt=jpeg ofsz=68114 odim=1135x679 ofmt=webp
fastly-stats: io=1
content-length: 68114
x-served-by: cache-cgh11146-CGH, cache-hhn4045-HHN
x-timer: S1663361919.284858,VS0,VE2
etag: "IJjpRhJNBQflrAi/l4tg0hM+iAGHEx5M+Vvsz5QqKfQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 311ms
101ms Image
image/gif 54.86.116.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nsctotal.com.br&p=%2Fhome&u=BdvC7PBcOBGaBO8T11&d=nsctotal.com.br&g=66021&g0=capa&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11570&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=752&t=w8PqtDj0cSRD7-QJODrQLrcBEdR54&V=136&i=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&tz=0&sn=1&sv=B1AvjQCKEiBKBFgWZOBJ21nclfWDO&sd=1&im=067b0fff&_
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-116-177.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 165 B
481 B 140ms
113ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nsctotal.com.br&domain=nsctotal.com.br&path=%2Fhome
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c4f1f588aabce40bd0cf2276c0a3aafa15125a9d58e8587a4fb58b7d41b4b217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 128
x-served-by: cache-hhn4032-HHN
access-control-allow-origin: *
x-timer: S1663361919.393869,VS0,VE98
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 14 Sep 2022 20:58:39 GMT

GET
H2 200 pubads_impl_2022091401.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
128 KB 32ms
32ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131297
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 08:37:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Sep 2023 10:48:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 190 B
147 B 130ms
66ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nsctotal.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

56d6fd7ac540fb42fe1255c18c3afad14c879e05ddc72d704aa286710766433e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122
x-xss-protection: 0
expires: Fri, 16 Sep 2022 20:58:39 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/ 52 KB
16 KB 30ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.24.0/moment.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9247006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15508
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzlSLku%2FSzjcwcU3rdl7gvenJn06VRTWAtYXQTHThGZAK%2FgY0Ui6SM7Na4VQZrWqm6Ip0GqEwGuxomtr%2FPaWxRst4sx%2B0AU8NM2%2Fks66aYhRQ0PE1NWPEvmAbRhuv9CkrYt5rXzV2wy10%2BKgd6QZLV4g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858899949279-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
37ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7001
date: Fri, 16 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 16 Sep 2022 21:02:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 42ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 7510
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 15 Sep 2022 18:22:15 GMT
server: cloudflare
etag: 0x8DA974737287FBC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc8588bcad924f-FRA

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 138ms
39ms Script
text/plain 2a00:1450:4001:830::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:03:32 GMT
content-encoding: gzip
age: 3309
x-guploader-uploadid: ADPycdvW931r2vIOqhjshTc2Mf0xIwSUx9GiUeeL8OkNOsjt7XnGxPlZBTMeG8wYVx--0SOERaCAQRZhI_1mC-CdCkO4RZiSz7gF
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Fri, 16 Sep 2022 21:03:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26872
x-xss-protection: 0
pragma: public
x-fb-debug: I5LcHYhDspz1OV66YT7oeTkGZyY85YV8LBC5yM/yQpEepFDN4+ZVbvWzgAGXedJzAgR1ju0ujD8y77KJmeedIA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 20:58:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1950399.js Show response
static.hotjar.com/c/ 4 KB
2 KB 74ms
38ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1950399.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

d8c694f531b732f8fa21a51f76e297baf833ac99999685cbd653ce35f9d5fe58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/766276455460f12bb953bd4258427993
strict-transport-security: max-age=604800; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: 8mJOdexLAZNWgT-yJbeKLWCr2ELxiWfzXRowbv4Y6TEa8Nz3GdfHSg==
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 163ms
87ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Sep 2022 20:58:41 GMT

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 51ms
21ms Script
text/javascript 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1330902&mt_adid=207808&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4505 5b23575 master cdg-pixel-x13 config:1.0.0 /
Resource Hash: eafa049666d949f5f7e3a2c2067845b74194821f446f73bd94eaa05459b49dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:41 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x13 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1493
Expires: Fri, 16 Sep 2022 20:58:40 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 72ms
31ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 17 May 2022 12:22:37 GMT
server: cloudflare
age: 3474
etag: W/"6283938d-3671"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 74bc8588eb319b3a-FRA
content-type: application/javascript
expires: Fri, 16 Sep 2022 21:00:47 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 45ms
20ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 54
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA60-P2
cf-ray: 74bc8588cffb698f-FRA
x-amz-cf-id: HKnQtoO6Ea4vTIn1JV_-7Rfy1Lr4qaY8IVcREb18X5ThtHt5Ap6Elg==

GET
H2 200 7728d74a-6b4e-472f-b18c-54f373f4cc20.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 41ms
15ms Script
text/javascript 2606:4700:3037::6815:4d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/7728d74a-6b4e-472f-b18c-54f373f4cc20.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da351fd1b4303f82c46d465ddb04ea2b01fe382967c3d2c09e0dd634fdd00fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 351bb5fb1bd6097be2e9d8a05c34165c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2850
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 14:31:11 GMT
server: cloudflare
etag: W/"c0d3d31ef2f6f5823d838cac5d5fdfff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTATAoiRlyOz5aX6Ce329juaag6M8OB3yzi9EmNjqnHwNW1O9dyt77WGKWohRwTYE4g2BBuEyBUL2HAi1wsGEO%2FQ5BbLBIoqopEMbENYY3z8tTZcVuL008BLeqDW5qw0q67g8dwisfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-amz-cf-pop: TXL50-P3
cf-ray: 74bc8588dedf912b-FRA
x-amz-cf-id: RBJ9q7LZco_YFCcSXKHGpoDg3uB5gMU6PDuNjUkhfn72eiANopIIrw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
75 KB 135ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VBG9C9NG72&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02161bd6ce007e255a24595845792f4e7e606a6d3b51c5fe49a75cb3771a0b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77150
x-xss-protection: 0
expires: Fri, 16 Sep 2022 20:58:41 GMT

GET
H2 200 leandro-puchalski_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/ 2 KB
2 KB 12ms
7ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/leandro-puchalski_0.jpg?cG2a_F.3Co4P5eN.ZZo8waBNNpnLVPcu&itok=qeVxK28A

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20a002a79dcc4c711fbdb2c85a59c6006841fe74fe2381738ccadd2dba7b9fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 3297533
x-cache: HIT, HIT
fastly-io-info: ifsz=2767 idim=77x100 ifmt=jpeg ofsz=1702 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1702
x-served-by: cache-cgh11147-CGH, cache-hhn4045-HHN
x-timer: S1663361921.449164,VS0,VE2
etag: "MLghrOxP9EqjiZM5kSbx36XVJO/IE9WTDOq6vqD7HoI"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 Dagmara%20Spautz%20-%20NSC%20Total%20-%20Perfil_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-12/ 1 KB
1 KB 14ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-12/Dagmara%20Spautz%20-%20NSC%20Total%20-%20Perfil_0.jpg?eWhvDeCOMIcLQh8as_85DFUDb_cunRAw&itok=d4n1j_UM

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b8d867c1b2bebb2f3ccbb2984e5c96589697c228c611c3aa929067d07e557b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 3945748
x-cache: HIT, HIT
fastly-io-info: ifsz=2296 idim=95x100 ifmt=jpeg ofsz=1060 odim=95x100 ofmt=webp
fastly-stats: io=1
content-length: 1060
x-served-by: cache-cgh11138-CGH, cache-hhn4045-HHN
x-timer: S1663361921.452074,VS0,VE2
etag: "/Sk4o/RcL2/60TQ6jqVCNT2kGtkODiq8hD7eytaUHQo"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 renato_igor.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2017-12/ 1 KB
1 KB 13ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2017-12/renato_igor.jpg?NSK42asseHlkAdf7IP098Pv19kxsX_.0&itok=5Xe5npM-

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd2c3df5764e85f6c58b65458b65211872bec85dcbe1b8cd9faa8427ae835190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1516577
x-cache: HIT, HIT
fastly-io-info: ifsz=2391 idim=77x100 ifmt=jpeg ofsz=1224 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1224
x-served-by: cache-cgh11143-CGH, cache-hhn4045-HHN
x-timer: S1663361921.452040,VS0,VE1
etag: "Z1pjXw0Pe1vcPdjmXeOTX11b+H9de6AQCMJ6S1pIr+g"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 ander_0_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/ 1 KB
1 KB 14ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/ander_0_0.jpg?YEtKOPFVX1Gr.EoKgYrM893apS5KrXkm&itok=2IyNGhbQ

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

326a5f8d82e6a912028b54a7ed06830dc70fb86e580acab29137959bc8600adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 2650430
x-cache: HIT, HIT
fastly-io-info: ifsz=2189 idim=77x100 ifmt=jpeg ofsz=1082 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1082
x-served-by: cache-cgh11133-CGH, cache-hhn4045-HHN
x-timer: S1663361921.452292,VS0,VE2
etag: "PkYPlwkncHNrkMJX0WfuO3nylzNNT4+2SVGaqOAyrSQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 raphael%20faraco%20perfil%20nsc%20total%20final_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/ 1 KB
2 KB 13ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/raphael%20faraco%20perfil%20nsc%20total%20final_0.jpg?H6UBMHsuCy83QYCN4aN4Cgoy9ylx6o94&itok=2sn0KeE0

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20e289f065c1a4370e6a9465c6d9b4c66fff2832d2b63aadea09bcb66fb51826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 2041678
x-cache: HIT, HIT
fastly-io-info: ifsz=2548 idim=71x100 ifmt=jpeg ofsz=1394 odim=71x100 ofmt=webp
fastly-stats: io=1
content-length: 1394
x-served-by: cache-cgh11179-CGH, cache-hhn4045-HHN
x-timer: S1663361921.452589,VS0,VE1
etag: "A5uhXAxJaGUOa+xnBRkDIQLb6tK8pS7RzP+hZt7b78o"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 estela%20benetti%20colunista%20nsc%20total_0.JPG.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/ 1 KB
1 KB 9ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/estela%20benetti%20colunista%20nsc%20total_0.JPG.jpg?b.f8iN_.Bt.qVYpX8O5gOCZ3nZtVIeZt&itok=V7QsS0Vs

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1725114b31adedaed2eb8bb1e65c350e454f925059b09223b261b9c516100428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 1520577
x-cache: HIT, HIT
fastly-io-info: ifsz=2206 idim=77x100 ifmt=jpeg ofsz=1118 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1118
x-served-by: cache-cgh11142-CGH, cache-hhn4045-HHN
x-timer: S1663361921.452555,VS0,VE1
etag: "O941USNBW0nNI8PsZk1ku/bcFFmlg5OUQncHgSW9coc"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 leo-coelho.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-05/ 1 KB
1 KB 8ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-05/leo-coelho.jpg?Y0m9Auzset7M8U7.CCxDepzE0ctm78FO&itok=LJIZ09Si

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2d306647e1e5f1542e4a292dc09c4aa689feb40ce76114ccf31447e63a88b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 3334734
x-cache: HIT, HIT
fastly-io-info: ifsz=2351 idim=77x100 ifmt=jpeg ofsz=1242 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1242
x-served-by: cache-cgh11146-CGH, cache-hhn4045-HHN
x-timer: S1663361921.459338,VS0,VE2
etag: "FqU3sTx0SIO6eCF1uD1yfT+EFusAYNEFUD8LOD3g1tg"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H2 200 saavedra_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/ 1 KB
1 KB 13ms
10ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2019-07/saavedra_0.jpg?ywZbM2x5XIsP94mAtoUnG36ZXLYrQayD&itok=ytcUOh8n

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

15984dfa2c5578324fc434e5bb2a254db7c722af1261f23da88636fe5131ffd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 304364
x-cache: HIT, HIT
fastly-io-info: ifsz=2169 idim=77x100 ifmt=jpeg ofsz=1106 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1106
x-served-by: cache-cgh11159-CGH, cache-hhn4045-HHN
x-timer: S1663361921.464898,VS0,VE4
etag: "7puUG7a9QT9Olaa0HaZp5zYeSo7fiC5Uq1j/x9k3vzc"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 5, 90

GET
H2 200 denis%20luciano%20perfil%20nsc%20total_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/ 846 B
1 KB 9ms
7ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2021-04/denis%20luciano%20perfil%20nsc%20total_0.jpg?q_Rlh0KiLdf5kNKmQk_YpMvFFTSbc9if&itok=pDY6s3JZ

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83b69d6cec7acfd448561936b084d0e94f0bcccdb2f71133a44e06b04e9b09ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 5143882
x-cache: HIT, HIT
fastly-io-info: ifsz=1965 idim=77x100 ifmt=jpeg ofsz=846 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 846
x-served-by: cache-cgh11165-CGH, cache-hhn4045-HHN
x-timer: S1663361921.465282,VS0,VE1
etag: "cXEEl704J8bsCXUxA+zpp4a1F/e5HjUSzXRAXdZA/NQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 42, 1

GET
H2 200 evandro%20assis.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-06/ 1 KB
2 KB 10ms
8ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-06/evandro%20assis.jpg?4IPrLYauPvC70f.v0Ch4pQRyvlIeCkfR&itok=9FytDhiJ

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

adafb1c7c20e39af05e24e83cf1139bf1f99ade57c975c72f8990574b2ff9bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 2130318
x-cache: HIT, HIT
fastly-io-info: ifsz=2449 idim=77x100 ifmt=jpeg ofsz=1398 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1398
x-served-by: cache-cgh11145-CGH, cache-hhn4045-HHN
x-timer: S1663361921.465242,VS0,VE1
etag: "v3i5fAxJB16XjD8IQjJYRBMS0rKsoAIhoO6l/yhMVUQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 pedro-machado-2_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2018-11/ 1 KB
1 KB 11ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2018-11/pedro-machado-2_0.jpg?UcWFJmMe_pLZktUis_oQL2jFQ0mfNGJZ&itok=MSrTMQmA

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b635347ae125c2f9c05df9c96050c254a82d6becb55d99f62bc6b2f9ea3e301a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 2112897
x-cache: HIT, HIT
fastly-io-info: ifsz=2226 idim=77x100 ifmt=jpeg ofsz=1162 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1162
x-served-by: cache-cgh11151-CGH, cache-hhn4045-HHN
x-timer: S1663361921.465221,VS0,VE2
etag: "77/CjCp6h6XA1G+74eYUkF45CMHxVwoDpGO1gfRnV3c"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 fernanda-nasser_0.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-08/ 1 KB
2 KB 10ms
9ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2020-08/fernanda-nasser_0.jpg?rhJ6WqFtoat_.9V82vaxQexJxwI2bLda&itok=Wlgnw_Fc

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37122b62808ee4048ddb104296bcfd6c5f99413bae43cf99d0c88aa7465b0864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 2128039
x-cache: HIT, HIT
fastly-io-info: ifsz=2450 idim=77x100 ifmt=jpeg ofsz=1390 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1390
x-served-by: cache-cgh11139-CGH, cache-hhn4045-HHN
x-timer: S1663361921.465183,VS0,VE2
etag: "7srvSRpJ1P0vCIsdPRRL1K90reAJq2dTI+ckgtiyZuc"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=7890000, no-transform, public
accept-ranges: bytes
x-cache-hits: 10450, 1

GET
H3 200 show Show response
buy.tinypass.com/checkout/offer/ Frame 851A 293 KB
38 KB 171ms
152ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c95ffd41d2daf96061b1fabe086272aeecc270ea331ccb4c18e6cc72f2247975

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74bc8589481b996f-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 16 Sep 2022 20:58:41 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server: cloudflare
server-time: 0.008
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-91-30
x-forwarded-https: on
x-request-id: Mt9mbireC1N
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 144ms
45ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nsctotal.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 146ms
45ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nsctotal.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 Rodrigo%20Faraco%20NSC%20Total%20vers%C3%A3o%20final_2.JPG.jpg
files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2022-08/ 1 KB
2 KB 8ms
7ms Image
image/webp 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nsctotal.com.br/s3fs-public/styles/thumbnail_image_style/public/2022-08/Rodrigo%20Faraco%20NSC%20Total%20vers%C3%A3o%20final_2.JPG.jpg?5nuX1wfo0T56HlM41w1hJkca5Ttyu52m&itok=a5qWYfYy

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a7e1f36f2021dbf74b145fe79dc11852a11e4cb4c1a780a4357a4e2e1aa3957c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 3327162
x-cache: HIT, HIT
fastly-io-info: ifsz=2390 idim=77x100 ifmt=jpeg ofsz=1294 odim=77x100 ofmt=webp
fastly-stats: io=1
content-length: 1294
x-served-by: cache-cgh11137-CGH, cache-hhn4045-HHN
x-timer: S1663361922.643559,VS0,VE1
etag: "Bhp4vGDVPfFL0laK2xC1EkJwAyYQS0W0Oa5RT5ny1yQ"
vary: Accept
strict-transport-security: max-age=31557600
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31557600, no-transform, public
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 modules.d00377d3a043900eb4ef.js Show response
script.hotjar.com/ 252 KB
65 KB 39ms
8ms Script
application/javascript 13.224.189.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d00377d3a043900eb4ef.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1950399.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-51.fra2.r.cloudfront.net

Software

Resource Hash

f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 13:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200974
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65532
access-control-allow-origin: *
last-modified: Wed, 14 Sep 2022 13:08:33 GMT
etag: "74e062f975f5935c93ae5aff80efbd87"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6vP-WHiZ2AFqR686Op15HVsasNX2uNrCNqnDWu9-AKH-dlIP97Y8AQ==

GET
H2 200 53724 Show response
tag.navdmp.com/u/ 496 B
476 B 150ms
149ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/53724
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 870914e597915e7c0e87dae9624b76c760304deb33155b45020d26634f61a932

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:45:00 GMT
server: cloudflare
etag: W/"6137b32c-1f0"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 74bc858a4d899b3a-FRA
content-type: application/javascript
expires: Fri, 16 Sep 2022 21:58:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 65ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1668293795&gjid=1350102471&_gid=1844748461.1663361922&_u=YGBAiEABBAAAAE~&z=2142373784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Sep 2022 20:58:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 120ms
38ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1352210999&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&ul=en-us&de=UTF-8&dt=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1668293795&gjid=1350102471&cid=648720974.1663361922&tid=UA-133190190-1&_gid=1844748461.1663361922&gtm=2wg9e0NBXJGMV&cg3=pagina&cd4=pagina&cd10=NOT_LOGGED_IN&cd14=0&z=1170407104

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 18:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10705
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 586 B
351 B 79ms
78ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=399305488362213&correlator=3889098450902112&eid=31068458%2C31069474%2C31069670%2C31068367&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fif&iu_parts=157669170%2CNSC_Total_(ROS)%2Chome-page&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x1%7C1x1&ifi=1&adks=4141897383&sfv=1-0-38&fsapi=false&prev_scp=special%3Dhomensc%26format%3Dfloater_top%26amp%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663361921679&lmt=1663361921&dlt=1663361918612&idt=2960&adxs=800&adys=407&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=0&ohw=0&ga_vid=648720974.1663361922&ga_sid=1663361922&ga_hid=1352210999&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

380b9923c097b3b52dd072661a3457b68d3cad2fa9b3174fe43644c154d13a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 321
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22CA 6 KB
4 KB 163ms
46ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:41 GMT
expires: Sat, 16 Sep 2023 20:58:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
271 B 80ms
76ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=399305488362213&correlator=3889098450902112&eid=31068458%2C31069474%2C31069670%2C31068367&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fif&iu_parts=157669170%2CNSC_Total_(ROS)%2Chome-page&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=4138517731&sfv=1-0-38&fsapi=false&prev_scp=special%3Dhomensc%26format%3Dfloater_1%26amp%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663361921692&lmt=1663361921&dlt=1663361918612&idt=2960&adxs=800&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=512&ohw=0&ga_vid=648720974.1663361922&ga_sid=1663361922&ga_hid=1352210999&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

4e6c1766df8aeefdbe26c33b0c8686803e63b296b730f773b287fa51dd77f8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 448ms
446ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=399305488362213&correlator=3889098450902112&eid=31068458%2C31069474%2C31069670%2C31068367&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fif&iu_parts=157669170%2CNSC_Total_(ROS)%2Chome-page&enc_prev_ius=0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x150%7C970x90%7C728x90&fluid=height&ifi=3&adks=1198582332&sfv=1-0-38&fsapi=false&prev_scp=special%3Dhomensc%26format%3Dbillboard_top%26amp%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663361921698&lmt=1663361921&dlt=1663361918612&idt=2960&adxs=315&adys=255&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=648720974.1663361922&ga_sid=1663361922&ga_hid=1352210999&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

fd9f02ffaf932813e6cc7181f0c38b8aec89a079da85b5ef58af8e2aa18b2b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19164
x-xss-protection: 0
google-lineitem-id: 6095277808
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402437475
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 293ms
290ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=399305488362213&correlator=3889098450902112&eid=31068458%2C31069474%2C31069670%2C31068367&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fif&iu_parts=157669170%2CNSC_Total_(ROS)%2Chome-page&enc_prev_ius=0%2F1%2F2&prev_iu_szs=1x1%7C970x90%7C728x90&ifi=4&adks=4273250247&sfv=1-0-38&fsapi=false&prev_scp=special%3Dhomensc%26format%3Dfloater_2%26amp%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663361921705&lmt=1663361921&dlt=1663361918612&idt=2960&adxs=315&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=648720974.1663361922&ga_sid=1663361922&ga_hid=1352210999&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1ccce053f9410ea123e4f92affa2fa09db2a3673991b5775eda3301df8814250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19151
x-xss-protection: 0
google-lineitem-id: 6095277808
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402437577
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 672ms
670ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=399305488362213&correlator=3889098450902112&eid=31068458%2C31069474%2C31069670%2C31068367&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fif&iu_parts=157669170%2CNSC_Total_(ROS)%2Chome-page&enc_prev_ius=0%2F1%2F2&prev_iu_szs=320x50%7C1200x400%7C970x250%7C970x150%7C970x90%7C728x90&fluid=height&ifi=5&adks=1580277074&sfv=1-0-38&fsapi=false&prev_scp=special%3Dhomensc%26format%3Dbillboard_middle%26amp%3Dfalse&sc=1&cookie_enabled=1&abxe=1&dt=1663361921712&lmt=1663361921&dlt=1663361918612&idt=2960&adxs=200&adys=1137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=20&vis=1&psz=1200x-1&msz=1200x-1&fws=0&ohw=0&ga_vid=648720974.1663361922&ga_sid=1663361922&ga_hid=1352210999&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f38897dac4daeed5c0a51f08fcabc564f97bfce2f60d7a8bb5f40a30c7cc22e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19171
x-xss-protection: 0
google-lineitem-id: 6093771978
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402191235
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f.json Show response
cdn.cookielaw.org/consent/d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f/ 2 KB
2 KB 53ms
23ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f/d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66eca762310c1d434d9a98f66a52f086e0e5dd7c714252a897552c51fe80f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /6KVnRhnuP1LsnJ5G25n+Q==
age: 3821
vary: Accept-Encoding
content-length: 1115
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 03:18:26 GMT
server: cloudflare
etag: 0x8D8BDBB380B19D1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8a159014-101e-00c1-18c2-11535f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc858af9369c00-FRA
expires: Sat, 17 Sep 2022 00:58:41 GMT

GET
H3 200 moment-timezone-with-data-10-year-range.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/ 42 KB
10 KB 35ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.28/moment-timezone-with-data-10-year-range.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBXJGMV&gtm_auth=fqbfXXdCMyKncJZxMfxMzQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d2e8ecd2ca1334ac31b43e1646c1ffc5be9b41cc8267bf83202f6a5ef3bc608

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17537418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9859
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-a622"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTyDzHa7tuogP6m7wTYK82ovlWYq2XY85vg06y6xyaq0AUEjd03I1OOP0wRZpphFYcssVTXGF%2Fx%2BTJAdZyjNb73c2afjnyBFVSn22YAcYvCHBACfUs98Ht7Og5x1sv%2BPhHTmOqwNNQ0Vg75yiYbyA%2FUn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858adec091d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 5403 713 B
1 KB 21ms
21ms Document
text/html 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=782b6324-e381-4d00-a42a-afd6552e9d8d&no_iframe=1&mt_adid=207808&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=1330902&mt_adid=207808&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4505 5b23575 master cdg-pixel-x25 config:1.0.0 /
Resource Hash: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 713
Content-Type: text/html
Date: Fri, 16 Sep 2022 20:58:41 GMT
Expires: Fri, 16 Sep 2022 20:58:40 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master cdg-pixel-x25 config:1.0.0

GET
H3 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 185 KB
51 KB 37ms
19ms Script
application/javascript 2606:4700:3037::6815:4d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/7728d74a-6b4e-472f-b18c-54f373f4cc20.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d1f71d7f21f0835b803691da4e3e807fb4c1bfb300cdb92ffa829c9fcaf3119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 843
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Sep 2022 17:25:22 GMT
server: cloudflare
etag: W/"f01ab2ba80b179fabf6fc0010f56c591"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT5b79scSUqvGIOz2YFbAn87uWEJpfxFY3%2BcGYig1uoWAyqDS0bqZO7Q%2BVB5LV%2Bt22HoJsFt5WKqRNAbTWU6%2Fm1gv%2BvcxXzfIMBBjzWQ598ZRuYNI%2Fkb7bzQwRqWv0jRUr1%2B2Vyn1uU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 74bc858aee198ffb-FRA
x-amz-cf-id: uSYBYVAsBMHiBplxB8Z1lp-H7_rEiA5MWI8ERfOEWJPee-t3KQY0Ig==

GET
H3 200 898005737027462 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 75ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/898005737027462?v=2.9.81&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

840634e9ac297125c6ba13261a06d8cde7f8294d57a05a00cb19269177be5e13

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: RiuI1y54nxyr5I7J0zhCCK2fy8KK0LTRzVKBaXLBXOWfylkNoQb85Av6gLURtyDn3H2CffGGcIiADBmZLS9DxA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 20:58:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1558ms
722ms Image
image/gif 44.237.248.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1663361921767&e=pv&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&page=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=576&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=5d4f15a1-30ac-4a5f-a343-1ccac9ef924e&dtm=1663361921764&vp=1600x1200&ds=1600x11583&vid=1&sid=6942187b-1dc8-435f-a62c-87325f67a265&duid=34c8e4ea-00a4-4e5c-a26c-feb37d373cd2&fp=2985563604&uid=login_do_usuario
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.248.18 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-248-18.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/972651818/ 2 KB
2 KB 368ms
121ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972651818/?random=1663361921771&cv=9&fst=1663361921771&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&tiba=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&auid=1955076384.1663361921&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf53f73675036c54c80f65f2a48015aa815508cebafa8209bc60e17f28d1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
341 B 255ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VBG9C9NG72&gtm=2oe9e0&_p=1352210999&cid=648720974.1663361922&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663361921&sct=1&seg=0&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&dt=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VBG9C9NG72&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 851A 305 KB
58 KB 75ms
75ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79a9d02d62ba8e0c6650830016360ad971702625d15c2f09b7e6738960d3a0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1520
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-125-153
last-modified: Thu, 15 Sep 2022 13:44:46 GMT
server: cloudflare
etag: W/"312098-1663249486000"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 74bc858b5b9f996f-FRA
expires: Fri, 16 Sep 2022 22:58:41 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 851A 95 KB
30 KB 14ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 754766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghYTTShW486zLGdm1%2BCevwp3bfkCC1UkTrM7xABh3tOdfoLzLGiutIXGtK2IsTuiHwb1VjtI9H5z5QG%2FICudQXy2wCl90bXGRtngfe%2B6lbbLXY6vMWf5X6IuiOlYRNHE9B9L7wcgh8yAzfoZrFWDgyTj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6191d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 851A 10 KB
4 KB 21ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 703786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3550
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2748"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1K2d5zNzZqTtJPviQy6vqHl7hzv8GRo0JHUvX8iZASRm7TVKqVXvL1oRHwqoUzqGwd3ADtEkm98f2j%2BGZ0SoYNbI%2FUw3cMILRCb5oxWzGEmw%2FQafPmDFfP3Kyn894yn1kWysmG8WuxfLhE9xjqpi9SH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6291d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 851A 104 KB
35 KB 27ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 164150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35086
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-1a191"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYXRi18oolpZP6bIJqr4VBrN%2Big3mWUxYuDEM5hYWuMvIT4dGxm%2FmyonLj9N5ymA1lPtJ%2FibZ4x1VtySQo2i5nZmbDp5JptuUzII%2FbHqMy0AzKiR%2FnqfUHQibTAbh5kDcVWlrz0DBHYZSbtoRJHnndSI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6391d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 851A 825 B
1 KB 28ms
26ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9857871
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 434
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMSl6FStfLZyDHe0r57fmylqQK721j5S7w252F51PPHbyDlRvsuKkI9%2F0UgsjJShom19gfPre9uxx%2BwpINIBv1D3YXldF8qMIy0gvp35pnzV0UJPdMJhRAmhlLpOWv317lh2kz5gYG9v8s%2FNbAN90axh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6491d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 851A 4 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7578099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2171
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2F0aUag%2BEbe8Ywt9IU9hX%2BaUaiEkp3XtJ4rcLIn%2Fa2Sr3eFVSERKy8J1t7iB%2Bz40In3h06a823eM%2FNDEYNzNrSC%2F%2FPagF84Z%2BBCmcDip6k2mK%2FK60syl5bJ1CutChmpC2GjQIOM2ksy9gtZLTP96qTwQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6591d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-touch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 851A 3 KB
2 KB 30ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-touch.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4404702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1321
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVIKDk7hqtG3KZhYHUWIW%2FxO6p%2F0C%2Bdj4nf9Uj7WQdFur7tHarvJjc41r1n%2B4GyRbeDWWAlokLV1Rc3MMaey1LmcbSfiE3Oqv%2FBy9dIerUFi9XO%2FFB%2BS2CB4StaV0%2B8qbxyN4aNjcZzLkkUh5OZD8I%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6791d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 851A 3 KB
2 KB 31ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7577604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 953
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BbGQe0JXF%2BI%2FDPoJr6ikd7setyCV5ZEUkIljJeTF016p3TvnPZY0lKaVBT41EFzTw6ZIPO3kQIkS8WrcgoOEvmVw3scLGfj4EPxfapRi5gAG%2F%2BHQJIEYWk519NupKDm%2F0Cxs8sX0%2FUmNJk2i5XLt09Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6891d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 851A 23 KB
8 KB 32ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1310656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMkSfpAJQd%2B82OXwNkMCxozv7YON5zAoQtiAZURYZpqib%2B76nR1oknAwhNpmtidTGG7TneQJT2kU9fqZjqsQiJ%2BRl3d0xMwu35Vk3U7K8a6gCH%2FyAE5JXhwA8R%2BKtIbC0BseynW5%2F59MYf0%2BIMO5d%2FJz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6991d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 851A 2 KB
2 KB 35ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 173157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 910
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-93c"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddge54MTNReXsWj9q2JJbikAuErXyoPWeeMaC%2FmeF9wqQfZ2y0tuZBj%2Fg%2F%2B%2B1zXLAlh%2FQUPpkA54YvdLCcLJGmai6pcRhfCC4GdIRmzOYKVoJsutp%2Bgv5j%2BsnHMflPwJDhlmn1E3c5wO52e5Vgw2ukp6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6c91d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 851A 20 KB
7 KB 35ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 164150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6934
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ye3H99K2usEMASdhA7W%2FFMuImFpgPsScTQExq9dCOUNk7afNTg%2B8tulFaqNJ9ADJQ2CrVzQ3eb3AlQzg3mbCbakBl7FiO3EYdwAY49wwD26XJGXbRYsNYfauFySu3uNxqGQ4bq4F0uESFd1ZZK77uiA8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6d91d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 anime.min.js Show response
cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/ Frame 851A 17 KB
7 KB 37ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animejs/3.1.0/anime.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3203168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6344
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-4377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BZ8XJbtXdjRR2fy6xoiK6%2Fpxqg6XPTD1UQ7KQRMhswvDWClsNKvFdlMkfp4%2BuaPma2AWCQWxk0R%2BBpL9LtD%2F%2B9PMLqgwaFvLFX%2FODn7bhvlCoQgceAiMqkryvD6Z2RyoY4rJ7obi0ZubKPjpH0x7WGm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74bc858b5f6f91d8-FRA
expires: Wed, 06 Sep 2023 20:58:41 GMT

GET
H3 200 H4sIAAAAAAAAAD3IwQ3CMAwAwIVIrFjQwAh8WaBKbatNcROEYyG258c9Dz6VVxnA1QbQJvTsPsLR2VVgNyC30Y-weGOVmOXBdM_fl8_TGXNOeLucQOtiUNrqWt4hRYyIUNO1_U87FZVZWnCLu_0ADo3q-3QAAAA Show response
buy.tinypass.com/_sam/ Frame 851A 550 KB
146 KB 59ms
58ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ3CMAwAwIVIrFjQwAh8WaBKbatNcROEYyG258c9Dz6VVxnA1QbQJvTsPsLR2VVgNyC30Y-weGOVmOXBdM_fl8_TGXNOeLucQOtiUNrqWt4hRYyIUNO1_U87FZVZWnCLu_0ADo3q-3QAAAA?compressed=true&v=14.271.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c07f1a0ba00e7c4fdd7e0b0d0676e2b0b077cdf44d50e09ab1ebc0fbf63ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 151
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-130-185
last-modified: Thu, 15 Sep 2022 13:52:02 GMT
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=604649
x-optimized-by: _sam
cf-ray: 74bc858b5ba1996f-FRA
expires: Fri, 23 Sep 2022 20:56:10 GMT

GET
H3 404 pop-up-clube-nsc-panelas-01_html.css
buy.tinypass.com/checkout/offer/ Frame 851A 0
0 40ms
39ms Stylesheet
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/pop-up-clube-nsc-panelas-01_html.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 150
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 74bc858b5ba3996f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Sep 2022 21:18:41 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 851A 81 KB
27 KB 49ms
48ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

3f6ea66f4fee4e8832b05633a298a1de7a9c56c89091545674eb34f7ce03dd9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27871
x-xss-protection: 0
server: sffe
etag: "1336 / 935 of 1000 / last-modified: 1663326453"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H/1.1 200
OK 88abc1be-83cd-4035-8800-9dff4264960f.png
ac-landing-pages-user-uploads-production.s3.amazonaws.com/0000080881/ Frame 851A 8 KB
8 KB 363ms
128ms Image
image/png 52.216.18.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ac-landing-pages-user-uploads-production.s3.amazonaws.com/0000080881/88abc1be-83cd-4035-8800-9dff4264960f.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d0859b2f88556aebcf99106f1278523aff221812ad34a73109a0ac5ab6401a3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Last-Modified: Sun, 12 Jun 2022 00:26:44 GMT
Server: AmazonS3
x-amz-request-id: P8Q6XWECH3FK2W90
ETag: "df51b407b20cabdb20e93f70add99041"
Content-Type: image/png
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 8312
x-amz-id-2: VXiK2WXn3O/py5XsrJO1txKU7JrEpO54+BxN/VBSpXaZZ7vzUWhu7UflLRTdom+ESSNkeyd+Jhw=

GET
H/1.1 200
OK 5a966bc2-39f1-41ac-a4bd-0a8900bc9e2e.png
ac-landing-pages-user-uploads-production.s3.amazonaws.com/0000080881/ Frame 851A 308 KB
308 KB 364ms
135ms Image
image/png 52.216.18.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ac-landing-pages-user-uploads-production.s3.amazonaws.com/0000080881/5a966bc2-39f1-41ac-a4bd-0a8900bc9e2e.png
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e36e89345168cb7132b14cf34e05ea50489591f88d037ae21577b2736afc352b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Last-Modified: Fri, 26 Aug 2022 13:57:49 GMT
Server: AmazonS3
x-amz-request-id: P8Q7DWKPKWQPZ4M6
ETag: "3a39278331b6301b3842cc561838c3df"
Content-Type: image/png
Cache-Control: max-age=1209600
Accept-Ranges: bytes
Content-Length: 315248
x-amz-id-2: nkAzJVJE0BZmoXj5A47ZDa0KZRKfaLJRgu/MK8k2GS4SZ8N2goaj+yf10Xvr7zO1hqqS3lfJGtM=

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 8544 2 KB
1 KB 40ms
7ms Document
text/html 13.224.189.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1950399.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-67.fra2.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 819695
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-id: BkGG3NTuuJwlrsBsp2PO8Sea0zIZD0-7R3uUmXwSKTv4lWYRmBqLJA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 / Show response
prism.app-us1.com/ 250 B
418 B 186ms
177ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=1001361628&u=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: 52a4ae4b3d8718cc75f50808f58f6a35a4f387472b474bb599a59ea4745e493f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.30
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 65
cf-ray: 74bc858b7c01698f-FRA

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ 0
481 B 27ms
27ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4505 5b23575 master cdg-pixel-x16 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:41 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 16 Sep 2022 20:58:40 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.10.0/ 356 KB
78 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Bh9exWOPGIwRshWljrtlEw==
age: 6708
vary: Accept-Encoding
content-length: 79698
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:43:00 GMT
server: cloudflare
etag: 0x8D89735260901BC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 59af6c0e-b01e-0044-5acf-11048a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc858b786f924f-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 250ms
65ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1668293795&_u=YGBAiEABBAAAAE~&z=1976797619

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 248ms
63ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1668293795&_u=YGBAiEABBAAAAE~&z=1976797619

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
478 B 406ms
394ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=53724&u=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd399fce9386542cffc86ac2b565cf32a48b69a0dcd04630ce83264d3b6b1dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74bc858bdfba9b3a-FRA
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Fri, 16 Sep 2022 21:58:42 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 146ms
10ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 19:29:56 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5964
Expires: Fri, 16 Sep 2022 21:58:42 GMT

GET
H3 200 2524905927731425 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2524905927731425?v=2.9.81&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3db9e093fae6a606ae6b01a663d7bd287e3772016cf3d6b7bf67943bc2c70da5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: uxl3nKM0KlNrAU86nU7cjhpn+UApg4rnHfYaKFMdSqNQtFp9+N5RHqVd4lf6B/96E7Ntm5/r0J7Cq1oJx8unGQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 20:58:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7728d74a-6b4e-472f-b18c-54f373f4cc20.json Show response
osp-assets.pn.vg/ 21 B
768 B 142ms
24ms Fetch
application/json 2606:4700:3037::ac43:cb88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/7728d74a-6b4e-472f-b18c-54f373f4cc20.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cb88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
access-control-allow-methods: GET, HEAD, POST, PUT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 648319
cf-ray: 74bc858caa835c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21
x-amz-id-2: 0hNhn1zKvEzLi8efLi1xOcpoxtsbP77/gKZeDH+julH/9FKmhQyGmH3fdLL7WNw7k+VL2X8zowY=
last-modified: Tue, 05 Oct 2021 13:50:37 GMT
server: cloudflare
etag: "7e49c47a75dd2571802e6b32b46a36ac"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohplZTxYVkiP%2FkyAnLIaW2t7s6r7qoov3NuW4Olb21xLoUfFsriGj7CC0GvVtRumSFp%2FdWd5jJ%2BLXd5ATflbUZ%2Fz%2FViQ0Ddvt3asPvDR%2F%2FCcR%2F1ZWa5YzjXWYePiLA5nOhZBTuw2nHvNxjqmX5nt"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: TGB146P386VQNX3G
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/json

GET
H2 200 pushnews-sw.js Show response
www.nsctotal.com.br/ 55 B
362 B 8ms
8ms XHR
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nsctotal.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

2a14458cb3acd7f1bff8ea7b23d42dc8effc8560b2258f99f6cb678a1a3de140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:41 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 64756
x-powered-by: Express
x-cache: HIT, HIT
content-length: 71
x-served-by: cache-cgh11144-CGH, cache-hhn4045-HHN
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Sep 2022 21:24:26 GMT
server: nginx
x-timer: S1663361922.911499,VS0,VE1
etag: W/"37-1833396d310"
strict-transport-security: max-age=31557600
content-type: application/javascript; charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cookie.html Show response
cookies.pn.vg/ Frame A0B8 5 KB
2 KB 26ms
15ms Document
text/html 2606:4700:3037::6815:4d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.pn.vg/cookie.html
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6351
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 74bc858cae25912b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Wed, 12 Jan 2022 17:09:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz2BZZRPzQSYtoyUrLw6tz9o9Z%2FGRHy4OkJAe4C6SzgdT6uHApA1OrMq%2FirojJb9WIJ7pmI2PHykfXtQj03azaB9e9Jc1T0IXUFENSp90SiaqL3%2BwqLlqR0C5YKy41JKbZGDgK9bO43RC9WQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
x-amz-cf-id: iTjx-Gu-c9qaCSBCFglkbcr81zHQ-sbGG91KBb5PKyUl6tZI94Uytw==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EBD3 0
0 70ms
69ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBDIRfla-NtNL2Y4j8_qWmMH4YMpxxJasRvyu0UAHYPpmcUmD758jogBAdOXTPASH-dY0z3WH1-v0oeOWusnvs0c8yC4BR3Yt1cWvQRr9BltNpaReKYdt6lpfmKRgdrAwiZ6Li6wgjnZL9CAP664dbWKDGd7cMeuZPpnqe_rEUErNRjSdl61COMYx8AuMIDkhsarMjzvXNvWlB516xp2fzaBXnZ7thNyRrfBHz98td45ZacmyEGwFjLyT9BIXe8h0eR8tvJ-3dlGyQ6_8s7Dt0InbIVNJpWcSq9l44rh1LMKqSim6mAmw9X-ltDeMbtyiq0HAmbmPj7aAkC4tiabY&sai=AMfl-YRqhr-tu1MzYewucThZieSozQHNtkevGoo5ehxyoW1xXgr8jVG_7_cHGriHyN-HfTYZV3ie2O3r0185GW-78hYQvZuC13LF7U66y7DX3rCOfLeAPjAEr5lyFGXZ6xpsyQ&sig=Cg0ArKJSzCSVNBQqQdh_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame EBD3 23 KB
10 KB 126ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:45:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame EBD3 3 KB
1 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:57:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBD3 141 KB
44 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EBD3 0
0 47ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQTO6qCftKtCmFBce4GpiPOJtZxlTwrQRHtvk80Pm9vvrkXBXLiayV-7OvAnw2uh6QfKpT8nZIx1_eWpcrK5aVnEwRlg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 1367018579879270363
tpc.googlesyndication.com/simgad/ Frame EBD3 114 KB
114 KB 133ms
46ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1367018579879270363

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b84faab764902aa2708c5aac7872ccb0fdce92477990f1408111a4438220912a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 14:09:47 GMT
x-content-type-options: nosniff
age: 197335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116515
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 14:42:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 14:09:47 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/comp/ Frame 5403 0
481 B 19ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=782b6324-e381-4d00-a42a-afd6552e9d8d&no_iframe=1&mt_adid=207808&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4505 5b23575 master cdg-pixel-x34 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=782b6324-e381-4d00-a42a-afd6552e9d8d&no_iframe=1&mt_adid=207808&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:42 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x34 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 16 Sep 2022 20:58:41 GMT

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
289 B 170ms
124ms Script
text/javascript 2606:4700:4400::6812:2a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=1001361628&prismid=81e53cc7-a7b5-4268-8983-9c64fb1301cc&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.1.33
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray: 74bc858d3f686921-FRA
content-length: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f/37d9a89f-ca38-4337-8bd4-f505d504e780/ 61 KB
14 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d2aaa2a5-d4f3-44bb-9a73-f7f1c2f1773f/37d9a89f-ca38-4337-8bd4-f505d504e780/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5ec34caa6a40917685a5ea0d906fcffa15c4ad0e04de13d45eba86d05f552d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 66b2FwCYje6QvoeDyJa6Fw==
age: 10399
vary: Accept-Encoding
content-length: 13751
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jan 2021 03:18:28 GMT
server: cloudflare
etag: 0x8D8BDBB38AC8149
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b95e905b-e01e-011c-2abf-2c46a4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc858d1ca69c00-FRA
expires: Sat, 17 Sep 2022 00:58:42 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 98 KB
31 KB 11ms
11ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 683a1c1c984165909393efa5d3578bbdbf39c612ad6a5f44a70d916db1f39b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 05:21:32 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31361
Expires: Fri, 16 Sep 2022 21:58:42 GMT

GET
H3 200 554987095310482 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 62ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/554987095310482?v=2.9.81&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af017f1c49005b9a50b51d675eff622a0205266b0dfa07dd4b9e9e6ea69a8c8c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 51O1QhwdFVvcVTHDEGtvFAPra5icjC6nq3IIVj0ev93fVh28IbiP8ZOmeur8t1R3UE+1xmJ3r/Yw0aeoYsA/+Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 16 Sep 2022 20:58:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 33 KB
9 KB 24ms
23ms Script
application/javascript 2606:4700:3037::6815:4d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7277fd9e9bb43fe39b1403784cf6a3b8542ef4cb082f3d4e16e758c43ee5a8c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
via: 1.1 e962bcfd10e6f174f59a72d119cef444.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6312
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 13 Jan 2022 09:54:23 GMT
server: cloudflare
etag: W/"26f66074349e934b34cdefb20b90262e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3QUw4M%2B1qND5BhBeX2LrCSCknInphYvK4VcvPg54qjV1qeg5yLGc3twCkJUFXtiunHXZmpi5OoIOuVMd7MXgwhtAUsgzChcnA567Mg%2FnHaCRVSHQgWilaZdNR2orUYDcDAy3DKgPWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
x-amz-cf-pop: SLC50-C1
cf-ray: 74bc858d495a8ffb-FRA
x-amz-cf-id: R2RphxLldprc8wRRMDDKWcmV29AWU5hcPnctsTGROvkUql4HOiqXkw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ 13 KB
4 KB 22ms
21ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: W9e0YobmEbvdB0V9OmpQkw==
age: 10399
vary: Accept-Encoding
content-length: 3329
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:50 GMT
server: cloudflare
etag: 0x8D89735209A34D6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ffe78915-a01e-011b-0d6f-c9b021000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc858d5d129c00-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ 46 KB
11 KB 22ms
22ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.10.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ydfMbMpHX/N/aS5YhkXXwQ==
age: 11803
vary: Accept-Encoding
content-length: 11336
x-ms-lease-status: unlocked
last-modified: Thu, 03 Dec 2020 02:42:53 GMT
server: cloudflare
etag: 0x8D89735220FDD9F
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 37af4d94-a01e-00d8-59d5-217f37000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74bc858d5d139c00-FRA

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame D181 684 B
768 B 11ms
11ms Document
text/html 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 379
Content-Type: text/html
Date: Fri, 16 Sep 2022 20:58:42 GMT
Expires: Mon, 26 Sep 2022 20:58:42 GMT
Last-Modified: Tue, 11 Jan 2022 07:21:04 GMT
Server: AkamaiNetStorage
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK segment Show response
api.cxense.com/profile/user/ 62 B
679 B 55ms
17ms Script
text/javascript 147.75.85.120
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cxense.com/profile/user/segment?callback=cXJsonpCB1&persisted=0b55e906cc1041fe184f60ef14b385013df9be0e&json=%7B%22identities%22%3A%5B%7B%22id%22%3A%22l84yqn00reezi53l%22%2C%22type%22%3A%22cx%22%7D%5D%7D

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.85.120 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/972651818/ 42 B
64 B 134ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/972651818/?random=1663361921771&cv=9&fst=1663358400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&tiba=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2078367067&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/972651818/ 42 B
64 B 134ms
53ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/972651818/?random=1663361921771&cv=9&fst=1663358400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9e0&sendb=1&frm=0&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&tiba=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&async=1&fmt=3&is_vtc=1&random=2078367067&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
api.pn.vg/api/v1/sync/7728d74a-6b4e-472f-b18c-54f373f4cc20/ 3 KB
2 KB 274ms
257ms Fetch
application/json 2606:4700:3037::ac43:cb88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pn.vg/api/v1/sync/7728d74a-6b4e-472f-b18c-54f373f4cc20/web
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cb88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 269da1d7e06991dead40fa2c1b7230c482d7847530fe30025fc754a647b5001d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c66-4tp4skn7B8MCji1dutM57apz1oY"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCOwlWB5YuTyCbewFl9D1lSTQKcnGTERBoEhIK6fOD%2BgfQGGTgaTWhivMZ3f6XQjbv8ilyFYZmsMotGNk344zPY8uba635U89ENAbjN5ketdl1kGnnwC%2FP0mc3FTRIMMRtUoUiwkx3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-exit: success
cf-ray: 74bc858e4ca75c2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pubads_impl_2022091301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 851A 376 KB
128 KB 32ms
32ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131297
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 08:35:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Sep 2023 13:19:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EBD3 0
0 68ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss93Z1IXsQ3SIxU4L1sFsRqxZZT26U8HASa-lPmlmjKZ422EhTiIrtOQWoFPiI9Nf1QhkYstPaJ-Fh2VcrrOlVTF2yNyHr4Yxo0EH8JGetCpcyGwFB_uc15GeloW-ILIu6DfdX1ngjPILSMV70osrT00FRwmNt45lIctCUBS2jXK9ngqQ-i9P3XnwBO5CWF6ywRzMFBQpj8ImTn34mNlbrC8ZUBsb1xu3j_yBU0aDrQaVRENpGUxih1YMogE5Ga3XHSgFL4-CoBtRuoXr9Lj0_2xravktaYX98YSxNghZdb-BLTrRcdXhwP0s9kh6RQ_vMGJzhzq1ydv03nwge-tEoF7A&sai=AMfl-YTcVjQoRafi8DmRdOKwPmjQ3njI_1lk_jlEo2CRiEKiU1wdEk1Al0R8abgkuli4oXCKUQINhaXuYizr6mgi2WlMEc0X2gm-LqXei-9bHyX1ASYo8Eu0OXqcdGQhPdpoTA&sig=Cg0ArKJSzJTS0JhLoejhEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
DATA 200
OK truncated
/ Frame EBD3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00e7eb30419d638225ed480d31ce0ba169c7c675db07800bfd0fc9e5a267bdb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C165 0
0 72ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN2sNILqXQAwZEQcgCx8agmCdEfQqUcaRcYJ8WW2_dPCuQw2NV7Q-LkebuVjiYuj3htkUvw-YYmPa95KXrNt27MlUHM830m3EObrPampdI4Xjt4JmwhJ7ZPHKjYftex4x_TcE5w2ODx3sCPVUP9nY8SYK3qJreBw0mBfCpOb5j532WmW4vd-KSo-XonoUIY3nHjtF6P4n_m_xmEogs60HeLTD3TobZDpmey-JRPdKqvAH_DMp3xIpOVSMWl0BmToz8huzpfJkY36ZGIE2YsNpYxG8kT3UCyBNqG-t5PzvjH_bE61P8xAfFnnZV0DiVuWWoc-Pu-oXdPL8iRSZmnf7N&sai=AMfl-YQ6PSNjjE1_xI8Lyaz4H92nTW2UuJXHLKRIuYXP13JkdPoJ88KrDoOZsukqo_rZ40gNE4T1WO6Xf6L3L-EZq1acnQ6_bMH0a4v78ZfbjL8z1bo9Ssq54-jBLcsu2VaeAw&sig=Cg0ArKJSzJKgS3JU-qCNEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame C165 23 KB
9 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:45:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C165 3 KB
1 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:56:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C165 0
0 52ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRjusBohDigPqS2KbWSTknia8ou8YRQxV0d5VzqVMPFEguTckTmxKI0rVTE8q3t6NDCWz8Gf6Keuqy4AY71EIZ6ftKDfA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C165 141 KB
44 KB 133ms
50ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 200 15091973520313042077
tpc.googlesyndication.com/simgad/ Frame C165 305 KB
305 KB 212ms
129ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15091973520313042077

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f39909a2ccb33a927f5e64e6fe932bb9d4dc3a6fe987f43174db175d87e9c3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311868
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 14:41:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 20:58:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=898005737027462&ev=PageView&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922459&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 27ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2524905927731425&ev=PageView&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922460&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 27ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=554987095310482&ev=PageView&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922462&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame D181 98 KB
31 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:3500:898::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:898::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 683a1c1c984165909393efa5d3578bbdbf39c612ad6a5f44a70d916db1f39b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 05:21:32 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31361
Expires: Fri, 16 Sep 2022 21:58:42 GMT

GET
H3 404 pop-up-clube-nsc-panelas-01_html.css
buy.tinypass.com/checkout/offer/ Frame 851A 0
0 31ms
30ms Stylesheet
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/pop-up-clube-nsc-panelas-01_html.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 151
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 74bc858f89f9996f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 16 Sep 2022 21:18:42 GMT

POST
H3 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame 851A 1 KB
1 KB 146ms
146ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9a0ef41b9da6632f2549476b62592fbe166f72f2dd74bfa48dfea87461ef922

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=modal&templateId=OT4ZR044O2Y4&offerId=OF7FZZKPP9DY&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=true&experienceId=EXH8LCERC4RJ&widget=offer&iframeId=offer-0-Ng8f4&url=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=7eRdcI7ypu&userProvider=tinypass_accounts&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=false&initMode=context&width=1600&_qh=71504e8572
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
x-request-id: Mu9mbirG45f
pragma: no-cache
wn: prod-dash-10-0-91-30
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://buy.tinypass.com
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 74bc858fda7c996f-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDD5 0
0 68ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK0jcv93XcJ5kjtPRlb18W9STjSQRZ6sLVv4s6P6KR2jrqktDGMquXSJ6Svlye9ABR4YCIqtS3beut89qDHrRmhy-HOVGKl22zZNWPdWaVjIThkjury7iIEvpCV7zCSuz4OZSA54m5uUMDAt5oRSBu7DWnOhAUnXq-mrnR_6I_VBliEBy_EP6fIWHd8dwcAzT9B7B818KtF_19YitCe7dkziBzx4quFuuPRCjO8WozgsOM88bxkbok18yTIzAAUhoIkV68bnMyvYdSNDvcFMAXJ6ew5lvWBRPIXMQF-6C7qPYGevYYX_GotPYjRKw9Jaxy5Fy6Jcb1ksYpWkX9rAm3&sai=AMfl-YRT4LSDtA21hIPqVgUgydiR2Y2WdJYMaXEMGV6mrPZgYKkSfHr_ow_4g6pa8cEM81MOXmq0X4J9tS6e8hoZ-G33-Jl115qr1tkbB7Z4BfCT8-7jFhufRoGx7mwLg7OGDw&sig=Cg0ArKJSzHpL6HJgMnv0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame BDD5 23 KB
9 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:45:35 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame BDD5 3 KB
1 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:56:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDD5 141 KB
44 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BDD5 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO31QCDK0UuxtRHuhEfl3AsTjepffOyzkOWxRGWYzYRlfSLIoPysxiPc5H4tHQYfaFiYWOBbXPnmsjBXXwEqxsYf9TmQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 13041551894517597753
tpc.googlesyndication.com/simgad/ Frame BDD5 148 KB
148 KB 116ms
115ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13041551894517597753

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7045ca708194f3ac08c36b67040a6a989575201fc1a8a2dfaae818431c69ae20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 13:12:15 GMT
x-content-type-options: nosniff
age: 287187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151114
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 19:20:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Sep 2023 13:12:15 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 156ms
147ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=11662561494609db8be47b432e10%7C0&acc=53724&tit=NSC%2520Total%2520-%2520Not%25EDcias%2520de%2520Santa%2520Catarina%252C%2520Brasil%2520e%2520do%2520Mundo&url=https%253A%2F%2Fwww.nsctotal.com.br%2Fhome&upd=1&new=1&h1=NSC%2520Total%2520-%2520Not%25EDcias%2520de%2520Santa%2520Catarina%252C%2520Brasil%2520e%2520do%2520Mundo
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74bc85901f259b3a-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=74728169801
https://sync2.navdmp.com/sync?prtid=2&id=74728169801&google_gid=CAESEF1FD4nXoTVZX7v8JcxcP3Y&google_cver=1

6 B
57 B

165ms
155ms

Script
application/javascript

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=74728169801&google_gid=CAESEF1FD4nXoTVZX7v8JcxcP3Y&google_cver=1
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74bc859118ca9b3a-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=74728169801&google_gid=CAESEF1FD4nXoTVZX7v8JcxcP3Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=782b6324-e381-4d00-a42a-afd6552e9d8d

43 B
129 B

159ms
150ms

Image
image/gif

2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=782b6324-e381-4d00-a42a-afd6552e9d8d
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 74bc8590a8199b3a-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Fri, 16 Sep 2022 20:58:42 GMT
Server: MT3 4505 5b23575 master zrh-pixel-x12 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=782b6324-e381-4d00-a42a-afd6552e9d8d
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Fri, 16 Sep 2022 20:58:41 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 122ms
38ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 851A 20 KB
11 KB 349ms
349ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1349552715954997&correlator=2576669335699771&eid=31060438&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&iu_parts=157669170%2CNSC_Total_(ROS)%2Cconteudo&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=3771100804&sfv=1-0-38&fsapi=false&prev_scp=format%3Dpopup&sc=1&cdm=buy.tinypass.com&abxe=1&dt=1663361922599&lmt=1663361922&dlt=1663361921656&idt=919&adxs=4&adys=485&biw=-12245933&bih=-12245933&isw=735&ish=529&scr_x=-12245933&scr_y=-12245933&ucis=2bn876meb1fh&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fbuy.tinypass.com%2Fcheckout%2Foffer%2Fshow%3FdisplayMode%3Dmodal%26templateId%3DOT4ZR044O2Y4%26offerId%3DOF7FZZKPP9DY%26formNameByTermId%3D%257B%257D%26hideCompletedFields%3Dtrue%26showCloseButton%3Dtrue%26experienceId%3DEXH8LCERC4RJ%26widget%3Doffer%26iframeId%3Doffer-0-Ng8f4%26url%3Dhttps%253A%252F%252Fwww.nsctotal.com.br%252Fhome%26parentDualScreenLeft%3D0%26parentDualScreenTop%3D0%26parentWidth%3D1600%26parentHeight%3D1200%26parentOuterHeight%3D1200%26aid%3D7eRdcI7ypu%26userProvider%3Dtinypass_accounts%26userToken%3D%26customCookies%3D%257B%257D%26hasLoginRequiredCallback%3Dfalse%26initMode%3Dcontext%26width%3D1600%26_qh%3D71504e8572&ref=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&top=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&frm=24&vis=1&psz=735x157&msz=735x90&fws=260&ohw=735&ea=0&ga_vid=1765973358.1663361923&ga_sid=1663361923&ga_hid=1008482206&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f282722135702817464115a2d64059817dfb39512f0856de0995327edb565381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11068
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buy.tinypass.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C90B 6 KB
3 KB 61ms
46ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:42 GMT
expires: Sat, 16 Sep 2023 20:58:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C165 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9666185f3425804e0dd6dfde2fa8817cb54daae6156205187c4ba901a6aacddc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 performanceMetrics Show response
buy.tinypass.com/api/v3/anon/assets/ 166 B
508 B 130ms
130ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bkpex%7DQnOv-LfU-8vmvDZhSeUjtCo4r7VBXdAF0trbgH54Xx8H6VT-XZsBlT4icP8zrFzR&aid=7eRdcI7ypu&user_provider=tinypass_accounts&user_token=&callApiJsonp=true&callback=jsonp7485

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c7a872c78bbf7711b7bae075fcd7e8ef640d9bdd53eece0e2590de7ccf6500

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74bc85907b83996f-FRA
date: Fri, 16 Sep 2022 20:58:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-138-87
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mu9mbirZNIR

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame D181 46 B
636 B 63ms
14ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 6b3e8d3dcc4add43faf1e88422015d54b5587e79b3f483c9ac63cded809d796b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Wed, 16 Mar 2022 20:58:42 GMT
server: Jetty(9.4.28.v20200408)
etag: xyqfw96jljns2h9ky0wep8l0o
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: private, proxy-revalidate
content-type: text/javascript;charset=utf-8
content-length: 46
expires: Sat, 16 Sep 2023 20:58:42 GMT

GET
DATA 200
OK truncated
/ Frame BDD5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7a7c3d05fcbb02bac308def466df01d489364c29375b707631af391e28b41e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C165 0
0 68ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3mzpTbI-h7CqWRfUhAHh5wRLkgu6bBql8SYCLckL_9qzrhJnDZvqivOJFFbcYJ-f1uHYFxcdlGDYVRICeyhN5W8L889rb69CxBXs0Ri9OLjefARdNySa_UKOsLL63BsbErnuK9iheZt3Y7-lHpcXkoZyeUQPr9ttzIHLREqLinIDYcONnOOD59VbogfN4uyGkRnEpApkKDrrvLAXK1KYnEnyy3Y2VrBO-5duQFkxQq3QZqzMdsxxWaHs5dgtBy27tSyDOky5F5_XVmWGUchZDx7FwSNiOfqC3E3xrvO0bGwG9yzX53K6O2OZfQxWLjqI8n8Tbom0wFBortAH9vLZcNiQ&sai=AMfl-YRkjAhBIwfKLcW8J3et3RCPGrrG5beHrfeDmeX__NtKTm5EvkvlkM_F3vzYU9Thd2kuez0YnXt7PvIq332KbzVH08sDaE9RTQ-hWUdGWy0brrTuKzeb-Iji-lmwMPc0jQ&sig=Cg0ArKJSzNHSR9VnUMlyEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDD5 0
0 73ms
68ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurOj8vRscTuxsfdagoiw-aZj9B7V-LRi7c32YWbYMFvP7IOggdm3GeM8kA7Xz6MiRdhWsLCFcQH01BTGrpBxunp90eSS_wNIu-BEAPl_EQais1gIS3OLJGutsV8E_0v36UX2NO1WZ1U9zeYK4Xg00d5_ytUQx72G-1SXVUccYO7W2uVhHWZ4sTjfapQW0v3okuBbXiTalxqtyzv1ON5vzwpVPLFbTMAa8cW3M8hVnNzscrWBP1jsq-aOSPzY7HqbC49KlrzwrpX29Ssmf-kd-odnat_yckQNkZGPWy_lmvy5C7eYwWLGTJnJG1eNk2iFYM7-tmy54Rb9O_9DcbUaRqTXY&sai=AMfl-YSSBCbMErHEzAcuR1GoOZNJGUBfLMXR5wnfQPqDp83XcJlvNkwALeSP1Bjir9bc-xuzToxorHHNuBnhTKumLPseyz6beLx-l7LvQYVTDOTMcZxhwG-9Om8mk8JF5v5Xzw&sig=Cg0ArKJSzIB0tBi_uf69EAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame D181 43 B
467 B 288ms
16ms Image
image/gif 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.1&typ=pgv&rnd=l84yqn00abehvbop&sid=1136315052305092307&loc=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&new=1&arf=0&ltm=1663361922149&ref=&tzo=0&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=l84yqpbzo1lp2lhv&ckp=l84yqn00reezi53l&glb=&cp_userState=anon&cp_hour=17&cp_wday=Fri&cp_month=Sep&cp_ver=2.47&cp_testGroup=75&cst=xyqfw96jljns2h9ky0wep8l0o
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 101 B
674 B 290ms
17ms Script
text/javascript 147.75.83.64
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22l84yqn00reezi53l%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22xyqfw96jljns2h9ky0wep8l0o%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22xyqfw96jljns2h9ky0wep8l0o%22%7D%5D%2C%22siteId%22%3A%221136315052305092307%22%2C%22location%22%3A%22https%3A%2F%2Fwww.nsctotal.com.br%2Fhome%22%7D&callback=cXJsonpCB2

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.83.64 Schiphol, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

649f8581f15e1554194c3dbfacc7ca574db699848799c77f05cb54e86d52a64d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-type: text/javascript;charset=utf-8
content-length: 101
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 851A 14 KB
11 KB 207ms
85ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17403126b5b65aff2038e55a50a73cbe3274697d3aed395c09fd4db6898790a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11041
x-xss-protection: 0

GET
H3 200 container.html Show response
800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4EFB 6 KB
3 KB 118ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:42 GMT
expires: Sat, 16 Sep 2023 20:58:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=898005737027462&ev=Microdata&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922971&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo%22%2C%22meta%3Adescription%22%3A%22%C3%9Altimas%20not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20Mundo.%20O%20NSC%20Total%20%C3%A9%20o%20portal%20de%20not%C3%ADcias%20da%20NSC.%20Pol%C3%ADtica%2C%20esportes%2C%20economia%20e%20muito%20mais%20voc%C3%AA%20encontra%20aqui.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Home%20Estadual%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nsctotal.com.br%2Fhome%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2524905927731425&ev=Microdata&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922972&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo%22%2C%22meta%3Adescription%22%3A%22%C3%9Altimas%20not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20Mundo.%20O%20NSC%20Total%20%C3%A9%20o%20portal%20de%20not%C3%ADcias%20da%20NSC.%20Pol%C3%ADtica%2C%20esportes%2C%20economia%20e%20muito%20mais%20voc%C3%AA%20encontra%20aqui.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Home%20Estadual%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nsctotal.com.br%2Fhome%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=554987095310482&ev=Microdata&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&rl=&if=false&ts=1663361922974&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo%22%2C%22meta%3Adescription%22%3A%22%C3%9Altimas%20not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20Mundo.%20O%20NSC%20Total%20%C3%A9%20o%20portal%20de%20not%C3%ADcias%20da%20NSC.%20Pol%C3%ADtica%2C%20esportes%2C%20economia%20e%20muito%20mais%20voc%C3%AA%20encontra%20aqui.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Home%20Estadual%22%2C%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nsctotal.com.br%2Fhome%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.2.1663361922456.448846040&it=1663361921734&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 16 Sep 2022 20:58:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 851A 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 07DB 624 B
299 B 135ms
131ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVB-YAHnhAi4qsSySK6f3FrJNvq_1WBoKUma2KlA5XhgqaOdYzsVCXUyepzQlRKnry84o4jWa12os2GqRMrPtIXQO-Gb2GHXzT1MdcN4PVPYfiPxFeX6s2EFqPIv31vgjQB6X86vBWLioZcLGOu-GCL3CCHcbWhmAZ0quRvhFbOLhIPVDs

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:43 GMT
expires: Fri, 16 Sep 2022 20:58:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4EFB 15 KB
11 KB 81ms
78ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-unSEY86cMO7w9L0t8vhqC5dDHLCX8MTwRimSe-v9Fou6DLWesgMPvn6XBIpE3TFIO_8RWPUay1x2JB3BLgvrZBU6Oo6HORjKf_LKsg5noxyrzAzNz0FyBu2kvVyP0x5tpuIc3cYDxvN_wr75hMBydpBIOuQhRDUaKM1njfKPs32QSww&cry=1&dbm_d=AKAmf-CIa1ShMY1ff7kSTUdQ2jl9iqdcS1RRpUEMmgH96gIE0qIFDhvzYHG0rd1ClxvN-Rd9LFDs1UzyvfhX9BtFmBbkyCiSuozx5WZjp4t2wIy_RFFfT-OiEqeJNsvGPfXv6cQA54EH6AbLgEjkJA1wYcnN6AbmGVSsZtBwpvPLddwSs-MM4cvsrJBQYuFq4qRtYUdJzN4znQSZ_lGbEjf8HYqvfw45e6M7f0RnVeKj7-x7NsHAMxNpb8LoSfxB3omI24GWXFHgn-xxkGexS1RtGybjWGJb7WinFDZ6QeDkvpI70RaBG_D0FnCPIufLjFJFdHKbagdSVV-CFZ1oPMqvsmBqugLpueSjRx8wAFKT1VxdLzHnZqS-Ayrym7kWdVny18wh7-0K5meO0TSQYPV_eHiwGtr3YFNtvKWr9r7Ord33Gn13Jw3sQxEuSW6jGcMvEVu4VQCAuvNu54xc7HYpaixJ4lPe9OB112eWf-CGQ3Lyv46FzXnt9_EYl5L5hwlt-55raD99fJ5DdjvVyyK5L4Xtcdhd81wDqQaDWuT8tGKVIky5UzxgyMU_0KvdpG54lLuc57TpV9Y3u32MUfqkpdK13MAFfiu7zhq99OIbrwW2ljOK87m5-h68OSbzEZY9GqKrl9-WimbMW-p5AZ-qEN_-WTmvCxAGtHsvWwjv3_YzLyn8HmOxZNeESfXvNTvwuJQguxoM8XmZYOA-X_obf_aWE8pH0D-I4kZ090wLVSLfq3uKGCBBu9NUnOLbvC_ggHdKhXvVW_GnOK5WgXED6-YJV2ZSE51-q9K535sB6XRyn40lL9eVp1IlL7BGvgL8SpAlut-Ep1Gj4oOV4NpjruQtTx6tCtI4Dd5284zdx3esZDYxwmJlcbNA_r0PHkby_pRdEvrC5fAuZBvgW6gqIkieWYa4mNZ5iux9nGpor__VE8D7KGAvOHL9B0I-GUTYEklWteqshvrvsgPBasBR6UVC4g2chiSH_1nnDkv09wsl9fVhfGWr5ciFuyVZM1Pksng3k3YtFFdQmS0v4wXj-7sNkZ7NoQryaaJYGMM_lL6duPkPsSpGJ7Q7O7uBuZIEgspWRsjty6CYxJ4Uj5Jm0oFKGGQEEEmlcHNwfrZp2jQ5iYVnTdo-GBadQeNdULBWo2uhVfTCkJzTt9UMPcUwmfFqboflzazlE3aWM9mKafQDAaKg5gJFHgg7Hn8EHNh6pNskFTRN7meyKL-_O3IiF3lBMVHgubFE_6KAGdbIw3GAUP1eB2Gixmb_uxsLW37amcG4xLgHcqPPoHnMLhPXjzzlMx7wc5LBZ5-1nQqDmn_0-7oadV6aYRBjLwKwuhXfSslBrfseINkcOHaxks9mn1J8MSqDmXQWdmkr9i8HY8xyj51MshUEjIldZo5U401WWAfB4Ft4cx6vgghZ7XM3ezq_40u2bSlByV21co2b7AjJHJSdTJRY-M9AJy9kO89j-t85QNkw9O8rMNlqSVDnH_XWB8VhybwNjUFel9QQ59D7XHPid2niAyuLRATsRj_Q_geG7RSiue4B6MntUDatnCFrDOhr96miwnPvHEN6vR5l4UDfq_Wp-66XzAPGnp6iQFk1jKggA2oF-agd8KO2o2xXeGTlByKJdpTsbS1Sk-LjeJEkIL61EgCKVbpqTFhPtz69fMr1Wsn-Ukv0gzjqxlOKSdoDQ0AvolPpyfp_geJBtLE3TJ7nl6oVk4hd7ZhI7HsctCHCvELzeavPvojgu3jK9-obV6koHq6xHUu2_souLlKzVCJs7HWpauf4dDKp0G67SJfn8kjkkkrJgSMDvtGQX7MTRPXZQtrS2dVtKjoJzRNyzuc2J4ABFyVhsBxPehNuDq5LWCqfqU5425182TLaYrRiJl_WBVVc_IJLFAJQblBonhJRi1S7W7bnZljokYQC4NhvOwAM0aiTz5iFnFUtGkskqXkzshw3YRFNamu_vkusnLEGh1mlAPFyoCCQY49obAybcxv8DXMQPO5WD0o-3nnCZEkkJY_E1WSTDPTyMMYbhaV22Ebft5OdDJR7N-Ki2KffDKYuUEb_wQWFjSgdsq1_9UhDS_T6uSyjRpdZpnaaXoJr_d4_DjDwRgQatwNauHl6vqW3i1-vcH8fYUD9H2jDiNDKdhheaUctxU2cHlAt4ZTjdqqenB9Lmz0_ms1l9GO_s20wzBKO6j_0URHKkkhiKJcOD4AXVrIcoEPJJaS4Lw2NZ6GwO4uCKFzZ-6YTJitcyIKf8zlPjxZw4QqZ83NrTT2vaeT46HnBn7poqCxmZb60BVT4jy97gsjFyWBc-M2bvdz7c96QJqEe8kiTjr2ZByMKOP4b9ZOJ-md3h8nyOpU-dWWAFJZz8uItlKCDoDSR8G5AwgGl6Cd1kuFzSPueyvfhu6G9tMuITjzweU2oGXj0UfbXRzlhUjiW3nWB9J3GEKrFXJrYuv_DkP396qkNYQuMh3iQ6yLdh_wGz_Q3RZcU4WUJKniNx-agQx0IL3M7skt7ivjFqS3uv6MAxt3KapBaZAvdalNwem3JeDGUGb0RniDIlRewZimClIesF7KP2-BtP9MUfHRLED6_x6sBve7StHTD2tY3Yp1_GfqBPqrBRLZ3kqVk0NUpYaeUAAGnBlwXMrHsA-MQusbpc0xhxK5o3Zp07Ee01K6CPbutgGjdOVL6HYl5b__rzS_FfEnE3TOu-8M7UXdHTfXkZPB8TWqpAOeCFJKn4b1SMzo3DvBjG09_Ntcv13O9IL-wzjhwrrOUYpa0cEnX2yosospyc5RAS9W5TQSUgrvA0N_dOTWepZHdY-A7h-MaJQYEsMefFSJPTCLxgrGzVH4-IxugApli26n457Vw8jL8eHGFCtZCd3b3-bLkZR_8hergcegULGIIisBmdnC4Y4KNLd-Ic4IXAuEg3NumIXVr-m3-KWovQawC7gOoCUioZyWvVEcGAeEFG2VpkDfch8knUT6tXWUT3zzpf6JoDbmxSEAndePhptjXX9rS_B9eacmQfAyzYR7Hx13tyn4QD1kkRjrw8YOi2hqIJF__31jlqkqoPBGx5Eqw0vqh7bnX8mbwN2wsXtviek0PZvsh1uMdUA7-186MRaY5r1W2tKabz2DYhGp8C8v0pdmJ45iI6FiDc-BtHLMy5ba17yeOIv9GpXMftENk4AuqNqw3V_mhbutPQ-0W2ZcYCWukCk1mv-hjHOEd8pjz0qQZcp5_W_rhXUl1zUs-PkGWrcc_XhvdwfHOhfCPSTS1ciThwHdu4dNKIOrGLc2a7LfUmdALG3gC17ysln9hrdudYQJLgBlK_KJqXQCxdd7ZF4wC4iqLxnwnO9SxeTMdwSsUb5U_o9-KqqbwotyPj2nOrNyKFaBg6VIVS9K4G3qIrjA0cnlgLA7TDJUY8aBPNd-ZhT-DRfy6I0Zh4ihuC-ZPamOOFgNeo7VIu4jPfzirt6Azw2HxeGaNuG5D3QKJC8RxgQsdSK7Q7RglkbuCFOwmBR2XpyZ1uZboOcCdzE2vv3_luVJnbkU9sKqF0HZ8UgmmPyeZ_-q-iUrXg74wTROxWbp-qnBFmbPYYosvkLrX8ErxfjaHmB3GaSSZE10LIuANPYoOv4W3rlvHDw&cid=CAASEuRoR6J0CVU0w4rwjfMaYIKoXA&rfl=2%2Chttps%253A%252F%252Fwww.nsctotal.com.br%242%2Chttps%253A%252F%252Fbuy.tinypass.com%252F%240

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9da58b99548035abdd9b8ab7c0e8f082a620a8a68f964b93d020c8c6f6ec41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EFB 42 B
63 B 78ms
75ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BweaU8tlVGnfl-tvvBpw7sk2iFYgg2KWEooOqjKoAfyYARK9Mndo4ZKLnayMX8JC5wYZXMA20-e574ekWGZmWsD6fJxn5e9lVS5LHFR5TjYHQ6i3E

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4EFB 3 KB
1 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:56:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:56:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EFB 141 KB
44 KB 58ms
55ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 4EFB 17 KB
7 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Sep 2022 20:56:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4EFB 0
0 49ms
46ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJjVlTlme1CiHXqZ7SzltPynpHatFmoH4K3Pb-gYp_-vfFxEnw0auX2Cy1iXA_a1qFUKTQn2qAOicjtp0p1qZAqFYuUw
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C359 13 KB
5 KB 43ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:50:34 GMT
expires: Sat, 16 Sep 2023 13:50:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C5F9 783 B
533 B 51ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e94c5c54f9d3d4cde1147cdc57dbdd0ba32bb05b14b81cf82e2c4ed7da22f58c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KPdbktBItScNtNUdZeOfXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buy.tinypass.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-KPdbktBItScNtNUdZeOfXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:43 GMT
expires: Fri, 16 Sep 2022 20:58:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EFB 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-unSEY86cMO7w9L0t8vhqC5dDHLCX8MTwRimSe-v9Fou6DLWesgMPvn6XBIpE3TFIO_8RWPUay1x2JB3BLgvrZBU6Oo6HORjKf_LKsg5noxyrzAzNz0FyBu2kvVyP0x5tpuIc3cYDxvN_wr75hMBydpBIOuQhRDUaKM1njfKPs32QSww&cry=1&dbm_d=AKAmf-CIa1ShMY1ff7kSTUdQ2jl9iqdcS1RRpUEMmgH96gIE0qIFDhvzYHG0rd1ClxvN-Rd9LFDs1UzyvfhX9BtFmBbkyCiSuozx5WZjp4t2wIy_RFFfT-OiEqeJNsvGPfXv6cQA54EH6AbLgEjkJA1wYcnN6AbmGVSsZtBwpvPLddwSs-MM4cvsrJBQYuFq4qRtYUdJzN4znQSZ_lGbEjf8HYqvfw45e6M7f0RnVeKj7-x7NsHAMxNpb8LoSfxB3omI24GWXFHgn-xxkGexS1RtGybjWGJb7WinFDZ6QeDkvpI70RaBG_D0FnCPIufLjFJFdHKbagdSVV-CFZ1oPMqvsmBqugLpueSjRx8wAFKT1VxdLzHnZqS-Ayrym7kWdVny18wh7-0K5meO0TSQYPV_eHiwGtr3YFNtvKWr9r7Ord33Gn13Jw3sQxEuSW6jGcMvEVu4VQCAuvNu54xc7HYpaixJ4lPe9OB112eWf-CGQ3Lyv46FzXnt9_EYl5L5hwlt-55raD99fJ5DdjvVyyK5L4Xtcdhd81wDqQaDWuT8tGKVIky5UzxgyMU_0KvdpG54lLuc57TpV9Y3u32MUfqkpdK13MAFfiu7zhq99OIbrwW2ljOK87m5-h68OSbzEZY9GqKrl9-WimbMW-p5AZ-qEN_-WTmvCxAGtHsvWwjv3_YzLyn8HmOxZNeESfXvNTvwuJQguxoM8XmZYOA-X_obf_aWE8pH0D-I4kZ090wLVSLfq3uKGCBBu9NUnOLbvC_ggHdKhXvVW_GnOK5WgXED6-YJV2ZSE51-q9K535sB6XRyn40lL9eVp1IlL7BGvgL8SpAlut-Ep1Gj4oOV4NpjruQtTx6tCtI4Dd5284zdx3esZDYxwmJlcbNA_r0PHkby_pRdEvrC5fAuZBvgW6gqIkieWYa4mNZ5iux9nGpor__VE8D7KGAvOHL9B0I-GUTYEklWteqshvrvsgPBasBR6UVC4g2chiSH_1nnDkv09wsl9fVhfGWr5ciFuyVZM1Pksng3k3YtFFdQmS0v4wXj-7sNkZ7NoQryaaJYGMM_lL6duPkPsSpGJ7Q7O7uBuZIEgspWRsjty6CYxJ4Uj5Jm0oFKGGQEEEmlcHNwfrZp2jQ5iYVnTdo-GBadQeNdULBWo2uhVfTCkJzTt9UMPcUwmfFqboflzazlE3aWM9mKafQDAaKg5gJFHgg7Hn8EHNh6pNskFTRN7meyKL-_O3IiF3lBMVHgubFE_6KAGdbIw3GAUP1eB2Gixmb_uxsLW37amcG4xLgHcqPPoHnMLhPXjzzlMx7wc5LBZ5-1nQqDmn_0-7oadV6aYRBjLwKwuhXfSslBrfseINkcOHaxks9mn1J8MSqDmXQWdmkr9i8HY8xyj51MshUEjIldZo5U401WWAfB4Ft4cx6vgghZ7XM3ezq_40u2bSlByV21co2b7AjJHJSdTJRY-M9AJy9kO89j-t85QNkw9O8rMNlqSVDnH_XWB8VhybwNjUFel9QQ59D7XHPid2niAyuLRATsRj_Q_geG7RSiue4B6MntUDatnCFrDOhr96miwnPvHEN6vR5l4UDfq_Wp-66XzAPGnp6iQFk1jKggA2oF-agd8KO2o2xXeGTlByKJdpTsbS1Sk-LjeJEkIL61EgCKVbpqTFhPtz69fMr1Wsn-Ukv0gzjqxlOKSdoDQ0AvolPpyfp_geJBtLE3TJ7nl6oVk4hd7ZhI7HsctCHCvELzeavPvojgu3jK9-obV6koHq6xHUu2_souLlKzVCJs7HWpauf4dDKp0G67SJfn8kjkkkrJgSMDvtGQX7MTRPXZQtrS2dVtKjoJzRNyzuc2J4ABFyVhsBxPehNuDq5LWCqfqU5425182TLaYrRiJl_WBVVc_IJLFAJQblBonhJRi1S7W7bnZljokYQC4NhvOwAM0aiTz5iFnFUtGkskqXkzshw3YRFNamu_vkusnLEGh1mlAPFyoCCQY49obAybcxv8DXMQPO5WD0o-3nnCZEkkJY_E1WSTDPTyMMYbhaV22Ebft5OdDJR7N-Ki2KffDKYuUEb_wQWFjSgdsq1_9UhDS_T6uSyjRpdZpnaaXoJr_d4_DjDwRgQatwNauHl6vqW3i1-vcH8fYUD9H2jDiNDKdhheaUctxU2cHlAt4ZTjdqqenB9Lmz0_ms1l9GO_s20wzBKO6j_0URHKkkhiKJcOD4AXVrIcoEPJJaS4Lw2NZ6GwO4uCKFzZ-6YTJitcyIKf8zlPjxZw4QqZ83NrTT2vaeT46HnBn7poqCxmZb60BVT4jy97gsjFyWBc-M2bvdz7c96QJqEe8kiTjr2ZByMKOP4b9ZOJ-md3h8nyOpU-dWWAFJZz8uItlKCDoDSR8G5AwgGl6Cd1kuFzSPueyvfhu6G9tMuITjzweU2oGXj0UfbXRzlhUjiW3nWB9J3GEKrFXJrYuv_DkP396qkNYQuMh3iQ6yLdh_wGz_Q3RZcU4WUJKniNx-agQx0IL3M7skt7ivjFqS3uv6MAxt3KapBaZAvdalNwem3JeDGUGb0RniDIlRewZimClIesF7KP2-BtP9MUfHRLED6_x6sBve7StHTD2tY3Yp1_GfqBPqrBRLZ3kqVk0NUpYaeUAAGnBlwXMrHsA-MQusbpc0xhxK5o3Zp07Ee01K6CPbutgGjdOVL6HYl5b__rzS_FfEnE3TOu-8M7UXdHTfXkZPB8TWqpAOeCFJKn4b1SMzo3DvBjG09_Ntcv13O9IL-wzjhwrrOUYpa0cEnX2yosospyc5RAS9W5TQSUgrvA0N_dOTWepZHdY-A7h-MaJQYEsMefFSJPTCLxgrGzVH4-IxugApli26n457Vw8jL8eHGFCtZCd3b3-bLkZR_8hergcegULGIIisBmdnC4Y4KNLd-Ic4IXAuEg3NumIXVr-m3-KWovQawC7gOoCUioZyWvVEcGAeEFG2VpkDfch8knUT6tXWUT3zzpf6JoDbmxSEAndePhptjXX9rS_B9eacmQfAyzYR7Hx13tyn4QD1kkRjrw8YOi2hqIJF__31jlqkqoPBGx5Eqw0vqh7bnX8mbwN2wsXtviek0PZvsh1uMdUA7-186MRaY5r1W2tKabz2DYhGp8C8v0pdmJ45iI6FiDc-BtHLMy5ba17yeOIv9GpXMftENk4AuqNqw3V_mhbutPQ-0W2ZcYCWukCk1mv-hjHOEd8pjz0qQZcp5_W_rhXUl1zUs-PkGWrcc_XhvdwfHOhfCPSTS1ciThwHdu4dNKIOrGLc2a7LfUmdALG3gC17ysln9hrdudYQJLgBlK_KJqXQCxdd7ZF4wC4iqLxnwnO9SxeTMdwSsUb5U_o9-KqqbwotyPj2nOrNyKFaBg6VIVS9K4G3qIrjA0cnlgLA7TDJUY8aBPNd-ZhT-DRfy6I0Zh4ihuC-ZPamOOFgNeo7VIu4jPfzirt6Azw2HxeGaNuG5D3QKJC8RxgQsdSK7Q7RglkbuCFOwmBR2XpyZ1uZboOcCdzE2vv3_luVJnbkU9sKqF0HZ8UgmmPyeZ_-q-iUrXg74wTROxWbp-qnBFmbPYYosvkLrX8ErxfjaHmB3GaSSZE10LIuANPYoOv4W3rlvHDw&cid=CAASEuRoR6J0CVU0w4rwjfMaYIKoXA&rfl=2%2Chttps%253A%252F%252Fwww.nsctotal.com.br%242%2Chttps%253A%252F%252Fbuy.tinypass.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307556
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Sep 2023 07:32:47 GMT

GET
H/1.1 200
OK encwumjulb0v Show response
hal9000.redintelligence.net/zone/ Frame 4EFB 12 KB
4 KB 46ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/encwumjulb0v?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6c02757538cdc8272620494111e36409befb93df78613829f32db273a6588c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4291
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame C359 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:33:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C5F9 0
0 75ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=1349552715954997&rc=
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 93E1 22 KB
8 KB 40ms
39ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 307556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 07:32:47 GMT
expires: Wed, 13 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame 4EFB
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

95ms
73ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 138.201.63.149 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e32d5bb32f72381c80966d48aeda239da9ceaa20c38867c207a2cf89bbafaaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:58:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92089300148533804444640012084009
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1312
Expires: Fri, 16 Sep 2022 21:58:43 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:58:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 16 Sep 2022 21:58:43 +0200

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 07DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1

43 B
838 B

41ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVB-YAHnhAi4qsSySK6f3FrJNvq_1WBoKUma2KlA5XhgqaOdYzsVCXUyepzQlRKnry84o4jWa12os2GqRMrPtIXQO-Gb2GHXzT1MdcN4PVPYfiPxFeX6s2EFqPIv31vgjQB6X86vBWLioZcLGOu-GCL3CCHcbWhmAZ0quRvhFbOLhIPVDs
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74bc859558e59b40-FRA
pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skaHn0CIPFCn2pv1JxutY3j6KhRJq70yos4sdpFCiXyiVRyeHo%2F5lLq8Gu7dGoosaUNl4rgLE5YsshMFtgusPPd6Pzcr0gIAL9DXcBHsGlaQZl034BblVVGJQIFdNSLTC8VvJO36b3fEzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 07DB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyTjg4tk-OXMtRJBOqEYzAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1

43 B
846 B

57ms
52ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVB-YAHnhAi4qsSySK6f3FrJNvq_1WBoKUma2KlA5XhgqaOdYzsVCXUyepzQlRKnry84o4jWa12os2GqRMrPtIXQO-Gb2GHXzT1MdcN4PVPYfiPxFeX6s2EFqPIv31vgjQB6X86vBWLioZcLGOu-GCL3CCHcbWhmAZ0quRvhFbOLhIPVDs
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74bc8595e9d09b40-FRA
pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXv8KVWItmjoPSV2R%2F0HRyNfHNazEdqg0qXYNp3sMAjCa7RWsHcEmFyJWnTdlHgWhANtyHuOBoDTFeR%2B92vb6FMP%2FQuf5hC2xPL8D%2BWn%2BNmK1AH8vZbz9r9NoaRAIXNCfO1gFr8DR1eFcA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDfZlr7mvZ1kne-rYTHxJmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 07DB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECE1WhcjCxrQtedPZqGWH8Y&google_cver=1

43 B
1020 B

10ms
9ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECE1WhcjCxrQtedPZqGWH8Y&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj5yrvGATAB&v=APEucNVB-YAHnhAi4qsSySK6f3FrJNvq_1WBoKUma2KlA5XhgqaOdYzsVCXUyepzQlRKnry84o4jWa12os2GqRMrPtIXQO-Gb2GHXzT1MdcN4PVPYfiPxFeX6s2EFqPIv31vgjQB6X86vBWLioZcLGOu-GCL3CCHcbWhmAZ0quRvhFbOLhIPVDs

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:58:43 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3493b631-bcfe-48f4-bad4-f58094d47d53
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECE1WhcjCxrQtedPZqGWH8Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07DB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzQ5MTM1MTYwNjU1MjYxMw%3D%3D

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzQ5MTM1MTYwNjU1MjYxMw%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:58:43 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4959d9a6-d9c4-41a9-aca8-d0e4a9b3b82d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIyMzQ5MTM1MTYwNjU1MjYxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBD3 42 B
64 B 153ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4xeo8OlAZBOobY1G10K0EyWQUtbeqixfSQKaKqd8IBggKeouIBbPCrG8PKuXoCALz_63TO9Fv1UKWkOp2vOmeQ10rGRbn4ONF40ULZ6w_r_NVF48n&sig=Cg0ArKJSzI8ZJtc5DYF7EAE&id=lidar2&mcvt=1010&p=1110,315,1200,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4273250247&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663361922024&rpt=287&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 93E1 36 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:33:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C359 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4TvH4g
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame DE43
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=

0
629 B

57ms
20ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 16 Sep 2022 20:58:43 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 16 Sep 2022 10:58:43 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Fri, 16 Sep 2022 20:58:43 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=NONE&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: B9D59BA5:AE7C_91EFC182:01BB_6324E383_E33E165:1F22D

GET
H2 403 / Show response
adv.office-partner.de/ Frame 10EE 1 KB
728 B 54ms
6ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 16 Sep 2022 20:58:43 GMT
etag: W/"5ca0a75f-59f"
server: keycdn-engine
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4EFB 2 KB
2 KB 184ms
122ms Script
text/html 18.132.138.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92089300148533804444640012084009&nw=1
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.138.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e5a81d49f576b674062a4da3e23dce2d06abf55d36fde518ac18beb6ef31bcd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
last-modified: Fri, 16 Sep 2022 20:58:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 16 Sep 2022 20:59:43 GMT

GET
H3

200

activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113 Show response
5994599.fls.doubleclick.net/ Frame 7B46
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113?

392 B
344 B

163ms
84ms

Document
text/html

172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113?

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f6.1e100.net

Software

cafe /

Resource Hash

3a498fbfa41d030005ba5dc52c22f93fdbf4e7cdb07b2de0168564cdd7e0c9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:43 GMT
expires: Fri, 16 Sep 2022 20:58:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 88C6 7 KB
2 KB 34ms
12ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=encwumjulb0v&nw=20&renderingType=javascript&namespace=77219fa85c&subid=&uid=4620a7e41d207eb2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu-P6guMkY6qsJ4bw3gOPmbHwBJumgKJp1ZLqi84P8C4QASDyxOBKYJXikIKgB8gBCakCVggksVTJsD6oAwGqBIECT9AHL6PhbJ81b0Fm0uxKFqjlbzdPxOzbtQVNGrusl-hKSOuZUVxGEy_s34ODhgSghYPnhp-VbbFXNgdzguIt5Nbi6KDksRBP80I_yDgSa7c6va6z7veSzI7HrgByCzc0y14M1URqDUeIC7oxs1xX62EZn_2Bk5aO3JZEFvEZjbjXI6RnhbBseHd6ZQtKC2XEey6ZqKZ6bLz0lFN-CqMgWbZFVUX6ki3Z5ew14BD2nsNUxZL3Rlvt6G38PhPmsZe5siPoXw-GSyipLJ_ItmtMSg3ZL2lk52IjP4JiNm9ajjdnEcynAMEYEK-DLJnOqlUK46-UwkZSC7UNW-NSjsXLCLLABNGiz9SABOAEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5Go0Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoR6J0CVU0w4rwjfMaYIKoXA%26sig%3DAOD64_1j7TRSUV4jTKNM_BM9uFpw6YMf_A%26client%3Dca-pub-2691431236842224%26dbm_c%3DAKAmf-BrXw2ouB-S7pA7fmwMB_tZsYcUJw3U0W3YEU2UYAGc3qY7lUmPMbnCKmsN2q9PqfZFG_UwLL4QQL9HoihW1WLE48AwchXEy_VaPBSI5hytn0vw0i-44wuGaYYPSNCMpH0QGQTOHPUtpH5FNIU0ejPqXjAJdaCYD47gDbM8BpM94fOxUy8%26cry%3D1%26dbm_d%3DAKAmf-B3cDSuEg4Eqf1-pjMT3smYXqebbncDyobzMOfL0Lt4nbvijrLODOAuz0NTmrep4R9rK3L2Kepmbq9hfN1QCGAa1wrVS5xi7UkHXhMed3ftjvO5UJAR5P5jUe_jFGeMilDKwJRQTCZ28u5QHZPJSqQ5ZMuxAv0AqyP1kW8IogMELW26p97Ln-uwLlFrLHckyvqo0Il9QG21v5yysuMpKaFEKV0Un1nebpJUikjndwwPwhW_fo-Z6KL0sqnzCAscCX1w-NsyJRZrhgHpuYtWBov66moWZO8UZeAVk8WqHaR0Okee2pbhyPH2C5NfrZGOWB5-iKKRYL1MB_RtdI_Cweo59lW3We3az90j30f2DYGDQIqmYY81yy4s30s6lKUk68UAqKlPGRLrw-s-cTgz_0dQ46-aU4b_MjPzThQdowNEWTM5AVQEQBfpsUTqvA6l7ZtlLvsPe0wC5YNcSRuLiKbDvrH8UOgTQny54Fry6kfqDahsmSKrQoNm7T8LQyISZyPIRDsMzE-ZXwKBFUfkZmRfIWpx7bEDv2L75AsP9hQ-JzZgjPLDxXZxPsO_CjT40YUSskC2NUNc-0EOhHh2Zy2p8azRHYczyal0Jsbb8R1hdDm81dD_oXQTvSrN74JLWyOcV5fs_KGkm3iCvgcx4a8uwOZ3rFX51N3dkdb2oENExcYzEnUuwTXkLywj-1GtUeihp1-osIKG4-NpcqIAMUCtuq4LFKJ1bt_Z2fssAAMYUeTWUzhUSbpcIhMoZ8J73lRQk0JT-3W5gZmqKH-7FL8lgVl0xSja7c3vtUTFX4XH0sMVkW0VuULeoyz6fnHYdESelDn0Z2O1OFLdJl3gfzlqH1n6Wg%26adurl%3D&documentReferer=https%3A%2F%2Fbuy.tinypass.com%2F&ancestorOrigins=https%3A%2F%2Fbuy.tinypass.com%2Chttps%3A%2F%2Fwww.nsctotal.com.br&random=3888496137298&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 578a11a36b5c94094eca28a9f73bdfc6bdb82836d850283c926123183c99304c

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2076
Content-Type: text/html; charset=utf-8
Date: Fri, 16 Sep 2022 20:58:43 GMT
Expires: Fri, 16 Sep 2022 21:58:43 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 4EFB
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=92089300148533804444640012084009
https://ad-server.eu/wm/pb/native.png

68 B
312 B

149ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 21:02:45 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA5:AE8E_91EFC182:01BB_6324E383_E26E5B0:2A46C
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4EFB 43 B
702 B 109ms
72ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=92089300148533804444640012084009&pv=1

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Sep 2022 20:58:43 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51E0 1 KB
749 B 41ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 12:30:45 GMT
etag: 48472445140208031
expires: Sat, 17 Sep 2022 12:30:45 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4EFB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74095db946160dc07ee291dd3c3f37e5b02e0fc34f4e4d55a8138b12f67f2f42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 88C6 1 KB
419 B 129ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 19:49:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 16 Sep 2022 20:58:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Sep 2022 20:58:43 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 88C6 9 KB
9 KB 80ms
52ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_627x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: cfcfa8d962fd310a91bbaeb9fa7709139cbcf41ab12fe0103acc85c8f661a008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9342
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 88C6 9 KB
9 KB 116ms
92ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/native_ad_globus_baumarkt_627x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 304f7b98127b1fbd9b4de64743891e55464b585efb7b459f17bf07b9f9890c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9169
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 88C6 9 KB
9 KB 36ms
12ms Image
image/png 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 32f2c908c04c41b99754365fcd123b4745554cd44ea46e0caac5d573f2f17289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9267
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 51E0 0
172 B 56ms
19ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECwQLC8Zczlvy5gITwN0f3U&google_cver=1&google_push=AZmPxg-LA-zQ9MYii3yxY-XjqUCL_ozIxPlIN3uXbvadwju5PIm_tz8Y2TcrwEexNInyenQDul38UHTNX7m9JTjleEpldXt0fNc
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dds
rtb.openx.net/sync/ Frame 51E0 43 B
351 B 114ms
41ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHll7utpuI8SNn-CYFPAhyA&google_cver=1&google_push=AZmPxg_TY4JJ9U6SXVuq1AtRi0L3YuPI7tkF-WlSF_IF52jXbq2L_qkQwy5W1Asyzf-yqBFJ70VYv84PFh6FflbN_9vaSahYEfU4
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: io77h9nnrbb5t96ufa8achiskjlauhb5

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 51E0 0
166 B 72ms
16ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPtIUWNfxogqs983xMEhp6E&google_cver=1&google_push=AZmPxg9rZch-QZirXP-UoS7W6NPgHFpsCk_nL7aYIAovx5AY1aZMVVx028Ts9zBOSzO58NA7CwQzGG3UUvQhB-Qy_rpysVRmJ6c9
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51E0
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJzDEHNFjQGaBPVoZA5MoDs&google_cver=1&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJzDEHNFjQGaBPVoZA5MoDs&google_cver=1&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35&google_hm=FU-KpGZHXHCeNcP4TjOGM4nu

170 B
188 B

49ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35&google_hm=FU-KpGZHXHCeNcP4TjOGM4nu

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9c-SildgNLBmN-HqN_cXUO5UiLYpe30UrNJdADFKHE1xoB8tkcHGIYbI6LMo61tL1TRQ3qVvovHzsN6Zit6wPl5hn4gk35&google_hm=FU-KpGZHXHCeNcP4TjOGM4nu
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51E0
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFyWeDDaUF7wfg8CYfOGA_k&google_cver=1&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYW...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYWchPJxYhaJtL4WLBD

170 B
188 B

50ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYWchPJxYhaJtL4WLBD

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg8YsJcpxG3sW73td7wVYnywcSJpP3uvdsRKADYkHNdkJI3w7TMuide8smE4QT9v4B9v66KPpOnsTcYWchPJxYhaJtL4WLBD
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 51E0 0
75 B 108ms
17ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEM0ntsfWvNY6eU3zvY_4JHY&google_cver=1&google_push=AZmPxg9K2zUyUBGPESPy_SOjdsTtWIF41KL_B8naz27roORkoJIv9OtNwPIVTk-GlyJYf5f-Hps4XtgYy_Z7zBdTsyopbF_A-c4d
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:42 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51E0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECDkWzDUjxAA1vbWl-Ydf5Y&google_cver=1&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECDkWzDUjxAA1vbWl-Ydf5Y&google_cver=1&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaU1yeHVGRTJ1RzdmMk9OeTN5U0U1SDhUY0VBVVpmRn5B&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaU1yeHVGRTJ1RzdmMk9OeTN5U0U1SDhUY0VBVVpmRn5B&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL7dnLevWD-9EtKOs2KXnjmWWV7o

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GaU1yeHVGRTJ1RzdmMk9OeTN5U0U1SDhUY0VBVVpmRn5B&google_push=AZmPxg-9pxLktUumZEXP2Ob6AtRBAspyCV6cTA96w4HlQNrseDK6Fbs2u2I3DJVKBaS5_2BDIL7dnLevWD-9EtKOs2KXnjmWWV7o
date: Fri, 16 Sep 2022 20:58:43 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 51E0 0
12 B 49ms
47ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6sNaURIcR8fg_ZfHfboq5OhQLyuz6TAmxoWKy1HYGf0IRM5btBpR_BID7eBrxlLGwhd9gBw

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93E1 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS7pAg-MkY93zCc_3gAfsy5rICwAAAAA4AeAEAg&bg=!KyilKGzNAAZqQh0mSkI7ACkAdvg8Wi0MDmZ_uKyX4iCWbdcF5uJlxMP-VAnXurZaKZ6ZoIgdOODpZwIAAACmUgAAAAFoAQeZAwaVhJ_bT5qdh8ilpH8BNyaaL3dEzqQ9NPeKSyV9lY4jrP5AuMXkKhjUCxh8OepyrNYc72-wJFbhjumVZTVgNXIpCykqpzIaSxZwnLJPacwJnRkQElblC1eTuGvmTm1MDGpSRELkWGoPw_Ra1yXIsjks2Vn_YsrqQ5xFbZb44RytAO6ZzOahSgDO8xnR2iYoJw_HaGYURFeS6KRodGWC3NusSaC0cMFVhFD5dNAU-1zsllmYBMqKt1hQ6acmTYBPnOIQGbIn9fk2qVDi_ZPjOjSYIBpjsR6GlQtIYHIcThX7i__jNVGJdIWTny_re7zCuGMKMot3zxdkVFSf0UPmR1K4T_pi2E-8JXLrQt96VPYsLSlCGLC9a_W_617WepWWram2iMtxhUU8sEECicAqrvWjHNJmiuGVDwRWVDYTvhNZtV4laUxNzXxed6-cm4T1dr9wI5cp1zpU1bTF596AjE7Gg8ZABO3g5sWxuA9PKfQ1cFfbd8k4YepWXxNnd2cx4t13Ft1ucAlvoO9A1aRN3DG0mVaCQhtdyQYwCgscOHvi414qvRGigkZaqC8DjlQRWMFWiwPBOUaAgDFDZdZGXJOWIqFBv3Nj8UR8OzUhhPZrUNlYHehjoqZxJ2zOngFmZBH-A_t-6UZxv1LJ1IPFo_uC9SWzE_GEWc99iE1vWlySy72kSMse_Qo2iV2-4U5VUgMVqUJl4dVkzG4Kiu-s4JZHS22RvYw9IqNho0f5JIbQQTPK_AVKsU8LqbwcxGDHXPGYYUpe4PfYp85COeMDJJDoIEhAS2Zx56vp5BfaTxXftWOnMhWRPOcifufTOvj4e9cw70dNK67o5GHGa0DUkXwady8rDgL94hm8TbxXKPqwH4KEmyAXtgkZlFDmhqUEpbzINMK7RBVWiJBI4fZf1RAMsHb6p7UukNcZLYDH62ZM9QP1dyoFVt2xU1wTKuiNOIBDZE9gMA7BGQDnI2A1pEAomBtEKrS7jOeeHv0nFu628feAEyK8tU_bkOXzK8aiTAAveRq3ugg

Requested by

Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4EFB 85 KB
85 KB 47ms
8ms Script
text/javascript 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=92089300148533804444640012084009&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 03:15:44 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 13:40:24 GMT
server: AmazonS3
age: 63789
etag: "42f12532a1be9c2d028e26e9b82a99a2"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA2-C1
content-length: 86537
x-amz-cf-id: I8NgFvbdCE7C4ls1769ah1PSxNuIz2gXbjA3Z6UWeHuUfrAiHTRZsQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 4EFB 85 B
438 B 39ms
8ms Image
image/gif 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1663362223&Signature=ZElRTgbueNi7bU5CtSe7yrZTLuMZrmiAOJyITmIWbMdN8Cq1ofzBhi9DKQoRvt~kHAjSVCS7ZthTWJcFfF2VmxB1Qb0NkJtSQPA2WJxqaGtzRbBRUp5II4f-K~2mT32zU6Q6uMJO~2Vyjzijqn5~oYnljqP7wr1-mAxeQpLmACW9Jg8qZ3bCtwH7TkILtdAf16BDLLMwwwi805I3SqKjXNt7ozK6307h~U-PIguKQPo858YyKx55Pm1Z5KKWrW75xveVmxk1tv6DSGKgxnnrdHYu~EvOF8b0Y4Jg4jHE3y8KJhJroyOt5oZEhsyTPeXvHgihEc~DUr8~Jpkzz6JAWQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
URL: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
age: 62696
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
date: Fri, 16 Sep 2022 03:42:09 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 85
x-amz-cf-id: UO6Tqx9YScOpwp2yDFeT8Bxfv6RY4BlUbLYduOxu-EDMUJ6BbVRRew==

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 88C6 0
150 B 36ms
12ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=92089300148533804444640012084009&a=39650be3&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C165 42 B
64 B 76ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhVxGlfp-A-fDPUM8f0yi3xSr05L0aZjmc61Uiz4UcgT45d9247ybXZIPXDZXAd-zJ71-vS3h-ApMQ76MjDvwWmX8YnAae4CK0JVTojm38HzHw9O9R&sig=Cg0ArKJSzCQlVL-z5M3mEAE&id=lidar2&mcvt=1000&p=130,315,380,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1198582332&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663361922320&rpt=386&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDD5 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3szUiSZ1I6XjenKrLiTb7TK8SNYHDqrTRYuo6Vv6DyaMn0iMO-iWop3nYViRlKaUkGaXzCvUhhS34oKySFFBtSpNVuWsweZB4S4ZpV62FeV4S5A5y&sig=Cg0ArKJSzMV-eWn6yiFzEAE&id=lidar2&mcvt=1000&p=1012,315,1262,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=0.75&vu=1&app=0&itpl=3&adk=1580277074&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663361922548&rpt=167&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113
adservice.google.com/ddm/fls/z/ Frame 7B46 42 B
63 B 155ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ2924SamvoCFY-Pmgod_HUOlw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4252207690125.1113?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 851A 0
0 77ms
77ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=1349552715954997&bg=!rK-lr-vNAAZqQh0mSkI7ACkAdvg8WpnHzptT_ddt2Szkktk471BupWc0P-4BUD-l7asZpQovMamPSwIAAACBUgAAAANoAQeZAsZ6OcTU28I1ZFVkmFF06c94WHueAWN55U7YeQMw7IbwkszsR1t9osObpPEt9b1ooJ31ky8kKK2zZnzwhKZauenHADB1DKlJtfeLoG15x49tWZd1wmVfWp2H7o_xarnls7cFQ485mDHyb1rF_Ni-HuiyYfW6CBlJ3bIvDETWU57AVRLR-9Ibm7PSp5plVP6bKWXnQVS1Bqn6_gPPPf7-3N8ctnxXlJUgxsOcSH9poBKt4FCK2Wse0VLmChqSLDbSl7cF2jfVUS5Xme9naU6x-Nzs5Z2KpWoeRwpMdE8crClimLt-hhno_6OnjFhkej0crtt3DW3ZSQ02V2IFxZPEYNl8M2TrBPmfdO-SdwuHhsupeAvgTrPT2qXpKvQLGFPbVoUE_ce0f_cwqBPB2MrPOrOE9OcdxukvTo3H2X04q87Vuk2mc06qrVbqGaNFRBEIG02ZM8iTdjQ_mysivlWw5IaqUNXuSYw4CQdI-6oHX7F6ib1obTgkASWGAmwBhnJDV915ysmSLBDP-1zCEOdCMkRbyQj1zdrLLnxjKf3tfGYNVO4IaB4rS8ZUVOgkZGJbMX0Lfz7j-WWDHclQW8H0VpkAXTIxtLgMksLCYqcekK8jrXyhblb5_m6GJQZZlvQ8ACbmMCIrkPjI8OOXxO1Hm_FS_Nvvfbknx742sVRs3sKb6JcsQzZEbBqmt6dS-gcZMqCCuBlBe8p2O1Hz27KuVyoao-hPnIxRSjGJPrHeMjSiCP9Lvt56Mzc09oFfT45lhshyZGqYqbp-73T-_Iesq73OGRDF9qyBeG9PYj91bev1wkt7v81DdrNJqsnecimNlRyHvn0Uh8QGHsbko8508slWHZdXOPkTzuvOEF9gH8PcgFsp1j4RPX4F5VwlwKIc-uYWlFRWW_JXi4KTneziNsr6m39vMxzoBphwBTGhudsoS9bjyInvkg
Requested by: Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e2d96a1c6dc2958b8cf006cf306e81f5999737c43efcdf4aec9a98272147fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 16 Sep 2022 20:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11076
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Sep 2022 20:58:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2EE3 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 13:50:34 GMT
expires: Sat, 16 Sep 2023 13:50:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0C53 783 B
533 B 51ms
51ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35fb187ae6dcf4e4e8902d92fba73f509c6ad51699ac0b8f36d1bbaab30ff747

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WZLgLaBPjHazxAhWZLsv3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nsctotal.com.br/home
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-WZLgLaBPjHazxAhWZLsv3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 20:58:44 GMT
expires: Fri, 16 Sep 2022 20:58:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EFB 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvG72v491BwsALwLz9_xjvJK2fjuEjjq9YDnPjNlnLp2A0RqnFolk2ba2V7YfmQq5_zF6EnUTUQUpuKZDLlDNEw0KLe7jtxlx70n64LF3UNTXnCz0_bbfSntZaG&sai=AMfl-YQYfoNu5E02Be7Qo7CDwyEheBBggINzyz3Ti4WV7ZH0djDELg0ckhxejPPfZWM83B9OqBS7w3EOuzvxzaZwJ_AoUAY2WFg-G00&sig=Cg0ArKJSzIgHBJJiM_JhEAE&cid=CAASEuRoR6J0CVU0w4rwjfMaYIKoXA&id=lidar2&mcvt=1076&p=0,0,90,728&mtos=1076,1076,1076,1076,1076&tos=1076,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3771100804&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663361922965&rpt=514&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0C53 0
0 74ms
73ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091401&jk=399305488362213&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4EFB 16 B
232 B 86ms
85ms Fetch
application/json 3.8.108.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-8-108-133.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Sep 2022 20:58:44 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 74ms
18ms Preflight 3.8.108.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.8.108.133 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-8-108-133.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 16 Sep 2022 20:58:44 GMT
server: nginx

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EE3 36 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 10:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Sep 2023 10:33:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2EE3 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lJFsDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 20:58:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 88C6 0
150 B 34ms
12ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=92089300148533804444640012084009&a=39650be3&vb=v
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=92089300148533804444640012084009&a=9bdd6e2b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 16 Sep 2022 20:58:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091401&jk=399305488362213&bg=!2Nul25_NAAZqQh0mSkI7ACkAdvg8WsgDE1Xr3ocdVxUgVgygNuRPc5JyLMpnwNZmTyyIeP4MfiB1pQIAAABPUgAAAAJoAQcKAB_7KOSEN9CLbqMZixnJITEMKI1jFLOQ2Vhkd59tl5gCmQKvfiwfTqrXPVdehjl1kQkcuHl273HDhkImDIlPWa5NQbXIgmOEuQ9EZrTEHzAvFzk1JjS2sDnRD7ixksqhqQjOG-afI1pNkrr4-qYq4eerGZvJQ9HZElcWAd3iyASII_puRq14Rc8BGwSBiguOqgnXRnRc06f6y9QhWqkXM5_gCtw3Td5OZAtUlFAbVlkanRPvyzfi26howvCyAHRXbi990JyJcEzRS5MG4vmI-ESTcqgmqFaadCaaMPbPQJWrZuwgsbFbR_U3_ynYzM9cKkF4winP8ppEQCl2lM-7klOe1vf_0zCiGDKvauhlTD2WO4knS774yAm1lwGm_bsOOg2qd9WXELxx8DnyLKog26BNspvMsphun0jRXFerhV2pPCyWcW6SCkEy4tx2sA08JLTDkCYQILzBNPsSJ3aHex86Zdg9qQE7Fmxsf4cR3fDRV5EgJfV1awSnIhQSUx-yao7hTPw7AGifC1hMAr2-PrMgu5U3IyhuA-0Te5Go7NktgKWQSeZuD_uHMTwUVb6h7H02K8H5RHrjObzhjzk48bSaYY6-KQ4Nyj0ExIB6tEGiWeLlBCJ5WsrcMxMqm07rnCaO942omhLqgah3AR238B6pnHTg7kbxBo15pyeTVAZlxDMD4a25pmQG5qrPkSgaoBWoGoI6e_PUnOPcxzoS_ujFexzmA5Gx2EED6xVyEKE_FpZ-eSF1IC4psJWr8XsCJteojej126hRJL_lM9UDPw4Q6Pzr5sx5dFPAyqetVM2fXilcEF1Wd5K5If8MtO0T3453Z6wAqa9YNEUMfsESUb5sGvcmMatE7y544ckDScMu-Qa8OpmRQyBXEJsNqlsZ6qlZMU0yBARUImboLBJ81YOjhfREq8_HwQgF5sHEPMhb8IPcN2yb4EhWh0OAnEf8YoLt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 78 B
457 B 127ms
127ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=7eRdcI7ypu&tbc=%7Bkpex%7DQnOv-LfU-8vmvDZhSeUjtCo4r7VBXdAF0trbgH54Xx8H6VT-XZsBlT4icP8zrFzR&user_provider=tinypass_accounts&user_token=&callApiJsonp=true&callback=jsonp7486

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3848f3e9558c8512687689ae02f314075d7ec75c81cfef6140b8b3e0750ecdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74bc85a29bea996f-FRA
date: Fri, 16 Sep 2022 20:58:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-82-178
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mx9mbirpnqj

GET
H3 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 78 B
458 B 136ms
136ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12891eb2a8475869d061979bf2eafba3563f1c945fc37ecba919c0d24acc7e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74bc85a35d66996f-FRA
date: Fri, 16 Sep 2022 20:58:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-134-185
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Mx9mbirjxwn

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7005
date: Fri, 16 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 16 Sep 2022 21:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 45ms
45ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1352210999&t=event&_s=1&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&ul=en-us&de=UTF-8&dt=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loginRequired&ea=%20aid_7eRdcI7ypu____offerId_OF7FZZKPP9DY____templateId_OT4ZR044O2Y4&el=Login%20required%20aid%3A7eRdcI7ypu%20offerId%3AOF7FZZKPP9DY%20templateId%3AOT4ZR044O2Y4&_u=6GDACEABBAAAAG~&jid=1419319646&gjid=2079792860&cid=648720974.1663361922&tid=UA-133190190-1&_gid=1844748461.1663361922&_r=1&_slc=1&z=59228421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1352210999&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&ul=en-us&de=UTF-8&dt=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OF7FZZKPP9DY____templateId_OT4ZR044O2Y4____aid_7eRdcI7ypu&el=Show%20offer%20offerId%3AOF7FZZKPP9DY%20templateId%3AOT4ZR044O2Y4%20aid%3A7eRdcI7ypu&_u=6GDACEABBAAAAG~&jid=&gjid=&cid=648720974.1663361922&tid=UA-133190190-1&_gid=1844748461.1663361922&z=1076641984

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 18:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10709
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 851A 49 KB
20 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nsctotal.com.br
URL: https://www.nsctotal.com.br/home

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7005
date: Fri, 16 Sep 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 16 Sep 2022 21:02:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 102ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VBG9C9NG72&gtm=2oe9e0&_p=1352210999&cid=648720974.1663361922&ul=en-us&sr=1600x1200&_eu=AI&_z=ccd.v9B&sid=1663361921&sct=1&seg=0&dl=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&dt=NSC%20Total%20-%20Not%C3%ADcias%20de%20Santa%20Catarina%2C%20Brasil%20e%20do%20Mundo&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VBG9C9NG72&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1419319646&gjid=2079792860&_gid=1844748461.1663361922&_u=6GDACEABBAAAAG~&z=1872430209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nsctotal.com.br/home
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 16 Sep 2022 20:58:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.nsctotal.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
63ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1419319646&_u=6GDACEABBAAAAG~&z=665278311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-133190190-1&cid=648720974.1663361922&jid=1419319646&_u=6GDACEABBAAAAG~&z=665278311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nsctotal.com.br/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Sep 2022 20:58:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nsctotal.com.br/	1970-01-20 15:38:41	Name: _pprv Value: %7B%22consent%22%3A%7B%220%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%221%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%222%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%223%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%224%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%225%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%226%22%3A%7B%22mode%22%3A%22opt-in%22%7D%2C%227%22%3A%7B%22mode%22%3A%22opt-in%22%7D%7D%7D
.nsctotal.com.br/	1970-01-20 15:38:41	Name: _pcid Value: %7B%22browserId%22%3A%22l84yqn00reezi53l%22%7D
.nsctotal.com.br/	1970-01-20 15:31:29	Name: _cb Value: BdvC7PBcOBGaBO8T11
.nsctotal.com.br/	1970-01-20 15:31:29	Name: _chartbeat2 Value: .1663361919288.1663361919288.1.B1AvjQCKEiBKBFgWZOBJ21nclfWDO.1
.nsctotal.com.br/	1970-01-20 06:02:43	Name: _cb_svref Value: null
.piano.io/	1970-01-20 06:02:43	Name: __cf_bm Value: 1vKSB7JAV5PagYCHId240LIsxCqjTt1IBh5hAVy2dW0-1663361919-0-AZcntzBjQljtXC80SFG8Xdlx9TPK1WBP+6f1qIZkjswSYiDa5mdDHxmYhB3OWQfYn53kGzDMnGgynvy7cj4D3s0=
.nsctotal.com.br/	1970-01-20 08:12:17	Name: _gcl_au Value: 1.1.1955076384.1663361921
.mathtag.com/	1970-01-20 15:28:37	Name: uuid Value: 782b6324-e381-4d00-a42a-afd6552e9d8d
.nsctotal.com.br/	1970-01-20 15:38:41	Name: __tbc Value: %7Bkpex%7DQnOv-LfU-8vmvDZhSeUjtCo4r7VBXdAF0trbgH54Xx8H6VT-XZsBlT4icP8zrFzR
.nsctotal.com.br/	1970-01-20 06:45:53	Name: __pat Value: -10800000
.nsctotal.com.br/	1970-01-20 06:04:08	Name: __pvi Value: %7B%22id%22%3A%22v-2022-09-16-20-58-39-224-DdGMP21JvVzqo21B-9ca86f98f57850a54b84254d2eef8a8b%22%2C%22domain%22%3A%22.nsctotal.com.br%22%2C%22time%22%3A1663361921452%7D
.nsctotal.com.br/	1970-01-20 15:38:41	Name: xbc Value: %7Bkpex%7Ds26n6h762fCT6X9AFp9FLqa4pXPY1-yARwec_QVgOoaoSIB8GEUOWF6-YKgHz4Tv
.tinypass.com/	1970-01-20 06:02:45	Name: ch_sid Value: XiZxkZWDZvYd5vE
.nsctotal.com.br/	1970-01-20 06:04:08	Name: _gid Value: GA1.3.1844748461.1663361922
.nsctotal.com.br/	1970-01-20 06:02:41	Name: _dc_gtm_UA-133190190-1 Value: 1
www.nsctotal.com.br/	1970-01-20 06:02:43	Name: _gada_ses.63b8 Value: *
www.nsctotal.com.br/	1970-01-20 15:38:41	Name: _gada_id.63b8 Value: 34c8e4ea-00a4-4e5c-a26c-feb37d373cd2.1663361922.1.1663361922.1663361922.6942187b-1dc8-435f-a62c-87325f67a265
.navdmp.com/	1970-01-20 14:48:38	Name: ac3 Value: 1
www.nsctotal.com.br/	1970-01-20 06:04:08	Name: privAu Value: 0
.mathtag.com/	1970-01-20 06:45:53	Name: mt_misc Value: mt_bt:1
prism.app-us1.com/	1970-01-20 06:45:53	Name: prism_1001361628 Value: 81e53cc7-a7b5-4268-8983-9c64fb1301cc
.nsctotal.com.br/	1970-01-20 06:45:53	Name: prism_1001361628 Value: 81e53cc7-a7b5-4268-8983-9c64fb1301cc
.nsctotal.com.br/	1970-01-20 14:48:17	Name: _hjSessionUser_1950399 Value: eyJpZCI6ImY5MjI2ZTBiLWE3MTYtNTY4YS1hYzhmLWFlNWY4ZTJhNGIxNCIsImNyZWF0ZWQiOjE2NjMzNjE5MjE4NjksImV4aXN0aW5nIjpmYWxzZX0=
.nsctotal.com.br/	1970-01-20 06:02:43	Name: _hjFirstSeen Value: 1
www.nsctotal.com.br/	1970-01-20 06:02:42	Name: _hjIncludedInSessionSample Value: 0
.nsctotal.com.br/	1970-01-20 06:02:43	Name: _hjSession_1950399 Value: eyJpZCI6ImMzNDFmNGM1LTA4ZWUtNDg2MC1hOWM1LWVjZjVlNDZmOTAzYSIsImNyZWF0ZWQiOjE2NjMzNjE5MjIxMjQsImluU2FtcGxlIjpmYWxzZX0=
.nsctotal.com.br/	1970-01-20 06:02:43	Name: _hjAbsoluteSessionInProgress Value: 0
.doubleclick.net/	1970-01-20 15:24:17	Name: IDE Value: AHWqTUlyTQSRaW0aEtxVhmyvrRlBmyyHwAj_TumQDNwQmV_A5DV22cc2Ysz73lku
.nsctotal.com.br/	1970-01-20 15:38:41	Name: _pctx Value: %7Bu%7DN4IgDghg5gpgagSxgdwJIBMQC4QBsAcALAJ4COAdgAyUQBGMAFgG60D2YIANCAK4DOMAE59s5Hrlzd%2BQgMoAXCHP7YQEcq3JcQfBHJgYVARkMBmAGwnDAVkpWATCduUAnA8oB2EAF8gA
.nsctotal.com.br/	1970-01-20 14:48:17	Name: cX_P Value: l84yqn00reezi53l
.nsctotal.com.br/	1969-12-31 23:59:59	Name: cX_S Value: l84yqpbzo1lp2lhv
.navdmp.com/	1970-01-20 15:38:41	Name: nid Value: 1166256149fbb7d3e7b656587c10\|1\|286
.nsctotal.com.br/	1970-01-20 14:48:17	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Sep+16+2022+20%3A58%3A42+GMT%2B0000+(GMT)&version=6.10.0&hosts=&consentId=813aeb26-ec8a-47be-8cfa-42ea1a2846b5&interactionCount=0&landingPath=https%3A%2F%2Fwww.nsctotal.com.br%2Fhome&groups=C0001%3A1%2CC0003%3A0%2CC0002%3A0%2CC0004%3A0
.nsctotal.com.br/	1970-01-20 08:12:17	Name: _fbp Value: fb.2.1663361922456.448846040
.nsctotal.com.br/	1970-01-20 15:24:17	Name: __gads Value: ID=72c5a6167c048a1c-2261abd024ce0076:T=1663361921:S=ALNI_MZR1BlK8zZVamkwuntdSUBFCDXUCQ
.nsctotal.com.br/	1970-01-20 14:48:17	Name: nvg53724 Value: 11662561494609db8be47b432e10\|0_260
.tinypass.com/	1970-01-20 06:45:53	Name: LANG Value: en_US
.cxense.com/	1970-01-20 14:48:17	Name: gckp Value: 1upu06l46fdnq24krl6ne7i2dm
.nsctotal.com.br/	1970-01-20 14:48:17	Name: cX_G Value: cx%3Afttsfj8bt512wijiseek1u16%3A27h3ifu9p2woj
.adnxs.com/	1970-01-20 08:12:17	Name: uuid2 Value: 5223491351606552613
.redintelligence.net/	1970-01-20 08:12:17	Name: 8lcfmzhxc8d6_uid Value: 3ea7038139116c5a
.casalemedia.com/	1970-01-20 14:48:17	Name: CMID Value: YyTjg4tk-OXMtRJBOqEYzAAA
.casalemedia.com/	1970-01-20 08:12:17	Name: CMPS Value: 1184
.casalemedia.com/	1970-01-20 08:12:17	Name: CMPRO Value: 1184
.adnxs.com/	1970-01-20 08:12:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb^`xWoQ!1yIE`fS1ueD1W-044)d+]UgYG+IT+WI7!U)RlRj(jN*/-v!KO1J@Lnsp>vNP(hw9P-HC_#ts_+)ea79
.casalemedia.com/	1970-01-20 08:12:17	Name: CMTS Value: 5164
.awin1.com/	1970-01-20 06:05:34	Name: awpv11830 Value: 296283\|1663361923\|595cc580-3602-11ed-8280-22382f38ffb2
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577
.blismedia.com/	1970-01-20 14:48:21	Name: b Value: 6324E3830D25F1098F820367BLIS
.yahoo.com/	1970-01-20 14:48:39	Name: A3 Value: d=AQABBIPjJGMCELxmpCD45BV5qibK1pWli0AFEgEBAQE1JmMuYwAAAAAA_eMAAA&S=AQAAAuG60Ccg28iQ7to2o1jRQwg
.lijit.com/	1970-01-20 14:48:17	Name: ljt_reader Value: FU-KpGZHXHCeNcP4TjOGM4nu
.analytics.yahoo.com/	1970-01-20 14:48:17	Name: IDSYNC Value: 18yx~2778
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: huzpf4oru3kcrx23j5zmopb0
pb.media01.eu/	1970-01-20 15:38:41	Name: DTU Value: C821EC56B11893234273122F57ECE3DD
.nsctotal.com.br/	1970-01-20 15:38:41	Name: _ga Value: GA1.3.648720974.1663361922
.nsctotal.com.br/	1970-01-20 06:02:41	Name: _gat_pianoTracker Value: 1
.nsctotal.com.br/	1970-01-20 15:38:41	Name: _ga_VBG9C9NG72 Value: GS1.1.1663361921.1.0.1663361925.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://buy.tinypass.com/checkout/offer/pop-up-clube-nsc-panelas-01_html.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://buy.tinypass.com/checkout/offer/pop-up-clube-nsc-panelas-01_html.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31557600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02520a4c9e8bd6c9c4554df97dbba6ff.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
800a8034338cdc6887ac46d4a77d90a0.safeframe.googlesyndication.com
ac-landing-pages-user-uploads-production.s3.amazonaws.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.cxense.com
api.nsctotal.com.br
api.pn.vg
api.webgains.io
buy.tinypass.com
c2.piano.io
cdn.cookielaw.org
cdn.cxense.com
cdn.navdmp.com
cdn.pn.vg
cdn.tinypass.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
comcluster.cxense.com
connect.facebook.net
cookies.pn.vg
diffuser-cdn.app-us1.com
dsum-sec.casalemedia.com
files.nsctotal.com.br
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
id.cxense.com
image6.pubmatic.com
ivccf.ivcbrasil.org.br
mab.chartbeat.com
medialead.de
onetag-sys.com
osp-assets.pn.vg
p1cluster.cxense.com
pagead2.googlesyndication.com
pb.media01.eu
ping.chartbeat.net
pixel.mathtag.com
prism.app-us1.com
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
script.hotjar.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
trackcmp.net
ups.analytics.yahoo.com
usr.navdmp.com
vars.hotjar.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nsctotal.com.br
104.111.239.217
104.18.18.126
13.224.189.115
13.224.189.51
13.224.189.67
13.225.78.124
13.225.78.14
138.201.63.149
138.201.63.157
142.250.185.194
142.250.186.34
145.239.193.130
147.75.83.64
147.75.85.120
151.101.2.133
172.217.16.130
172.217.18.6
18.132.138.70
185.64.190.78
185.86.139.93
2.18.233.201
2001:4860:4802:32::36
212.82.100.182
2600:9000:20eb:e200:18:1fcd:351:7bc1
2606:4700:3037::6815:4d12
2606:4700:3037::ac43:cb88
2606:4700:4400::6812:2a69
2606:4700::6810:2a41
2606:4700::6810:9440
2606:4700::6810:ef3
2606:4700::6811:190e
2606:4700::6811:925b
2606:4700::6811:b7b1
2606:4700::6811:bab1
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2010
2a00:1450:400c:c06::9d
2a02:26f0:3500:898::268b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::714
2a0b:4d07:102::1
3.126.56.137
3.8.108.133
34.96.105.8
35.227.252.103
37.252.173.215
44.237.248.18
51.75.86.98
52.216.18.16
54.76.176.197
54.86.116.177
72.251.249.14
88.198.250.30
94.23.99.218
00e7eb30419d638225ed480d31ce0ba169c7c675db07800bfd0fc9e5a267bdb5
02161bd6ce007e255a24595845792f4e7e606a6d3b51c5fe49a75cb3771a0b7b
021778b2ec3f14e0ed58609ec7020d4d6acaad3b0da84692a9c239c46d2d4e4f
03e9dfebd1323bb87a14f2779cffeed8a47b188b4c18153f08a9986f76b79a58
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
082e674dcf5f6eb9d6b01b54cc7c5bdbf6f0fddcdba42ff64b2ee531b16559d6
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08670e2cafe6c24bc9eba04f089e1b47578a6b0c1d9cdd1fcb1ffe5b73fc6ef5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c422783b259a14ed1c14b6d1b682ab9f368e03be02d78173c06b23f274c5af1
0cd2832156398597d0307db779c57820216ac71517de38991a560a77b26fb44b
0e8864299c990b35e5ea70c2f1950ad526024364202940e41631c7151480deb3
10244a1d3bca2714d7593b11fcafa01eedb14f445c959876e128f18f64ba1df1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12891eb2a8475869d061979bf2eafba3563f1c945fc37ecba919c0d24acc7e6f
13c07f1a0ba00e7c4fdd7e0b0d0676e2b0b077cdf44d50e09ab1ebc0fbf63ac1
15984dfa2c5578324fc434e5bb2a254db7c722af1261f23da88636fe5131ffd8
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
16a46797835f96a806f286dcadc587390caff0d6c2f26e1a665f84ff9924b39e
1725114b31adedaed2eb8bb1e65c350e454f925059b09223b261b9c516100428
17403126b5b65aff2038e55a50a73cbe3274697d3aed395c09fd4db6898790a5
175dd52b60c7b3f2e0b0cc6355849661122fcb193214d31c362381a2b581e777
18bacb56ad6609957f0744afe5c22553863cd9ac895e72b6193cb5ae47e8f9d5
1939ec531628d7f92e536a5aa3672724e4bead2918292dbea9e82072aed5ee03
1c4e0f5e606f6a79eba0ac22c7e087d99417ac4bbbc3b715592d3edf89b61304
1ccce053f9410ea123e4f92affa2fa09db2a3673991b5775eda3301df8814250
1d2009e4aea51a8e6a0f6404f282d8948f473e26f80e45c7ed9bbb12e470d661
1d2e8ecd2ca1334ac31b43e1646c1ffc5be9b41cc8267bf83202f6a5ef3bc608
1fac66bb2f822e090f2e934c8fd2fba2cc6bc5951dc7db30c71811c423578637
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
20a002a79dcc4c711fbdb2c85a59c6006841fe74fe2381738ccadd2dba7b9fba
20e289f065c1a4370e6a9465c6d9b4c66fff2832d2b63aadea09bcb66fb51826
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
260491c90c6df2b732f39e9ca55cb9ee35bd97fa596a9341c3bda216c888729d
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
269da1d7e06991dead40fa2c1b7230c482d7847530fe30025fc754a647b5001d
2a14458cb3acd7f1bff8ea7b23d42dc8effc8560b2258f99f6cb678a1a3de140
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
304f7b98127b1fbd9b4de64743891e55464b585efb7b459f17bf07b9f9890c2b
30ba3ef0cc7a80793f3d6331f556277c00398d3d569b39e3601622fd304229b4
3222210d7fe7b1bf85a9574fdf9df00e9a58b48892fda09e3434fa9f5da2c376
326a5f8d82e6a912028b54a7ed06830dc70fb86e580acab29137959bc8600adf
32f2c908c04c41b99754365fcd123b4745554cd44ea46e0caac5d573f2f17289
344164232a0a57dca1833743bc10e25df8c59a8314b38d3e8990170f246590c8
355326e27a1f0b84783fc989dfd63dbf3990cd1be16859513bdc37abd455402e
35fb187ae6dcf4e4e8902d92fba73f509c6ad51699ac0b8f36d1bbaab30ff747
37122b62808ee4048ddb104296bcfd6c5f99413bae43cf99d0c88aa7465b0864
380b9923c097b3b52dd072661a3457b68d3cad2fa9b3174fe43644c154d13a9b
3848f3e9558c8512687689ae02f314075d7ec75c81cfef6140b8b3e0750ecdb7
3a498fbfa41d030005ba5dc52c22f93fdbf4e7cdb07b2de0168564cdd7e0c9da
3b27f686e9c39188ff63e191cc3efb6500a6c6d06f2d1d2ec27ceb623a2ecacc
3d1f71d7f21f0835b803691da4e3e807fb4c1bfb300cdb92ffa829c9fcaf3119
3db9e093fae6a606ae6b01a663d7bd287e3772016cf3d6b7bf67943bc2c70da5
3f6ea66f4fee4e8832b05633a298a1de7a9c56c89091545674eb34f7ce03dd9c
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
425a465fe224f0ccec4ab2ef8c9b813cfcba0c4aa113c3119236dcc01269c017
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b799b35896b1bf0256fb139030b4d5b4f834a5814776ade0bd10791ce18a3ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6c1766df8aeefdbe26c33b0c8686803e63b296b730f773b287fa51dd77f8ec
50189bd1200d113582253fd38c7debde8910835ca4a22004524d15acb1759051
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a607a0629b7e14261ce71ef18664a754d742f1e9a87d053a603c60d7d6af18
52a4ae4b3d8718cc75f50808f58f6a35a4f387472b474bb599a59ea4745e493f
535be4b8bedf82433d210152dfb19dd4eaf5796c4e61c2be1c2ed356827b5580
54c9b3caa0c53ed38ee347b57cdc8acfbf0f8ac13bce735314f87a4836b8dbd8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d6fd7ac540fb42fe1255c18c3afad14c879e05ddc72d704aa286710766433e
578a11a36b5c94094eca28a9f73bdfc6bdb82836d850283c926123183c99304c
5a5023bce99f5296d557713d010d4a6f5421b09f2c7c84625eaf224f7c8a7b3e
5bc1f880a4af69b6a54e1ae00109c4024b8590c716e4c6c416734a2c4e480fcf
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
60c1d5c94daed3fea1c1934db2a7cee4fd4a0a7e3daaede741644846b027659f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
649f8581f15e1554194c3dbfacc7ca574db699848799c77f05cb54e86d52a64d
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67a3bf88efc48246d79e769fc4be97a52fbd8c52f1e5168724dba197db96bdbc
683a1c1c984165909393efa5d3578bbdbf39c612ad6a5f44a70d916db1f39b5f
697b475200f4c616d172d7273efea87aa4338f14bedf51b91fbc168f74726c29
6b3e8d3dcc4add43faf1e88422015d54b5587e79b3f483c9ac63cded809d796b
6c02757538cdc8272620494111e36409befb93df78613829f32db273a6588c9b
6e21766ba6f2ae382b7eca667d565d028e85959c20673857f9174572833b8628
7045ca708194f3ac08c36b67040a6a989575201fc1a8a2dfaae818431c69ae20
7135861f8a8768636a90c4fb777082380c84194319273624e88004ab2b9d98d2
7277fd9e9bb43fe39b1403784cf6a3b8542ef4cb082f3d4e16e758c43ee5a8c4
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
74095db946160dc07ee291dd3c3f37e5b02e0fc34f4e4d55a8138b12f67f2f42
757aca4aad1c163f70a0e8a6237714a7f074d3d1f17dd1bd85fb9407805745b0
7740e5398a928e69c681ef867a33198d9bd3f527b0fcd1ed03807533abbb47d7
78160658d43e856f1adfb1f3a63ebf58f320f5c5882b60fcb72a60fe0f6e421e
79a9d02d62ba8e0c6650830016360ad971702625d15c2f09b7e6738960d3a0c9
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
7b8a59e84777990167841df8a98e4bd4cc76695bab196bdcd393edc6bae2ff22
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
7da351fd1b4303f82c46d465ddb04ea2b01fe382967c3d2c09e0dd634fdd00fd
7e2d96a1c6dc2958b8cf006cf306e81f5999737c43efcdf4aec9a98272147fbb
7f24d5e431e274a8d8c196752f7ab87ff9c636de1a7bc3d9c44729c1a87570a2
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
805d2dc4c57beb543cf2da0a3d4b12f264eedce36b92c9780e1645022ca44b0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b69d6cec7acfd448561936b084d0e94f0bcccdb2f71133a44e06b04e9b09ce
840634e9ac297125c6ba13261a06d8cde7f8294d57a05a00cb19269177be5e13
8482bd069842034e27d67d4745039435086199951e8e8de8ecb0c0cbdbc670d9
84c1fbfb7f3fb1bf401cb040180dd645023405d633f7c1f02ac0deca56719337
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851b086146630ab863c0b32baeff100dc980a49b4ec40077e998d4301c99b6af
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
870914e597915e7c0e87dae9624b76c760304deb33155b45020d26634f61a932
88d998c83cc5428a639b744acc404faee76dfc256eba6e42913bbc2c3f61c47f
89e79fb3530dea07402743a318e894509707f61f35ffb9d32c42f4aa6a33150e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cdca3b36914e8a3f56390da71389944579faaae82704e53bd66f9c0387502f6
8d0a5a2a67e4e20d7b5ce3bc93a8eb53d933f5061b67559c4aec3f96eaa268ad
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
90ce7100029ba04e44bb3bb47a81b10ab0c4853575d4694725f6b164bc71dc06
91af4a7239697665d8d2c6ada90c5c30471ec40b2c86b1b426a514e4d40901de
92102028ac0c9df573e1feda3b4bbb1a2cd6a0c8b36255bb83e7459bb276ed5f
9320c7ac979cc1d22f1d105818b46611773a20ddafedcf9b1a6e14e5bd50744c
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9666185f3425804e0dd6dfde2fa8817cb54daae6156205187c4ba901a6aacddc
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
9765006df2fce8589c29e8e98c560cd4c2d132aacf07df21ca9fdcbe081b0d05
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
97cb38d104baaa52414bfce8f2b9cad9c1b5cf4380ff61b8b3823be144a13808
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c63aa17ab7bb7ef8dc1c81a3d7b48f2803952b86cd0a4bd471b3f34496dbc96
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9c9c3f901fde00341ee3cd9d48726c805c871cffa975b8bdcd975e4fababf357
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27f9ce5939ee78565fae1437fdef6009650d45b0b68c9a4b3057c0a50224332
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e1f36f2021dbf74b145fe79dc11852a11e4cb4c1a780a4357a4e2e1aa3957c
a8c6bf6cfa12e2869a8c4ea1ae7bfe4e780be410d6010e38d6e983de369d69f8
adafb1c7c20e39af05e24e83cf1139bf1f99ade57c975c72f8990574b2ff9bc0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af017f1c49005b9a50b51d675eff622a0205266b0dfa07dd4b9e9e6ea69a8c8c
b0ab6199114c89aa20f9e01c59b942d4cc9cef5604dabb2924bc75368a3c8064
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d306647e1e5f1542e4a292dc09c4aa689feb40ce76114ccf31447e63a88b3a
b45eef0aed4115eed2ed2f66f1d39ca36b8a1523cd9776077274c403fdd13951
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b635347ae125c2f9c05df9c96050c254a82d6becb55d99f62bc6b2f9ea3e301a
b73a3defe1f14a072bd0c86e4ed32b10b55bfd19b344a381b77d1d0e33d9dff3
b84faab764902aa2708c5aac7872ccb0fdce92477990f1408111a4438220912a
b8d867c1b2bebb2f3ccbb2984e5c96589697c228c611c3aa929067d07e557b05
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd5ec34caa6a40917685a5ea0d906fcffa15c4ad0e04de13d45eba86d05f552d
bf494305df34dcf69021b9c924cc5670b19b5e259be3e4c05b484028bb033647
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1471af13e7ea0de069deac3e7dc78fd16a12462a784464356611b1053bf93de
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c4f1f588aabce40bd0cf2276c0a3aafa15125a9d58e8587a4fb58b7d41b4b217
c5f164c6c493e809312ce215f857af1539ceafe4991e59234aa1acb8a227f503
c66eca762310c1d434d9a98f66a52f086e0e5dd7c714252a897552c51fe80f9f
c8a0daba2bc77b422f84c0f5abb3e1add90a68ac7571ffc7fd0ae9c8dc710f33
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c95ffd41d2daf96061b1fabe086272aeecc270ea331ccb4c18e6cc72f2247975
c99bbff66e64357ae65da6b8de7011bb35d8a51d7a4bcedbf969798b4f7778c9
c9a0ef41b9da6632f2549476b62592fbe166f72f2dd74bfa48dfea87461ef922
ca11b298f778bc9674f60d265c6b71dfcc42723d64cef1ecb6c7056c3088c6e6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb05cbba1621d924c779f6988edc1c9e228d9020c35c2014548bd8e3944ee6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcfa8d962fd310a91bbaeb9fa7709139cbcf41ab12fe0103acc85c8f661a008
d0859b2f88556aebcf99106f1278523aff221812ad34a73109a0ac5ab6401a3f
d13b4a1c26a77843e0b7835c3853007bd3dd22346b085101e951617179670563
d257a75764e746d9a1aafb79d8e47744cb44ee1af115ab2adbd0012c69cf676c
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d7a7c3d05fcbb02bac308def466df01d489364c29375b707631af391e28b41e9
d8c694f531b732f8fa21a51f76e297baf833ac99999685cbd653ce35f9d5fe58
d9fb0e4d820f394c0e82bf90eb8c869bbbe75031e8fb9d319c1a0aa9063e8df6
daf53f73675036c54c80f65f2a48015aa815508cebafa8209bc60e17f28d1186
ddd7f4f8e8cf53bb09a54106570cf43245e2a0902c85e586b4e803f175ae8ac4
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b
df30230d5fa012cd7d78aef57c5100cd19770c0c41b0815849811bba2ebe96c8
e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964
e2c7a872c78bbf7711b7bae075fcd7e8ef640d9bdd53eece0e2590de7ccf6500
e32d5bb32f72381c80966d48aeda239da9ceaa20c38867c207a2cf89bbafaaf8
e36e89345168cb7132b14cf34e05ea50489591f88d037ae21577b2736afc352b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4292356450a0f69922129397d015110bb1f5270420c7a3b1be9661304a0124c
e5a81d49f576b674062a4da3e23dce2d06abf55d36fde518ac18beb6ef31bcd0
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8f2b629f2079e9de6d04cea04b6e89c366ed358943f49e05d44f59111ed2547
e94c5c54f9d3d4cde1147cdc57dbdd0ba32bb05b14b81cf82e2c4ed7da22f58c
e9da58b99548035abdd9b8ab7c0e8f082a620a8a68f964b93d020c8c6f6ec41b
eaa407741c5d8f9461727714a604711a40babebb95f911f8ebd25626b2d1deb6
eafa049666d949f5f7e3a2c2067845b74194821f446f73bd94eaa05459b49dba
eb0f4143820404b4d11a3124a56ceeb46c28539c5b0606460f64158dda5898c4
eb578e5229cead21a487f38f0428ce5362cc04b13dfbc686cb380be538c0e79f
ecc7bc23ca3296009d3a8fb7e4bca8c47cf8b296733173b16d315aae3911eaf4
ed6314fb95d7fb2a6271e0014e2cea359c1f5c6e9322bc0025bbfb039ac418cb
ee68c69b6c4035718f6dbf80a0a97847928e5891d9269eb17ecdd15af8581163
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f008137668b6d472795ea275ed52ae81e4d2cac9efe6e376617771fc1550f7bc
f282722135702817464115a2d64059817dfb39512f0856de0995327edb565381
f38897dac4daeed5c0a51f08fcabc564f97bfce2f60d7a8bb5f40a30c7cc22e0
f389d2ddb47f47947146e98aa8f795f215e736c085400dafc31458f8a4d78d6d
f39909a2ccb33a927f5e64e6fe932bb9d4dc3a6fe987f43174db175d87e9c3a7
f446f54df80a28d0a3219ae2876d72f75dace637c9ac88c058f3e952d65ae8d8
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7c439ef85646d5f8f9315c229280bea356af66ad56d2eee09d03ebedd2c2d2f
fa91aff697c6b75ddfd3a04aa3bce60c14ee5683638f48aad91d5f8072562ee1
fbd7ed4f93721d1fd01062540e84d0c3fa8a5297ef5daff964e7ea5f532930ad
fc66b1f2f4900406fa749ebc994ad2fe12845e7832a43ffa1e1bd6c6eaa7b422
fd2c3df5764e85f6c58b65458b65211872bec85dcbe1b8cd9faa8427ae835190
fd399fce9386542cffc86ac2b565cf32a48b69a0dcd04630ce83264d3b6b1dce
fd9f02ffaf932813e6cc7181f0c38b8aec89a079da85b5ef58af8e2aa18b2b05
fe764d6054dbf851d3dad3afb1ac9243ba5fe7e03989205e96f1cdccf4d1c8e2
fed4d0ef4f3cac52c1fadad0550d67f02fc7da656ba81395069db828d928a20e

www.nsctotal.com.br Open in urlscan Pro 151.101.2.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

292 Requests

96 %HTTPS

46 %IPv6

46 Domains

79 Subdomains

61 IPs

10 Countries

4237 kBTransfer

10724 kBSize

57 Cookies

32 Outgoing links

Page URL History

Redirected requests

292 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nsctotal.com.br Open in urlscan Pro
151.101.2.133 Public Scan

Screenshot
Live screenshot

Full Image

292
Requests

96 %
HTTPS

46 %
IPv6

46
Domains

79
Subdomains

61
IPs

10
Countries

4237 kB
Transfer

10724 kB
Size

57
Cookies

292 HTTP transactions
5 data transactions