urlscan.io logo urlscan.io
SecurityTrails logo

forum.cifraclub.com.br Open in urlscan Pro
2a02:26f0:7100::1720:eef1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://forum.cifraclub.com.br/
Effective URL: https://forum.cifraclub.com.br/
Submission: On December 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 100 HTTP transactions. The main IP is 2a02:26f0:7100::1720:eef1, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is forum.cifraclub.com.br.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.
This is the only time forum.cifraclub.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
27 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 177.54.145.109 262287 (Latitude....)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 185.86.138.121 201081 (SMARTADSE...)
2 5 37.252.172.123 29990 (ASN-APPNEX)
1 2602:803:c003... 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.134 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 8 142.250.185.66 15169 (GOOGLE)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
100 26
1    2a02:26f0:7100::1720:eecb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
forum.cifraclub.com.br
27    2a02:26f0:7100::1720:eef1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
forum.cifraclub.com.br
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a02:26f0:7100::1720:eed0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
akamai.sscdn.co
2    177.54.145.109 (São Paulo, Brazil)

ASN262287 (Latitude.sh LTDA, BR)
master.cifraclub.com.br
id.cifraclub.com.br
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a00:1450:400c:c0b::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
16    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
11    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
174 KB
30 cifraclub.com.br
forum.cifraclub.com.br
master.cifraclub.com.br — Cisco Umbrella Rank: 508412
id.cifraclub.com.br — Cisco Umbrella Rank: 303639
266 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
223 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
4 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
4 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
accounts.google.com — Cisco Umbrella Rank: 23
www.google.com — Cisco Umbrella Rank: 2
82 KB
4 sscdn.co
akamai.sscdn.co — Cisco Umbrella Rank: 155686
142 KB
3 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1657
2 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
105 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
128 KB
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
89 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 4719
751 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
93 KB
100 16
Domain Requested by
28 forum.cifraclub.com.br 1 redirects forum.cifraclub.com.br
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
forum.cifraclub.com.br
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
www.googletagservices.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
forum.cifraclub.com.br
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
5 ib.adnxs.com 2 redirects forum.cifraclub.com.br
googleads.g.doubleclick.net
4 ad.doubleclick.net forum.cifraclub.com.br
4 akamai.sscdn.co forum.cifraclub.com.br
akamai.sscdn.co
3 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 accounts.google.com akamai.sscdn.co
accounts.google.com
3 prg.smartadserver.com forum.cifraclub.com.br
3 securepubads.g.doubleclick.net forum.cifraclub.com.br
securepubads.g.doubleclick.net
2 s0.2mdn.net 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
2 www.googletagservices.com 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 fastlane.rubiconproject.com forum.cifraclub.com.br
1 cdn.jsdelivr.net forum.cifraclub.com.br
1 id.cifraclub.com.br akamai.sscdn.co
1 www.google.de forum.cifraclub.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 master.cifraclub.com.br ajax.googleapis.com
1 www.googletagmanager.com forum.cifraclub.com.br
1 partner.googleadservices.com forum.cifraclub.com.br
1 ajax.googleapis.com forum.cifraclub.com.br
100 26

This site contains links to these domains. Also see Links.

Domain
www.studiosol.com.br
www.cifraclub.com.br
Subject Issuer Validity Valid
www.cifraclub.com.br
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.sscdn.co
R3		 2023-12-01 -
2024-02-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://forum.cifraclub.com.br/
Frame ID: 7C6A54A2B0272388D6098EDCA26DCBA3
Requests: 54 HTTP requests in this frame

Frame: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D63EDB9FE4E8E85CB46087C0EDEB4D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17F75E0340FC17B7D7227028AB77EA3F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B299414236173C7EDF26E7975809BF5A
Requests: 2 HTTP requests in this frame

Frame: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 61F1E9DAA898A20A0DADB3184E9F762D
Requests: 13 HTTP requests in this frame

Frame: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E5BE564A133E46EFA260DA942A163FA5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Frame ID: FE13CBE17F15BD5D90AFBE0DC8940622
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Frame ID: 28A3490F015024F69D37E28E69DDFC7A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B32DF9D226014E96CE1CF1EA2BBFC514
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 516756B30CFD99E9B8602DC93CC9D9F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fóruns Cifra Club

Page URL History Show full URLs

  1. http://forum.cifraclub.com.br/ HTTP 301
    https://forum.cifraclub.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

100
Requests

92 %
HTTPS

77 %
IPv6

16
Domains

26
Subdomains

26
IPs

6
Countries

1311 kB
Transfer

3253 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://forum.cifraclub.com.br/ HTTP 301
    https://forum.cifraclub.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
Request Chain 87
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXG3CYP.-.Eq.m6mO.FymQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
Request Chain 89
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXG3CYP.-.Eq.m6mO.FymQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D

100 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forum.cifraclub.com.br/
Redirect Chain
  • http://forum.cifraclub.com.br/
  • https://forum.cifraclub.com.br/
61 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0b0c0d17f8e91c3a09b27d2487fd31b58787292311e482a702964e332a3fd4ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
12312
Content-Type
text/html; charset=utf-8
Date
Thu, 07 Dec 2023 12:13:58 GMT
Server
nginx
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 07 Dec 2023 12:13:56 GMT
Location
https://forum.cifraclub.com.br/
Server
nginx
css_default-min.css
forum.cifraclub.com.br/static/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
818bd12c5beff720cd2eddda74148da0a0829e4ebb7343ee020a63db66183dae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-a51a"
Vary
Accept-Encoding
Content-Type
text/css
X-N
S
Connection
keep-alive
Content-Length
9493
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:03:10 GMT
x-content-type-options
nosniff
age
223848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94840
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:03:10 GMT
jquery.timeago-min.js
forum.cifraclub.com.br/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/jquery.timeago-min.js?v=1
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
eb548d87d0d3af683cb1c47d66b237592a74caabab5112465bfa157a1dca5e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-9a2"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
1074
perfect.scrollbar.min.js
forum.cifraclub.com.br/static/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/perfect.scrollbar.min.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cc687ae5b41062ae1a135faaa51bf45f06b9c2d380a6ec9618d028ae1fdea5f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-246a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
3279
js-min.js
forum.cifraclub.com.br/static/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/js-min.js?v=56
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
85fb8c7fcf66557177f98b2423c911efde2a4dda9e7664dd12f1319ec3e09a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-49f9"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
7064
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e1a3aba1577e23130e7e9652af64f3b7fa070c9f20bed60f34198145561dc52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29961
x-xss-protection
0
server
cafe
etag
670 / 19698 / m202311290101 / config-hash: 5768096735824373369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:13:59 GMT
prebid.js
forum.cifraclub.com.br/static/js/ads/ 		264 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
43e48bdc3b4db9811ebd587bdb8961e386e4e2eccba785a280f3742817fc4002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-41e24"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
83489
adUnits-min.js
forum.cifraclub.com.br/static/js/ads/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/ads/adUnits-min.js?v=6
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
67863f8c0d2a44e6ef1950a6afd5692c67810c9dc835783d03910533d9b25d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-2c83"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
1616
headerbidding-min.js
forum.cifraclub.com.br/static/js/ads/ 		297 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/ads/headerbidding-min.js?v=17
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
24efba202dba478cfad20e93501e22c983f4b29a9a68cda99ca595fb812fd044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-4a207"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
93013
google_service.js
partner.googleadservices.com/gampad/ 		1 KB
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/google_service.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
2461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
341
x-xss-protection
0
server
cafe
etag
953604975598805376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:32:57 GMT
!pix.gif
forum.cifraclub.com.br/img/ 		43 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/!pix.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-2b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
teclado.gif
forum.cifraclub.com.br/img/forum_icons/ 		110 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/teclado.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b69e1d81a26d91c5469c657642e5c9104dd3e711692607dac7e90e849c33635a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-6e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110
amp.gif
forum.cifraclub.com.br/img/forum_icons/ 		206 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/amp.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e29e1a56f707264411b88b20fc500696a76a0f7525825452249ab22e7e686f49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-ce"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
206
microphone.gif
forum.cifraclub.com.br/img/forum_icons/ 		582 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/microphone.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
07fe2855b25f845924335bd6ae26ace8259668fb284ee6f070ff09935f3997f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-246"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
582
music.gif
forum.cifraclub.com.br/img/forum_icons/ 		155 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/music.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4939ee6bb95c1c1aba9f87c08331ccd7bb03e9875f3b8da0b2ea636c6cf098fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-9b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
155
homestudioa.gif
forum.cifraclub.com.br/img/forum_icons/ 		161 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/homestudioa.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9fedbfacde4078713327046502d5c91c93d201f9ca85ae82f9fffefb03028053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-a1"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
161
divulgue.gif
forum.cifraclub.com.br/img/forum_icons/ 		194 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/divulgue.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4ba0bf3cc72c092f71ba2354264c679a807b1a32d7649b0df1abbd713748f604

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-c2"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
194
guitarra.gif
forum.cifraclub.com.br/img/forum_icons/ 		520 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/guitarra.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5590967e7b7bffd8f2b43a8d99e769d8891c4c1c18ff57911413fd38ed9d1126

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-208"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
520
pedal.gif
forum.cifraclub.com.br/img/forum_icons/ 		992 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/pedal.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3755a7aa0d0de84af855aa1c40df07487e5284d4b6ae635521d025e19569a0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-3e0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
992
bass.gif
forum.cifraclub.com.br/img/forum_icons/ 		183 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/bass.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0893bea007ddccfb090e5367a9be241f4b4fec6bbb0dab59b2d3a92156433851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-b7"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
183
violao.gif
forum.cifraclub.com.br/img/forum_icons/ 		574 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/violao.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c115c0bf657a388e2706cce72017877d6d4ba2222632f2fe97d9d9b3ecad94d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-23e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
574
drums.gif
forum.cifraclub.com.br/img/forum_icons/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/img/forum_icons/drums.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
73f8a675eef311cdcaca0b7e0ea25f7dd251717dfa7919c39e7165343e9c969e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:20 GMT
Server
nginx
ETag
"647f88d4-33b0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13232
js
www.googletagmanager.com/gtag/ 		261 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-600Y1T68HP
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
372ffec223db7366757a7ea0c4935a987384ae2db34d01a56daff33596d8a216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 12:13:58 GMT
SS.forumcifraclub.ccidbar-min.js
forum.cifraclub.com.br/static/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/SS.forumcifraclub.ccidbar-min.js?v=7
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dcc7d675660bc18f8c63d3d0e2312dde1d93d00fb216e7134abc1f298a913129

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-22fa"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
2652
loadAds-min.js
forum.cifraclub.com.br/static/js/ads/ 		818 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.cifraclub.com.br/static/js/ads/loadAds-min.js?v=2
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fd7ad538a187431a48bfe0f85a38aa7a1f866e880088a86fc32e29e3c9073f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-332"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Content-Length
375
client.51f55.js
akamai.sscdn.co/id/pt-br/ 		169 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://akamai.sscdn.co/id/pt-br/client.51f55.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eed0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
af327ab3724ec05c8774d4b098e729eb1fc2d88eb27d3e189ef75a40e9ddd2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
br
server
nginx
etag
W/"d4847ac1b1c498226a63c80f0edbfd9e"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
50528
expires
Fri, 06 Dec 2024 12:13:59 GMT
2bc80.client.css
akamai.sscdn.co/id/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://akamai.sscdn.co/id/2bc80.client.css
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eed0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
08ef3fdb35898c1dc48ffc183be44ac1a3d70587f31a31c71846c3354555432f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
br
last-modified
Fri, 06 Oct 2023 19:08:09 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
2147
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires
Fri, 06 Dec 2024 12:13:59 GMT
/
master.cifraclub.com.br/forum/ajax/whosonline/ 		704 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://master.cifraclub.com.br/forum/ajax/whosonline/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software
nginx /
Resource Hash
d1e8e61025089a7bd544b087f31e38f2086bc04e52bf642a2ae81ed45b286ad7

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
https://forum.cifraclub.com.br
date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
content-type
text/html; charset=utf-8
logo.svg
forum.cifraclub.com.br/static/img/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/static/img/logo.svg
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3de1836391946bbf5d44233777f83e711edd91ed8000a14ef0c40117ae572792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-16e5"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Content-Length
2285
search.svg
forum.cifraclub.com.br/static/img/ 		313 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/static/img/search.svg
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9bb30a7dad5e4506884d9f6979ed55ed5f946b1dbc4715fe349ac0bd0190a6d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
W/"647f88d5-139"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Content-Length
210
bg_bar1.png
forum.cifraclub.com.br/static/img/ 		198 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/static/img/bg_bar1.png
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a98ba996a95f01074d431b410e99aa9ba251b23cfd2199df0c8d812e8cedf93f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
"647f88d5-c6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198
sprite_forum.png
forum.cifraclub.com.br/static/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/static/img/sprite_forum.png?v=1
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
47edf6477b8c6858c8545313d01a02b51323b350d7730cd0d795c853f46eacac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
"647f88d5-6840"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26688
sprite_icones.gif
forum.cifraclub.com.br/static/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.cifraclub.com.br/static/img/sprite_icones.gif
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eef1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d98c06493c9a8cda14ebe7b891af80e73f0624c37a9ec7576ba79d23d5bc70a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/static/css/css_default-min.css?v=705
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 12:13:58 GMT
Last-Modified
Tue, 06 Jun 2023 19:28:21 GMT
Server
nginx
ETag
"647f88d5-c6f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3183
OpenSans-Bold.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/opensans/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/opensans/OpenSans-Bold.woff2
Requested by
Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/2bc80.client.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eed0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb

Request headers

Referer
https://akamai.sscdn.co/id/2bc80.client.css
Origin
https://forum.cifraclub.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
last-modified
Thu, 10 Sep 2020 19:32:08 GMT
server
nginx
etag
"5f5a7f38-b57c"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
46460
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires
Fri, 06 Dec 2024 12:13:59 GMT
OpenSans-Regular.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/opensans/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/opensans/OpenSans-Regular.woff2
Requested by
Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/2bc80.client.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:eed0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf

Request headers

Referer
https://akamai.sscdn.co/id/2bc80.client.css
Origin
https://forum.cifraclub.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
last-modified
Thu, 10 Sep 2020 19:32:09 GMT
server
nginx
etag
"5f5a7f39-ae68"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
44648
expires
Fri, 06 Dec 2024 12:13:59 GMT
collect
region1.analytics.google.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-600Y1T68HP&gtm=45je3bt0v889604859&_p=1701951238552&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=132862317.1701951239&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701951239&sct=1&seg=0&dl=https%3A%2F%2Fforum.cifraclub.com.br%2F&dt=F%C3%B3runs%20Cifra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3075
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-600Y1T68HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.cifraclub.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-600Y1T68HP&cid=132862317.1701951239&gtm=45je3bt0v889604859&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-600Y1T68HP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://forum.cifraclub.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-600Y1T68HP&cid=132862317.1701951239&gtm=45je3bt0v889604859&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1975535698
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
id.cifraclub.com.br/api/v1/cookies/ 		72 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.cifraclub.com.br/api/v1/cookies/
Requested by
Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/pt-br/client.51f55.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software
nginx /
Resource Hash
41b2ce1f5b356e134ca3adc060d678b8667748fbd453532f8e384c8c68d4ee52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
br
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://forum.cifraclub.com.br
access-control-expose-headers
Date
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Authorization, X-Cluster, Referer
expires
-1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:39:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
5689
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 10:39:10 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231207
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29585
x-jsd-version
1.0.1896
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230090-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"636-7T+n14p651UDqUUrsjlaf56A4j0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUX9zO65vwI9MeAyc0j7ghkOu7HM4xflVXab2iW1U3LbTMxG%2BqTmBXb%2Bxi%2Fhzw4KXUEAcfQyqCcXcFUzTdMUCLjYe8bG8tXottlGLgEqxR%2Bx7R8ETHJ8RuY7WrNf2nU080jTHeFxWnMpaTPWaF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
831caf8d9daa5c26-FRA
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:58 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forum.cifraclub.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:58 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forum.cifraclub.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://forum.cifraclub.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
db62f271b0adbd6da616cdc71db2e4cd652a23e8c77314b40b7bf92952277d76
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
an-x-request-uuid
71e7f004-0190-4acf-b591-c2301227422b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.cifraclub.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.26; 217.114.218.26; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
368
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		584 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15546&site_id=101128&zone_id=1165944%3B1165970%3B1165976&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fforum.cifraclub.com.br%2F&tg_i.page=https%3A%2F%2Fforum.cifraclub.com.br%2F&tg_i.domain=forum.cifraclub.com.br&tk_flint=pbjs_lite_v7.39.0&x_source.tid=3d37f248-521c-4d14-8952-db5daa0baee5%3B9a0a6721-f70f-4316-8453-e7ac8fe5c6a1%3Bfdb09e8d-e6aa-460f-ad8e-db6597c9ac28&l_pb_bid_id=10fdfd3ece19f87%3B11a8bf125a21b%3B1281e287a941036&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.5535254054381524
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/static/js/ads/prebid.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b56ffb478915b0abddbc9382a08e004922d87a7e2cc5a10a58a4cd68ea881afe

Request headers

Referer
https://forum.cifraclub.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:13:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://forum.cifraclub.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
client
accounts.google.com/gsi/ 		206 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/pt-br/client.51f55.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
119247ffe7df40e4d8d6d22869c3b2bc6076b5b525d5d3c5e4b8342af2f159ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wjp7OeP9TNvsziVMpQ5NYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-wjp7OeP9TNvsziVMpQ5NYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 07 Dec 2023 12:13:59 GMT
style
accounts.google.com/gsi/ 		533 B
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-3T9ua7waWqSGcNPaB41POw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-3T9ua7waWqSGcNPaB41POw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Thu, 07 Dec 2023 12:13:59 GMT
status
accounts.google.com/gsi/ 		37 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=IClGG5oEgZuICSrUIuQQgg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b69673967c5bf9e1fe15835ed1a38f7c60c955e22baa7e90e42a15602cbbe309
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Lp1yrvUYTceTCxYNtoAqgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:13:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Lp1yrvUYTceTCxYNtoAqgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://forum.cifraclub.com.br
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		175 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3853901287200502&correlator=2035426646258733&eid=31078659&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&iu_parts=3697496%2Cforumcifra%3Abg%2Cforumcifra%3A970x90%3Adesktop%3Atopo%3Ahome%2Cforumcifra%3A970x90%3Adesktop%3AMiddle%3Ahome%2Cforumcifra%3A970x90%3Adesktop%3Afooter%3Ahome&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90%2C970x250%7C970x90%7C728x90&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1&ists=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701951241016&lmt=1701951241&adxs=800%2C315%2C315%2C315&adys=60%2C200%2C1098%2C4152&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fforum.cifraclub.com.br%2F&vis=1&psz=0x0%7C970x0%7C970x0%7C970x0&msz=0x0%7C970x0%7C970x0%7C970x0&fws=0%2C4%2C4%2C4&ohw=0%2C960%2C960%2C960&ga_vid=132862317.1701951239&ga_sid=1701951241&ga_hid=618306391&ga_fc=true&dlt=1701951238405&idt=822&cust_params=reload%3D0%26page_visibility%3D1%26viewport_height%3D1200%26viewport_width%3D1600%26connection%3D4g&adks=727064298%2C1683972511%2C2813286630%2C3358034633&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10dc04f67b6fc175301b2a4c062d363481f7a5a2e41a741974f94e32f9ec4842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56558
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://forum.cifraclub.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32f0ea4cfcd0b02042de8bc9187cbc73ca693961292fd2240e5282cd99fc0502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12147
x-xss-protection
0
container.html
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.cifraclub.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Fri, 06 Dec 2024 12:14:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:14:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17F7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.cifraclub.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 09:57:52 GMT
expires
Fri, 06 Dec 2024 09:57:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B299 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fd92dfa6c8754c9babab6ee60aac4fc75dcdb3472b8bae17939f4f67bde6018a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J5OCodR40nSKxBz4uEvt-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forum.cifraclub.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-J5OCodR40nSKxBz4uEvt-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Thu, 07 Dec 2023 12:14:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 17F7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
8186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B299 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=3853901287200502&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 17F7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wQRg9g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 61F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.cifraclub.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Fri, 06 Dec 2024 12:14:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5BE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.cifraclub.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Fri, 06 Dec 2024 12:14:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FE13 		624 B
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Thu, 07 Dec 2023 12:14:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame 61F1 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
73860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:43:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame 61F1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
73851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:43:10 GMT
view
ad.doubleclick.net/pcs/ Frame 61F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvIpQA1hYOiZQbRvYXT5uCMSa2tyBxOdTpLcAfe-XBn5p1hkww1_NMuMZuSf83QpOUecTvTKbVRw3YqMnRcZ7RYB81ypn22Hjjgu3y3khAEIbPq7Mgyl7ZVeBg2xbXit1d0L6RMBIkQEI9Dx1kJsqsEzouVgF7Gel8UxD8cvQhgY2QgXV3PLyVzEKg-aBDJ_6XR3hkUosbCWgBNpTRnQ_aukJWyqtLzsxSFI0rrSmlGz2HMko5rCH12x8PFyqtbCia4FMKfLkbNLuLGyUjSfqYlanA_9PDPsgrxoGzhSBtjW5W5NGFhI73nF8r_k7SwEf1DNsxRZcWRflQWD10VX3JcsOPxlCBn-3xnBmLGFWZFOKLTYMVdVUnf0AOj9VslkF2rakYu9XG2sPCf2WYm2pKpxvh869NnBxNx6bVf87RMxI_0dDFJeGH2kI46zcjly6YYv7zJ8G4ttBBRjgfF4IuEBTH8USY8_ZT-oGhRar4hPMPFeAHsvYyf2QoArWKSel1sVteq3BRHRt_OlfZarm9J_yzkDN4gZKu-W1YjcGZH2fFIDnpsUoRkGa8oIhq0w_ccNSA_gv5BTP-S4jkI4j9UYsczPI7wDHCI7Dj1Sb6Gefv2iJfLksBLQXe-6KJhl88qwUMoJ8Z3dY3dCNU4qtIb9MeToqNMchuVc4KNAY_mwQJ-QM1LABrZUymXZ_7AhU3oWmr8YaunTzqiP21qgAqbJ8P0eEi2idb8qqyZ0A95-KnGOliInW1EUC3XCvFkNRqkpf8w1nnNvU5qxUwgu_39UsIMkHu-ECRVbIc1D196wgfdIK2Ihb3xpOjEcDascp5svAwZ9OF7FBwsBDLHE-6mI-IJ0tLDD1KcXNZxzAC9ixmbSOhdxY4isKHa9T5c0tkxDCYSS7BjzCzmFfC_YNw-ZFr-32QEi16ybiibcCooQ-DbpAgtBxvdJVdsTPHM5uE3O7MnHuQfmnkuA2fz9NCjdb5bAUdeATSNQe731w83ycgStNWXmN7Jtl4PVnmrw-4joXwjuWmHKPhpiE7b0RAUFnd1KUn7KiVk0jsX2WX1I6j2vCNTwHAUbl-rNcdpLICaVPtZzag-7xTPUvyXUjeXwEPGONFcUffI9ZkN65gegCskSgi5V1ArdZ_Iy2N3jo_8mCWu5KgT3OV6Rl8CLjDeZ1z5z1fnBLvtS63C3y-hQ6-Y79lhfhiDu-vN-hVZxKnGM9k9mTsol85UAGqF8-R42sK7bocMhzzZXiToZLo5k0c4qnAGXy6s71pxqj9Mu6SPioaDG4IXDzsexRLC1Iq_Nx5cnLsK0j3dnxDXFwCKmvMXozFQpw64YwGQP1xsSzWez8f-hCJ2lJ-n4beyEueWLntexBor5eM9D2e151k2uuDjkISEn2Zvzq04RXopXUTtQ0L0C3y0Vp2a_vKB5Ms5_ZZHzAdBcH1rFU0i-b9j3EQAOuP6kKmBOvltk7bW6pMqAkU&sai=AMfl-YQT_vbjBQhj9RoB-5I46wtUPiwO3bElQwu38O3RhrVyEkwvzC7zHnA066umHo2L5ewL3Se92EfaDkPW0EPa93lqiBQl950YBCQAtv9mvEXnK4gz972E_XzQG-yUJ5zHwZ0sdWErx86njMMdhmBfmhmWLAsHUhtiUZCxnjiJPqEDcjWHF5p_DqlE-bDZLCwF2bqGs3BDWkt_-ITHeEDD9RJJYZIL3QX0UxFBwSnjXBVJl1Qdx6ZF9y5X_6KztMZ4oMZlnf0D-f-ycCb_LTrVPsD_cM1dDKGxGre7MOJy2NKifokA1-ATkpwVpesYCKAKXkWKWhdCvPo17epX7z5bghOrCCs7OVrRzntfTXvdxNooYHeVXltsc_8YSvJ1HR3aFQhhd5Dsv0ZuW0zvcs9JZNKAjAQ3Xq-KTyQoGJiITqxQkBCmasZwf4aabZegJkAX4zyHsqlPSMi8T1DV1X2GD18gWBnoOrga8Oa-jif0363VQADCxkzVPH2EUAfTNlC2X9AO6g19o4wpmw&sig=Cg0ArKJSzA9F3bt9sC4GEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbi1ydW5uaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231205.89764&arae=0&ftch=1&adurl=
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 61F1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 61F1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 09:57:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame 61F1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
59424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 19:43:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 61F1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B66QleybSkvVU36rD5CZax_3fdbMezEm5GQZxe6LeAYFtT8VzWcnzLUmnGylsZgo-ZflEn-ygOpqX9XNTxU9dFYHw4m3cltOBmC_BQHs7s-CmDeuY
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 61F1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:01 GMT
5810398503775276081
s0.2mdn.net/simgad/ Frame 61F1 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5810398503775276081
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c660616f3d1d8dc7cd5e3c3dc5c76bb5ed4ee7f7d51fbe3b3a94c1816a62876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:44:16 GMT
x-content-type-options
nosniff
age
59385
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34319
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 09:20:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 05 Dec 2024 19:44:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 28A3 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 12:14:01 GMT
expires
Thu, 07 Dec 2023 12:14:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame E5BE 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite_fy2021.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:43:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
73860
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:43:01 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame E5BE 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
73851
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:43:10 GMT
view
ad.doubleclick.net/pcs/ Frame E5BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsugnr2mOQ5_hBxwICeXTE65H07-HbMBEKerwoF85iZOpns6wrTOHTAJdPzH-si7MSNV-53uYuKAanvtUqqXs-7zPCImK75t1bTe8vsuIOq5Dj7oSStnoX3Fao46vGU-aT6c4nCNe4d6sq9fOL6tKdpTfZvNeDvsIGrDtcllwAwgGloGhugqYqB49-XlPjym5xmxAxCwwewxkJzbSvUO4-dF8TU8rVvKk7Agp9u6Imqo9cJokIKV-rdKK6ZdTVQpaILVI_WtGRKDpDXIPoVlEK8yUbfKXbBRMUltOl03TCH_UnJ04frpjZ4SR1KL2i2n6wvRPkAeHu-ld5a3kXJGX--dt04OO6uJPfu1U1cF6aNLQxBzv42xqpch87A8ENFgOZ9j5cjaIB3938nblP5H9G64dBd2c58Fahdq4qPiowkv4m9OSvKHNCn35pBLeiZJcA-7QZE2x_2d7okR6GySaiMVv9xKEIeSG_LssNXd6Ty9s2bX9OO5m1C9Xn2tx35QAD-lNcBYbT8BxvDoENOmc_LNdbVQDUbCPXKJ7nbFiYEd9pFYE_7x0mxHIEh38QG3gylXoj_BpDuonaHNmsJD_dXhZssqam4RQnsC7s_xoW3bsUGsH9Cr_m3Q7ALPS8RyQKcCFyZRe3Fxq-Rpi1l7a9g5F05jemFKUmuNZZZB15ix00XBmVzZdIr5Qq59OQSgO1874-qaLE-DhpCfvfPy7b-4srq1VUKvxQFen8wohvWHvyWiS-rGtl0bZDn_kFElFdDB9Pdr2mv6DZxBVO1h-xvpxtYdROq6_7Ypt0BmXRIkOxLeI2LUUwxM5E2vYCkTVFKWEqJKI0OoRWXLUsW8f0OakTaf7ZdDiXVqiALKL6lgs8TRAGSAiG0oKV6QKx240D5CQGVaosxisNyHQju6moP3WmbzgEmDoZZyW1jSiJgFRV8OhpDogc_sYAiJCLzkhr_O7jsYz65VW3wNnwQfGWeUSoBFe4kNKGWnnoxEzWIFD6OSD-UAoceuQDVeW-wA9-o-YnfH_1CUGvJUnFvftcXkB5KFHl5vd2X0X3cYyolqc-RMz0WXnQa6smakPP1_OUSmtJjgy8jhW5DuTLvS1F6JJOLSS9uICknqXYntpn5xlJncOIjc5VNVi9oqbfyFwyZSe-A4GSUjS5W18ZunovgrxElLUO-HqJRXQJszykiiuCj-xYzVqHvw30r7oqvvKsJk5VrU6yn0K082GMchzC4Iaa7-GosFbviGLRvgNPl7_93lLiQLmSu4wd9KsNgx63gKWRBo0lQI01wH0OAu6WweHzX7ub558R3IYhr_pPewRGP26cqaIR1UgHwkZaJJiXHqzhRA8MlNlbaRgrBG6-hBX-wzKM_hPLBqLZPHT9S71PvszgU9-AZGfeGSMxF8uVD1VqPB-CSEaFVlrP3RkfFlZvFgo8DyQnlAQtBCUPl3zJQ_Vjg3U93vBoA0yFW86w&sai=AMfl-YSCXITiPbOw2iQiUh9qOgEC5A4j0M71brQmcvww7wUMpRTHgnD3vwzl4AtdK6M15VL3hPN0WxrUfS6I-jzFSOj0lugucI4kjKIPciUTB4HAYUWkZlKf5tp6LLaJ8G4mZI_LNv11LM7xHsV-9qzfXZn3HcuFD_6s5j95NtpvUDBuZCQejMUwH8QAykF2WS2hhqXfmEbQhb1m6NkFL4lPks1sqJsegTLcWyL9BYJSg55o4_ew73gLzLtB3wbEl2XhnZu1208gJj1O99N5zxxmQRXlhUFL3YwEckklh8B3OD1DLKva7Z09iXfd-v_c05CQkOFPhp-tL6cTTap9sbiAWayug5CO6Q7wTYh9j00IwfL4Lv2hQZakTVa4bRwkG4pdjaB_SuhAkkZWapqIZP6KTIdPv7sF_CATecv-36XwrPPgri77fZN4SR28XtW6C3iO1LBJCfrWt-nNYH7lLPoqoQcZ9A0LnqxAulBznImItjcmRpF6IjOZPi0rOesmeJGQQasaoj_uZQRuZw&sig=Cg0ArKJSzEONAI0AZ4D-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbi1ydW5uaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231205.21002&arae=0&ftch=1&adurl=
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E5BE 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
60070
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame E5BE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
8187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 09:57:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame E5BE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
59424
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 19:43:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5BE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3bd5_8DwXUIoGfpNv5XXRzGax2c47WcnOX8fkR4v9srh7rJGqEafhd1VI-aVmZA8Be780_rjOtM_qdniquPUczPmveaNmCA7q5Q0x9EYwgCK-kFU
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E5BE 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:01 GMT
3414408954170490082
s0.2mdn.net/simgad/ Frame E5BE 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3414408954170490082?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qm3FNh5d0ZlayQhqdk45bEDyigjcQ
Requested by
Host: 0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
URL: https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ad1557c1ee2652bb81c1660e41687522151bb64973c56d22c5ff1547dab9f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 09:05:48 GMT
x-content-type-options
nosniff
age
184093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72586
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 16:02:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 09:05:48 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame B32D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
259656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 61F1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745aaba476bd50c28aaca191e90716c4ba3575d340fea73e68f91c6b7bb58a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E5BE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9755f865a781c3747f97024e8c2ce3de0da47740a7e3d19a0ceea84517665919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5167 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
259656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B32D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
8186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5167 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
8186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
rum
dsum-sec.casalemedia.com/ Frame FE13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZSq%2BftqsDDw4ZRREuSF8ilgtDbEhJsDnuQc8IrHxL7SIsuEu5uciu1aIBgo%2BT65rjXxBRGiMHaxe1kitgWrJbpjQzOmdAX4P%2BRDAXDifEZ89jR1KFg5hRLIEvrfxjHx%2FIMi4j0hCH12bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831caf9e481035e8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FE13
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXG3CYP.-.Eq.m6mO.FymQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgzRQwxOhwdSDNEaB8bQmt1YaUKR8iGWyxXyWcQ%2BikF8yGARmKHecxEE93LSlqW03M3GSNXPlEEteAk0FtHUMglnAtB6yRrxsw2k1V0GtZlYAvkkQSTMRQPNKIZVg0ZjasVLiAKp49TeEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831caf9ecf1690f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FE13
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
an-x-request-uuid
0414dfe9-7739-4fd1-b86d-6a22e54fb57b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.26; 217.114.218.26; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FE13
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYq4jQ-AEwAQ&v=APEucNWYO-0--4b9gTRETWLW33bsoxd9AbcvKXzvj7tR-6_JT2jE5uJ58QnBvcCBLuopBfn7ecgZ_6pNAJukptXDS2vo8_S47qOZdQx4oYcC_ewdlzcO2faLm3me1zKgMJanJU545Y6DarmDBJ-hlmdAVjJp2U-v7yPqiP6ORi7bngWE1QXlxI8
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
an-x-request-uuid
a1d13c86-b132-42dd-a8a7-a0ebeab2e60e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
x-proxy-origin
217.114.218.26; 217.114.218.26; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJAg5VJNpnm8CIRCPa05ODntxMjCWJZbIlKBtKvNHDvQA97dctIlGj22QIM5QBp%2BH%2Bh1V3ftvnKlB0pXcsABJyTshlzgRyQsvSLj1rjyQgvIqgsTP%2FgKv5uxJoTcypyBDYqS1O45%2ByHP0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831caf9e480935e8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBA_mdqC7Fx-89o2wTKgAKI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXG3CYP.-.Eq.m6mO.FymQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
43 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7btzxwNrqo7i9TIyCiUTWbdd3Xlob53bvFZhwBdfT3BsJ5kcmn1oCVrODnSMv2I%2B%2FEc0Qo%2Fb1e8B1SDqrafvTkdnBl%2B8%2Fj%2FoDHGnw5y9ZZve35J%2BE4pnJoKm4z0neigQ9hwwmZNf2aQE0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831caf9ecf1790f4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPtwYmPxS0H2uEr6d6Ro5w4&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 28A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Protocol
H2
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
an-x-request-uuid
7533e154-86c1-4e21-b6a4-b729ee4c9eb9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.26; 217.114.218.26; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGIvP9f-Vo0_9qH7fVBY97A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYnPmB-AEwAQ&v=APEucNXxqAXkSSTzb2i1X52WZDAyy4sTXIMfxt34l8nAD35JJfBjDZptQ1A-AZJznLrSyzQ0QY_yo2CmfBrumJ5e-IXQNzIDV7v4ieVJomBp__Vjitisxbke2QN5BQ69u2yDk3Ik3_jErUiKFHGw2TN6bW6x-NznZjnncCGljBJp_-wlFnrtLyc
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:01 GMT
an-x-request-uuid
57e78db3-139c-4baa-8d10-b8734f522119
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1NTYxNDkwNTg1NTIxMjMxMA%3D%3D
x-proxy-origin
217.114.218.26; 217.114.218.26; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame 61F1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvIpQA1hYOiZQbRvYXT5uCMSa2tyBxOdTpLcAfe-XBn5p1hkww1_NMuMZuSf83QpOUecTvTKbVRw3YqMnRcZ7RYB81ypn22Hjjgu3y3khAEIbPq7Mgyl7ZVeBg2xbXit1d0L6RMBIkQEI9Dx1kJsqsEzouVgF7Gel8UxD8cvQhgY2QgXV3PLyVzEKg-aBDJ_6XR3hkUosbCWgBNpTRnQ_aukJWyqtLzsxSFI0rrSmlGz2HMko5rCH12x8PFyqtbCia4FMKfLkbNLuLGyUjSfqYlanA_9PDPsgrxoGzhSBtjW5W5NGFhI73nF8r_k7SwEf1DNsxRZcWRflQWD10VX3JcsOPxlCBn-3xnBmLGFWZFOKLTYMVdVUnf0AOj9VslkF2rakYu9XG2sPCf2WYm2pKpxvh869NnBxNx6bVf87RMxI_0dDFJeGH2kI46zcjly6YYv7zJ8G4ttBBRjgfF4IuEBTH8USY8_ZT-oGhRar4hPMPFeAHsvYyf2QoArWKSel1sVteq3BRHRt_OlfZarm9J_yzkDN4gZKu-W1YjcGZH2fFIDnpsUoRkGa8oIhq0w_ccNSA_gv5BTP-S4jkI4j9UYsczPI7wDHCI7Dj1Sb6Gefv2iJfLksBLQXe-6KJhl88qwUMoJ8Z3dY3dCNU4qtIb9MeToqNMchuVc4KNAY_mwQJ-QM1LABrZUymXZ_7AhU3oWmr8YaunTzqiP21qgAqbJ8P0eEi2idb8qqyZ0A95-KnGOliInW1EUC3XCvFkNRqkpf8w1nnNvU5qxUwgu_39UsIMkHu-ECRVbIc1D196wgfdIK2Ihb3xpOjEcDascp5svAwZ9OF7FBwsBDLHE-6mI-IJ0tLDD1KcXNZxzAC9ixmbSOhdxY4isKHa9T5c0tkxDCYSS7BjzCzmFfC_YNw-ZFr-32QEi16ybiibcCooQ-DbpAgtBxvdJVdsTPHM5uE3O7MnHuQfmnkuA2fz9NCjdb5bAUdeATSNQe731w83ycgStNWXmN7Jtl4PVnmrw-4joXwjuWmHKPhpiE7b0RAUFnd1KUn7KiVk0jsX2WX1I6j2vCNTwHAUbl-rNcdpLICaVPtZzag-7xTPUvyXUjeXwEPGONFcUffI9ZkN65gegCskSgi5V1ArdZ_Iy2N3jo_8mCWu5KgT3OV6Rl8CLjDeZ1z5z1fnBLvtS63C3y-hQ6-Y79lhfhiDu-vN-hVZxKnGM9k9mTsol85UAGqF8-R42sK7bocMhzzZXiToZLo5k0c4qnAGXy6s71pxqj9Mu6SPioaDG4IXDzsexRLC1Iq_Nx5cnLsK0j3dnxDXFwCKmvMXozFQpw64YwGQP1xsSzWez8f-hCJ2lJ-n4beyEueWLntexBor5eM9D2e151k2uuDjkISEn2Zvzq04RXopXUTtQ0L0C3y0Vp2a_vKB5Ms5_ZZHzAdBcH1rFU0i-b9j3EQAOuP6kKmBOvltk7bW6pMqAkU&sai=AMfl-YQT_vbjBQhj9RoB-5I46wtUPiwO3bElQwu38O3RhrVyEkwvzC7zHnA066umHo2L5ewL3Se92EfaDkPW0EPa93lqiBQl950YBCQAtv9mvEXnK4gz972E_XzQG-yUJ5zHwZ0sdWErx86njMMdhmBfmhmWLAsHUhtiUZCxnjiJPqEDcjWHF5p_DqlE-bDZLCwF2bqGs3BDWkt_-ITHeEDD9RJJYZIL3QX0UxFBwSnjXBVJl1Qdx6ZF9y5X_6KztMZ4oMZlnf0D-f-ycCb_LTrVPsD_cM1dDKGxGre7MOJy2NKifokA1-ATkpwVpesYCKAKXkWKWhdCvPo17epX7z5bghOrCCs7OVrRzntfTXvdxNooYHeVXltsc_8YSvJ1HR3aFQhhd5Dsv0ZuW0zvcs9JZNKAjAQ3Xq-KTyQoGJiITqxQkBCmasZwf4aabZegJkAX4zyHsqlPSMi8T1DV1X2GD18gWBnoOrga8Oa-jif0363VQADCxkzVPH2EUAfTNlC2X9AO6g19o4wpmw&sig=Cg0ArKJSzA9F3bt9sC4GEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbi1ydW5uaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=207&vt=11&dtpt=206&dett=2&cstd=0&cisv=r20231205.89764&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame E5BE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsugnr2mOQ5_hBxwICeXTE65H07-HbMBEKerwoF85iZOpns6wrTOHTAJdPzH-si7MSNV-53uYuKAanvtUqqXs-7zPCImK75t1bTe8vsuIOq5Dj7oSStnoX3Fao46vGU-aT6c4nCNe4d6sq9fOL6tKdpTfZvNeDvsIGrDtcllwAwgGloGhugqYqB49-XlPjym5xmxAxCwwewxkJzbSvUO4-dF8TU8rVvKk7Agp9u6Imqo9cJokIKV-rdKK6ZdTVQpaILVI_WtGRKDpDXIPoVlEK8yUbfKXbBRMUltOl03TCH_UnJ04frpjZ4SR1KL2i2n6wvRPkAeHu-ld5a3kXJGX--dt04OO6uJPfu1U1cF6aNLQxBzv42xqpch87A8ENFgOZ9j5cjaIB3938nblP5H9G64dBd2c58Fahdq4qPiowkv4m9OSvKHNCn35pBLeiZJcA-7QZE2x_2d7okR6GySaiMVv9xKEIeSG_LssNXd6Ty9s2bX9OO5m1C9Xn2tx35QAD-lNcBYbT8BxvDoENOmc_LNdbVQDUbCPXKJ7nbFiYEd9pFYE_7x0mxHIEh38QG3gylXoj_BpDuonaHNmsJD_dXhZssqam4RQnsC7s_xoW3bsUGsH9Cr_m3Q7ALPS8RyQKcCFyZRe3Fxq-Rpi1l7a9g5F05jemFKUmuNZZZB15ix00XBmVzZdIr5Qq59OQSgO1874-qaLE-DhpCfvfPy7b-4srq1VUKvxQFen8wohvWHvyWiS-rGtl0bZDn_kFElFdDB9Pdr2mv6DZxBVO1h-xvpxtYdROq6_7Ypt0BmXRIkOxLeI2LUUwxM5E2vYCkTVFKWEqJKI0OoRWXLUsW8f0OakTaf7ZdDiXVqiALKL6lgs8TRAGSAiG0oKV6QKx240D5CQGVaosxisNyHQju6moP3WmbzgEmDoZZyW1jSiJgFRV8OhpDogc_sYAiJCLzkhr_O7jsYz65VW3wNnwQfGWeUSoBFe4kNKGWnnoxEzWIFD6OSD-UAoceuQDVeW-wA9-o-YnfH_1CUGvJUnFvftcXkB5KFHl5vd2X0X3cYyolqc-RMz0WXnQa6smakPP1_OUSmtJjgy8jhW5DuTLvS1F6JJOLSS9uICknqXYntpn5xlJncOIjc5VNVi9oqbfyFwyZSe-A4GSUjS5W18ZunovgrxElLUO-HqJRXQJszykiiuCj-xYzVqHvw30r7oqvvKsJk5VrU6yn0K082GMchzC4Iaa7-GosFbviGLRvgNPl7_93lLiQLmSu4wd9KsNgx63gKWRBo0lQI01wH0OAu6WweHzX7ub558R3IYhr_pPewRGP26cqaIR1UgHwkZaJJiXHqzhRA8MlNlbaRgrBG6-hBX-wzKM_hPLBqLZPHT9S71PvszgU9-AZGfeGSMxF8uVD1VqPB-CSEaFVlrP3RkfFlZvFgo8DyQnlAQtBCUPl3zJQ_Vjg3U93vBoA0yFW86w&sai=AMfl-YSCXITiPbOw2iQiUh9qOgEC5A4j0M71brQmcvww7wUMpRTHgnD3vwzl4AtdK6M15VL3hPN0WxrUfS6I-jzFSOj0lugucI4kjKIPciUTB4HAYUWkZlKf5tp6LLaJ8G4mZI_LNv11LM7xHsV-9qzfXZn3HcuFD_6s5j95NtpvUDBuZCQejMUwH8QAykF2WS2hhqXfmEbQhb1m6NkFL4lPks1sqJsegTLcWyL9BYJSg55o4_ew73gLzLtB3wbEl2XhnZu1208gJj1O99N5zxxmQRXlhUFL3YwEckklh8B3OD1DLKva7Z09iXfd-v_c05CQkOFPhp-tL6cTTap9sbiAWayug5CO6Q7wTYh9j00IwfL4Lv2hQZakTVa4bRwkG4pdjaB_SuhAkkZWapqIZP6KTIdPv7sF_CATecv-36XwrPPgri77fZN4SR28XtW6C3iO1LBJCfrWt-nNYH7lLPoqoQcZ9A0LnqxAulBznImItjcmRpF6IjOZPi0rOesmeJGQQasaoj_uZQRuZw&sig=Cg0ArKJSzEONAI0AZ4D-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vbi1ydW5uaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=185&vt=11&dtpt=184&dett=2&cstd=0&cisv=r20231205.21002&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: forum.cifraclub.com.br
URL: https://forum.cifraclub.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 12:14:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=3853901287200502&bg=!dHeldzjNAAY3kmNgF5I7ADQBe5WfOKCEecz5STfQ0PBNOJAfZQeZ8Id9XA3uZ7lSTRWs-Gjyl1dWrJ7zJ9LKqhsssrFoAgAAAEdSAAAABGgBB5kC-tQlyC7XgmI5xBXxSe5mpWa4ac1ijT_THkKeYkBLYQwiJTEFfVWUaKmHcJamoWGl_U4w_a5pq8ifuLThn1CxeKEB0_oYRauUOy-w37wANkI63Faquvl3RV-SMJZn3P6hAfi7ofOo7Sr7Qn7OuU34dWqgD-mbxBt93bB4kKQ-bsHIgJt3NPGqeFtsmiduAN9C3Y4DNrERrlTYhorcIHKfspRy29Ky53d33UqP0FXd76ibcEW2YTenPprMdokkgYcu-LaMA2PPHqKa3STcnTOGHF-_s7do0IAHsHK6eFNrHZoYRhe0eVu_XieSOZIwrvJ-70g5EeucutcM-GbIJvbOGIftL2PP-NKDerHeGYqQ0XCaxN-kMsCZwZCy9kD8ubU1brdqnFT4Za5-ctD96TKR7Kw6Kf0PoNEpNgu9bniaRkIlKOhe_AEbndebYM-hfkSC_e9IdaHsTiI2FLAZd_SuRHtB17Rh-vr5PnNkvMv8EusKXhfWKfRExMDymKrymrsd5WjwFkrGD67CDFpkl0HNA0ZPcemUekOMNz4QIqmpUdm4oW2oSAI3JURIplRiScLSlI8fJijgEehun4bsHB1DzDVedEABYcKSMgZWOBPGliVHFruwnWZk5Q0fgLAHm1s7DMeWX0xIvzatVtL5OjqVzYA4M8y9z7loOhHF7XyK-10p0QQWvZwe1O-lwCGqaIjeTPQpFxpSgWJi9gOIFWlB-W1CNW094_lGCsDQ9sufku81t1FjeFGviQEWmhZsgRN-VN9FO5mJI7C9WC_E8fJjuVra2zQP8s4At0gV420i7E_daxZ-zgt16fpA1pmM7_z9V1b5Xgs8iplUU4w63-gfQSY3X5_3lkJSfeGTPjmSJMOd1U-nG7VRfuxGHIiYMs2a9BIalZjgk64J5K5Ay8s03YvZJTdkNONcLLrmT3Di5BTsj36MuigCDmKFb9MtPv9gkwhE6zYi-DKMR_6oem2_E4O3o4nQmeVqm4Lqb2WsLztldvPEwMudx__cQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://forum.cifraclub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B32D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQbQECbdxZeqRBMqlgAe426bIBwAAAAA4AeAEAg&bg=!FhWlFVrNAAY3kmNgF5I7ADQBe5WfOJr-lj8UTC496IrLbVtTI12cHdcIxg1G0Y8tusR103YIBs9RN_X2e1im2jevu4UiAgAAAOlSAAAAA2gBB5kDWz3L90qO4cz8NEXiLmswutLIln8X4qPnjtEaaSnOapeLHL_WikJ80XUMmHOSoE03rSEVmvafT-9ybj6dP2ne3q0ebRmPrOdiVmNr00jASyn3GfkRiCs22IGNp9pjClmbXz2bcF0ivUgjYxWsjYVSHqnZNVGpQIom9hKBtZk3VCFf8gZ4bUZN6kpBuCSnGMXg0JnSkIc6UN-Af3IA_jarHaOGeUUpuFM2x5Fq_-NSz_TSYsxZylSOYbESh3OwG29xBt_JqhQCmDWWbIipS2F5lmEhDf6UzlyUja2HpazYrUDtwxAMCAY5l1Ad0xvnJuw3D3dzaRDY9Js8qbUqIVsFlYvlq1jlv3humdk3Jgrg24eEJXx3pc3u63cKNil-dTeLv3d_E0egU7g2xVPyf12m7c_EIUx8uubyGrw9zEjTqW7VYHn6cMDtCIOkbKrcH6ois0cY8fCA7zBS_BtHZ4bViM_szH3Nm3vf6BSGrLurBdXQ6i2-5u7f5j8cgBdCumLBclzjfwnvpHtVMG_ubVw0_2rjmxBCk1hNaWgr4lZoNfuT1cc8qfi1fs_P2vHtQSILK8YhfumjvuEW0dTMFAwjoAPqwP7zNAAEkyDjU58Wkwqah71muwpHwisMjFnYZA95Y5N_y-XcWUvVRULWrKggAxcwoFAoVCUo_WRGPFkpgOfGFcUHX2cn_ledf64ZGasFYqB_CaYFmxZDAKK-Bi7y0sit-FjcVglIBskcyAajFRduvnTETQpBuRr5Y3SJ70Da2wCgGkyQlPTfFWzlYhOB-VmgNR0e0cicpW20gjTlt-X1Ki_dNqydTpaCd83CZujlJlxJJC5d1XZ2vbV2nIIsBzSQSozvDKm4hs3U9-4ev_PK-wXdX-llJvUc3VB6YQutPm5vD6t0ERF-TJAL3tTSLM7kfQ0JHRkLOU_GYoH7GEtMjA-hmYVXqPpF7TAp5ySFI-osFXRtoMsj4ZFFv3gT9pbAf-E7RHTB3DA8ui1lFJoAFsQuaHH7ZXEP384Y71-Zca1yJ350QQv_VYCVuPgQ2Saj31RqnBb3kKrroyGEwuon07KEKMdKdDbmmZ39IJX4ZyGwCYeds8SJxuyRc87gn8bjbD4zhAVSrvmloLtH-s5oXesjrqDMievLgXY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5167 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BVn12CbdxZYWUBMqlgAe426bIBwAAAAA4AeAEAg&bg=!UlGlUR7NAAY3kmNgF5I7ADQBe5WfOHIqvnhvHw7Aaw6RaO_mzn5oxYAQGEb7oJvZyAKs1pJtXPr3MGUDH0ZRCn6C9JDiAgAAAJJSAAAAAmgBB5kDWqYVULjap_b2f5DjzSZLtuNXop-CE-5RjzuvtaiuE9XtUvbBjCjKV-CRAqq5nzO1j538lffLIFTuzOYxDxo1eKIEhR__iluAYtPUgb-FNXZcUrO_GMSnE95FjPxXSDeIMwY9GPR6Na_por3k4ZeYqkWhQfq2z-vdrvd3Rwtrcn__uc2mr_34cvVAldVqeRwPx7yqHLv3A89wjn7SUil0qllrWFcbC8cIKc5iAr7aJnqTBVoUHPfb1Ec-vsoGs0Z0Brx_yzaVoL055Zg8XgeBf3l6oGEY1kk539rHXO3T7LYUNPIwzvVfFQ90lVbfTRsMPHU7lsjUGfH2LbVvt5_tBXmRs6xj9orEnu5pm36JAGTpsC5TTpx8gvp1tCQ-aas_L5TBlg0okS3CZAd7pogaKg-sRwuRGJAPU8Ft8veqlV1PI28UxT6jaoO_D_g4alS2NjjC3h5K4aoNHwFi8F6pC66Ztg95LDz8VqAUDr2fSeyZH4YBCgvNbgbRjbZ2iDaYajZjXKugkSztcyuupnHyrFTxzopPXnsq34OgMxipMatfNIsDsKJJGf_SbWUVA-qee867_HBJrVlasaI4Op6furJAUuoobxmwlspd0eo5BtU59z4bC4EPhOQPK_tQsFUJN0pMWIIYOOq0fMAgLPBtxtk5kOIRFQPvyutMbH397kVSI5D_FvKs58heXJohjOiTDp0MnPB74Kkiuz8MfbjObGvcGjrz_MpJcLUXKUiAHtyJiLDQYwS7Kj_PQIhW-LMt2BKdH3VHdV31ySc4rM_AAEMCbRpOlIgKnH9k0I3Sz-rpwjE4Wh0ottX4hYAZLHEP0kqzsIAw0sGEhZMbnOhc32ggjTFIYpE4drwn7T4xryXnR6-GZRKVCy8y_fpoAWF4Rqkmns9FUYr8Doh6d-zAPCklBHgHIG-K6CLRD9Da7Byu4kdwtoLJZAfhEtGu0oJbMKbTvhva4tZZMWRAP_wkKWRELrMpDXFSrredWzLyh7XBBAkBfjW4V8ZXJNaDLxupxHYP7l2ihWvnjLfveyhv6GsB87roRlUKo5fP6V5RKzI0kOJFGwI8nqFgCtskhGjd6csm6KXOKGLyvxIAuZD8-FBXbOT1ci6U8h_M9DybxbAjfaJFpJ_adOdrqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 61F1 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1zLJoxdryQ9fuPIN58CAmvUiyYnnnOvTVAA-osi4sHUgxc0cFAWV5gnlX1nyJo2RT8c9JxzDcSvFXA5MRa02v1NXOdkXMDiGPUbmfIxL1zPveaMCxxFvMd2ixgexoJ3In-U0ov9MzKoDq&sai=AMfl-YTfl1Zf2DVILYqqDbloDwQvKBTZ9JWfT-Rgez55N8Hxez2CJ24IlahvUKgZc_JqOI2x87REkGMsiBqEHEbdsK6FDZKZWwstRg6e1vE1DcWR8komJNirbRPy_0PueRruVwGWKA1uxhUDNW6j1F-xE93L5nsJ5yx7-WRF&sig=Cg0ArKJSzCltW-OWUpQJEAE&cid=CAQSTwDICaaNkzaRBVGqjMiss2PUb_e7a1bWxTxOsXbhc2Po_46Bi6uHoFTEQ6OCAzbzyHqr6LwKsIYfDejNcY1IMYJrkKzncLQMGJUnQxv0syIYAQ&id=lidar2&mcvt=1000&p=155,436,245,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1683972511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701951241689&rpt=223&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E5BE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoreRbR7nKrwBfCHrFzhdzCeyA-M9xSAwvPEPRcZ1Jkw95mMc-ojrIjoE_9knj8d2MmGAkIXeO-8o86i0Wrnc_AamxXGlKRPBX-rl5XsUgKfjGBhSYo29O5nqlXBvzsWi-yVqlSTduDA1D&sai=AMfl-YQWa8Ctze1tVTtfuPo1ENFQlUwm_7O1PSU9LRcBOYMBZWlHxqPyD-hRXA65C9t0CD-GqgibFVrThzEEF4jqzCoCHtZJP48JNIt7Jz1QZwZb3AFqLu8V0SQYDIAdABhgn27D6EZZ0NWLECVUPTAYoH1c24ykrs1L-u7G&sig=Cg0ArKJSzGtXfCA6_9LTEAE&cid=CAQSTwDICaaNkzaRBVGqjMiss2PUb_e7a1bWxTxOsXbhc2Po_46Bi6uHoFTEQ6OCAzbzyHqr6LwKsIYfDejNcY1IMYJrkKzncLQMGJUnQxv0syIYAQ&id=lidar2&mcvt=1000&p=1053,436,1143,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2813286630&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701951241705&rpt=282&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 12:14:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| $ function| jQuery string| abc string| num number| uv_num string| uv_c object| posts_pagina object| posts_pontos number| total_pontos_pag number| total_pontos number| pagina boolean| orion boolean| orionbat boolean| orionamp number| randomico string| swf function| urlMakerParser function| repEls function| opn function| posEls function| getQueryParams function| getCookie function| mobilecheck function| setBGMultiSom function| setBGMercadinho function| setBGHyper function| setBG function| pban function| vaiad function| getXmlHttpRequestObject object| searchReq object| votando function| searchSuggest function| handleSearchSuggest function| youtube function| utube string| ultimo_id function| cria_denuncia function| denunciar string| ultimo_id_balao function| cria_balao function| votar function| mostra_resultado function| mensagem_voto function| gera_pontuacao function| cria_quadrinhos function| fechar_denuncia number| mostra function| mostra_foruns function| mostra_banner number| contador function| contador_regressivo function| rand function| gC function| toggle_bt function| anima_menu function| versao_classica number| Num number| box_login function| IEHoverPseudo object| googletag object| pbjs object| cifrahb string| __varnishServer object| adsConfigs object| apstag object| requestManager object| _pbjsGlobals object| mnet object| __activeBids function| initADPipeline function| dynamicLoad function| GS_googleAddAdSenseService function| GS_googleEnableAllServices function| GS_googleResetAllServices function| GS_googleGetIdsForAdSenseService function| GS_googleFindService function| GS_googleGetExpIdsForAdSense object| GS_googleServiceIds_ function| GA_googleSetCookieOptions function| GA_googleSetTagForChildDirectedTreatment function| GA_googleAddSlot function| GA_googleFetchAds function| GA_googleUseIframeRendering function| GA_googleUseFriendlyIframeRendering function| GA_googleUseFriendlyIframeSRARendering function| GA_googleUseSyncSRARendering function| GA_googleDomainResetUrl function| GA_googleFillSlot function| GA_googleFillSlotWithSize function| GA_googleResetAll function| GA_googleNoFetch function| GA_googleDelayFetch function| GA_googleAddAttr function| GA_googleAddAdSensePageAttr function| GA_googleAddAdSenseSlotAttr function| GA_googleCreateDomIframe function| GA_googleSetAdContentsBySlot function| GA_googleSetAdContentsBySlotForSync function| GA_googleSetAdContentsBySlotForAsync function| GA_googleSyncAdSlotLoaded function| GA_googleReallyFetchAds function| GA_GoogleAdSlotContent function| GA_CookieInfo object| GA_jstiming object| GA_googleEnv object| fcc object| ccid_cookie function| gtag object| dataLayer object| SS object| ccid function| loadAds undefined| slotFooterFixed boolean| noReload object| adUnitsSlot object| adUnitsSlotRefresh object| prebidAdUnits object| prebidAdUnitsRefresh string| lastURL object| default object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| gettext object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| zxcvbn object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| onGoogleLibraryLoad object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_433929 number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

16 Cookies

Domain/Path Name / Value
.cifraclub.com.br/ Name: _ga
Value: GA1.1.132862317.1701951239
forum.cifraclub.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.cifraclub.com.br/ Name: fcc_anol
Value: 36481828101701951239
.cifraclub.com.br/ Name: always
Value: true
.rubiconproject.com/ Name: khaos
Value: LPV5TP0P-12-3RCB
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EhDG4Y4KKmJRbU1ZxogGjlwOA+xFj1I9scmP1H4Ec1c+5fExwaPAxprSs7YrKtG3DrhUejq0qQFqEYEuy6Hd+e+JhsHlJbldDdzDHRihyHdoiKPLRELhl3xGLmP30iNJH4=
.adnxs.com/ Name: icu
Value: ChgIy6c-EAoYASABKAEwh-7GqwY4AUABSAEQh-7GqwYYAA..
.adnxs.com/ Name: uuid2
Value: 1855614905855212310
.cifraclub.com.br/ Name: __gads
Value: ID=df93aab01cce7dc7:T=1701951241:RT=1701951241:S=ALNI_MY6dDJD7wX7brrGwOSahardOKls-Q
.cifraclub.com.br/ Name: __gpi
Value: UID=00000d0cc20fa729:T=1701951241:RT=1701951241:S=ALNI_MYLwrGQxl2O_QRpuwVoqMSTqcnw9A
.cifraclub.com.br/ Name: _ga_600Y1T68HP
Value: GS1.1.1701951239.1.0.1701951241.58.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUk7vMBJmsEp1sakvWc3Zowv-qFKgTckGFlwSxg6JpiGXwZitaceOGaD5uXcBgI
.casalemedia.com/ Name: CMID
Value: ZXG3CYP.-.Eq.m6mO.FymQAA
.casalemedia.com/ Name: CMPS
Value: 3223
.casalemedia.com/ Name: CMPRO
Value: 3223
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C'!>DI@L!A#F3.TOKKnyW<U1`VROYQM-:b7^<xE]`PAc0XHGXsisxUwFk[a^HJEb7:su/X%W#.wL4W1Qw10maF+o

1 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=IClGG5oEgZuICSrUIuQQgg
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b4b5dcb571437481f1210f8d0419f23.safeframe.googlesyndication.com
accounts.google.com
ad.doubleclick.net
ajax.googleapis.com
akamai.sscdn.co
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
forum.cifraclub.com.br
googleads.g.doubleclick.net
ib.adnxs.com
id.cifraclub.com.br
master.cifraclub.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
prg.smartadserver.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.185.134
142.250.185.66
172.64.151.101
177.54.145.109
185.86.138.121
2001:4860:4802:32::36
2602:803:c003:200::45
2606:4700::6810:5914
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9a
2a00:1450:400c:c0b::54
2a02:26f0:7100::1720:eecb
2a02:26f0:7100::1720:eed0
2a02:26f0:7100::1720:eef1
37.252.172.123
07fe2855b25f845924335bd6ae26ace8259668fb284ee6f070ff09935f3997f2
0893bea007ddccfb090e5367a9be241f4b4fec6bbb0dab59b2d3a92156433851
08ef3fdb35898c1dc48ffc183be44ac1a3d70587f31a31c71846c3354555432f
0b0c0d17f8e91c3a09b27d2487fd31b58787292311e482a702964e332a3fd4ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10dc04f67b6fc175301b2a4c062d363481f7a5a2e41a741974f94e32f9ec4842
119247ffe7df40e4d8d6d22869c3b2bc6076b5b525d5d3c5e4b8342af2f159ae
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
21afa7199d559d4dfd75da10d23a37752ed1c2636718c556a133dc13ba88fdbc
24efba202dba478cfad20e93501e22c983f4b29a9a68cda99ca595fb812fd044
27860bbd92fc2f77d8f4c4b0c01ab7649cc8002ad183240e7289338d217b0566
2e1a3aba1577e23130e7e9652af64f3b7fa070c9f20bed60f34198145561dc52
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f0ea4cfcd0b02042de8bc9187cbc73ca693961292fd2240e5282cd99fc0502
372ffec223db7366757a7ea0c4935a987384ae2db34d01a56daff33596d8a216
3755a7aa0d0de84af855aa1c40df07487e5284d4b6ae635521d025e19569a0b2
3de1836391946bbf5d44233777f83e711edd91ed8000a14ef0c40117ae572792
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
41b2ce1f5b356e134ca3adc060d678b8667748fbd453532f8e384c8c68d4ee52
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43e48bdc3b4db9811ebd587bdb8961e386e4e2eccba785a280f3742817fc4002
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b518780343f2262e168bea5146d1ff30a6253191cc61b486657c76a58fb2bb
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47edf6477b8c6858c8545313d01a02b51323b350d7730cd0d795c853f46eacac
4939ee6bb95c1c1aba9f87c08331ccd7bb03e9875f3b8da0b2ea636c6cf098fa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba0bf3cc72c092f71ba2354264c679a807b1a32d7649b0df1abbd713748f604
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5590967e7b7bffd8f2b43a8d99e769d8891c4c1c18ff57911413fd38ed9d1126
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67863f8c0d2a44e6ef1950a6afd5692c67810c9dc835783d03910533d9b25d06
73f8a675eef311cdcaca0b7e0ea25f7dd251717dfa7919c39e7165343e9c969e
745aaba476bd50c28aaca191e90716c4ba3575d340fea73e68f91c6b7bb58a1c
818bd12c5beff720cd2eddda74148da0a0829e4ebb7343ee020a63db66183dae
85fb8c7fcf66557177f98b2423c911efde2a4dda9e7664dd12f1319ec3e09a73
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9755f865a781c3747f97024e8c2ce3de0da47740a7e3d19a0ceea84517665919
9bb30a7dad5e4506884d9f6979ed55ed5f946b1dbc4715fe349ac0bd0190a6d5
9c660616f3d1d8dc7cd5e3c3dc5c76bb5ed4ee7f7d51fbe3b3a94c1816a62876
9fedbfacde4078713327046502d5c91c93d201f9ca85ae82f9fffefb03028053
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a98ba996a95f01074d431b410e99aa9ba251b23cfd2199df0c8d812e8cedf93f
af327ab3724ec05c8774d4b098e729eb1fc2d88eb27d3e189ef75a40e9ddd2fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56ffb478915b0abddbc9382a08e004922d87a7e2cc5a10a58a4cd68ea881afe
b69673967c5bf9e1fe15835ed1a38f7c60c955e22baa7e90e42a15602cbbe309
b69e1d81a26d91c5469c657642e5c9104dd3e711692607dac7e90e849c33635a
b9ad1557c1ee2652bb81c1660e41687522151bb64973c56d22c5ff1547dab9f7
c115c0bf657a388e2706cce72017877d6d4ba2222632f2fe97d9d9b3ecad94d2
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cc687ae5b41062ae1a135faaa51bf45f06b9c2d380a6ec9618d028ae1fdea5f1
d1e8e61025089a7bd544b087f31e38f2086bc04e52bf642a2ae81ed45b286ad7
d98c06493c9a8cda14ebe7b891af80e73f0624c37a9ec7576ba79d23d5bc70a1
db62f271b0adbd6da616cdc71db2e4cd652a23e8c77314b40b7bf92952277d76
dcc7d675660bc18f8c63d3d0e2312dde1d93d00fb216e7134abc1f298a913129
e29e1a56f707264411b88b20fc500696a76a0f7525825452249ab22e7e686f49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb548d87d0d3af683cb1c47d66b237592a74caabab5112465bfa157a1dca5e62
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fd7ad538a187431a48bfe0f85a38aa7a1f866e880088a86fc32e29e3c9073f85
fd92dfa6c8754c9babab6ee60aac4fc75dcdb3472b8bae17939f4f67bde6018a