www.cifraclub.com.br Open in urlscan Pro
2a02:26f0:3500:f::1732:831d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cifraclub.com.br/oasis/st
Effective URL:
https://www.cifraclub.com.br/oasis/
Submission: On December 01 via api (December 1st 2023, 8:37:23 pm UTC) from US — Scanned from DE

Summary HTTP 384 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 78 IPs in 11 countries across 58 domains to perform 384 HTTP transactions. The main IP is 2a02:26f0:3500:f::1732:831d, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.cifraclub.com.br. The Cisco Umbrella rank of the primary domain is 844439.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time www.cifraclub.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 5	2a02:26f0:350... 2a02:26f0:3500:f::1732:831d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	2a02:26f0:350... 2a02:26f0:3500:f::1732:8318	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
71	2a02:26f0:350... 2a02:26f0:3500:f::1732:831f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	177.54.145.110 177.54.145.110	262287 (Latitude....) (Latitude.sh LTDA)
12	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	65.9.94.131 65.9.94.131	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.3 65.9.95.3	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.95.19 65.9.95.19	16509 (AMAZON-02) (AMAZON-02)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.95.9 65.9.95.9	16509 (AMAZON-02) (AMAZON-02)
2	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.255.67.121 34.255.67.121	16509 (AMAZON-02) (AMAZON-02)
5	177.54.145.109 177.54.145.109	262287 (Latitude....) (Latitude.sh LTDA)
11	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	65.9.95.59 65.9.95.59	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.93.173 65.9.93.173	16509 (AMAZON-02) (AMAZON-02)
2 11	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.149.50.64 34.149.50.64	15169 (GOOGLE) (GOOGLE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
9	89.149.192.64 89.149.192.64	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2a00:1450:400... 2a00:1450:400c:c0c::54	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a39e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
6	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	213.202.235.10 213.202.235.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
10 28	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:5079:1120:7dbf:7a0d	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a02:26f0:350... 2a02:26f0:3500:893::21cf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.210.223.89 52.210.223.89	16509 (AMAZON-02) (AMAZON-02)
2 2	52.57.12.239 52.57.12.239	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:ce00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2	35.157.253.10 35.157.253.10	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2	2600:9000:212... 2600:9000:2127:4000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4282:e85e:5275:34fe:1496	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:26f0:350... 2a02:26f0:3500:d::1732:83d6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.95.8 65.9.95.8	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	52.35.82.95 52.35.82.95	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
384	78

5 2a02:26f0:3500:f::1732:831d (Frankfurt am Main, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:f::1732:8318 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 2a02:26f0:3500:f::1732:831f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

akamai.sscdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 177.54.145.110 (São Paulo, Brazil) 2 redirects

ASN262287 (Latitude.sh LTDA, BR)

id.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.94.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-131.prg50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-3.prg50.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-19.prg50.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-9.prg50.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.67.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 177.54.145.109 (São Paulo, Brazil)

ASN262287 (Latitude.sh LTDA, BR)

master.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-59.prg50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 89.149.192.64 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:1b::1724:a39e (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.10 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.217.16.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:5079:1120:7dbf:7a0d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:3500:893::21cf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

client.bannerspace.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.223.89 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-223-89.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.12.239 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:ce00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.253.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:4000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4282:e85e:5275:34fe:1496 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-8.prg50.r.cloudfront.net

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.35.82.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-82-95.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	sscdn.co akamai.sscdn.co — Cisco Umbrella Rank: 155686	1 MB
54	googlesyndication.com 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	307 KB
51	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	366 KB
15	bannerspace.net client.bannerspace.net — Cisco Umbrella Rank: 83210	188 KB
15	cifraclub.com.br 8 redirects www.cifraclub.com.br — Cisco Umbrella Rank: 844439 id.cifraclub.com.br — Cisco Umbrella Rank: 303639 master.cifraclub.com.br — Cisco Umbrella Rank: 508412 api.cifraclub.com.br — Cisco Umbrella Rank: 569889	66 KB
14	google.com www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 23	82 KB
13	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 cdn.adnxs.com — Cisco Umbrella Rank: 1605 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028 acdn.adnxs.com — Cisco Umbrella Rank: 610	60 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	103 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	893 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	162 KB
11	youtube.com img.youtube.com — Cisco Umbrella Rank: 3789	43 KB
9	adform.net track.adform.net — Cisco Umbrella Rank: 4289 s1.adform.net — Cisco Umbrella Rank: 8194	97 KB
9	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1657	5 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 71029 d.tailtarget.com — Cisco Umbrella Rank: 77929 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227 b.t.tailtarget.com — Cisco Umbrella Rank: 60259 cm.t.tailtarget.com — Cisco Umbrella Rank: 17921 t.tailtarget.com — Cisco Umbrella Rank: 15832	38 KB
8	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 16633 tps.doubleverify.com — Cisco Umbrella Rank: 505 tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10082	127 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6765	927 B
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	72 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 60	24 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	75 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	71 KB
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 470	1 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	29 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image6.pubmatic.com — Cisco Umbrella Rank: 793 ads.pubmatic.com — Cisco Umbrella Rank: 544	6 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	18 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	28 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	176 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 491 rtb.openx.net — Cisco Umbrella Rank: 695	645 B
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550 gum.criteo.com — Cisco Umbrella Rank: 424	757 B
3	media.net prebid.media.net — Cisco Umbrella Rank: 1498 contextual.media.net — Cisco Umbrella Rank: 665 hblg.media.net — Cisco Umbrella Rank: 2037	10 KB
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 1935	373 B
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 97617 popups.rdstation.com.br — Cisco Umbrella Rank: 81128	870 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	946 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	908 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	820 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	11 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	385 B
1	vodafone.de vfd2dyn.vodafone.de — Cisco Umbrella Rank: 98641
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	573 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	36 KB
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1600	383 B
1	gstatic.com www.gstatic.com	13 KB
384	58

	Domain	Requested by
71	akamai.sscdn.co	www.cifraclub.com.br akamai.sscdn.co
35	pagead2.googlesyndication.com	www.cifraclub.com.br 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com
28	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
15	client.bannerspace.net	s0.2mdn.net client.bannerspace.net www.cifraclub.com.br
15	tpc.googlesyndication.com	www.cifraclub.com.br 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net
12	googleads.g.doubleclick.net	www.googletagmanager.com 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	www.googletagmanager.com	www.cifraclub.com.br www.googletagmanager.com tags.t.tailtarget.com
11	s0.2mdn.net	www.cifraclub.com.br s0.2mdn.net 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
11	img.youtube.com	www.cifraclub.com.br
11	www.google.com	www.cifraclub.com.br 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com tpc.googlesyndication.com
9	prg.smartadserver.com	akamai.sscdn.co
8	dt.adsafeprotected.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com www.cifraclub.com.br
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	2 redirects akamai.sscdn.co googleads.g.doubleclick.net acdn.adnxs.com
7	www.google.de	www.cifraclub.com.br
7	www.cifraclub.com.br	6 redirects
6	track.adform.net	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com s1.adform.net
6	securepubads.g.doubleclick.net	www.cifraclub.com.br securepubads.g.doubleclick.net www.googletagservices.com
5	www.bing.com	2 redirects www.cifraclub.com.br
5	master.cifraclub.com.br	akamai.sscdn.co
5	d335luupugsy2.cloudfront.net	www.cifraclub.com.br d335luupugsy2.cloudfront.net
4	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com www.cifraclub.com.br
4	cdnjs.cloudflare.com	s0.2mdn.net
4	fra1-ib.adnxs.com	akamai.sscdn.co www.cifraclub.com.br cdn.adnxs.com
4	www.googletagservices.com	securepubads.g.doubleclick.net 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
4	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	region1.google-analytics.com	www.googletagmanager.com
4	connect.facebook.net	www.cifraclub.com.br connect.facebook.net akamai.sscdn.co
3	s1.adform.net	track.adform.net s1.adform.net 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
3	ad.doubleclick.net	www.cifraclub.com.br 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
3	accounts.google.com	id.cifraclub.com.br accounts.google.com
3	c.amazon-adsystem.com	www.cifraclub.com.br c.amazon-adsystem.com
2	eus.rubiconproject.com	akamai.sscdn.co eus.rubiconproject.com
2	gum.criteo.com	akamai.sscdn.co
2	prod.tahoe-analytics.publishers.advertising.a2z.com	c.amazon-adsystem.com
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	b.t.tailtarget.com	d.tailtarget.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	tt-9964-3.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.cifraclub.com.br d.tailtarget.com
2	eb2.3lift.com	2 redirects
2	image6.pubmatic.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com ads.pubmatic.com
2	static.adsafeprotected.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.cifraclub.com.br
2	x.bidswitch.net	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
2	sync.1rx.io	2 redirects
2	ads.travelaudience.com	2 redirects
2	pm.w55c.net	2 redirects
2	fw.adsafeprotected.com	1 redirects www.cifraclub.com.br
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	www.facebook.com	www.cifraclub.com.br
2	cdn.jsdelivr.net	akamai.sscdn.co securepubads.g.doubleclick.net
2	geo.privacymanager.io	launchpad.privacymanager.io
2	sb.scorecardresearch.com	www.cifraclub.com.br
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id.cifraclub.com.br	2 redirects
1	tpsc-ew1.doubleverify.com	cdn.doubleverify.com
1	hblg.media.net	contextual.media.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	ads.pubmatic.com	akamai.sscdn.co
1	contextual.media.net	akamai.sscdn.co
1	acdn.adnxs.com	akamai.sscdn.co
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	tps.doubleverify.com	cdn.doubleverify.com
1	onetag-sys.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	vfd2dyn.vodafone.de	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	rtbc-ew1.doubleverify.com	cdn.doubleverify.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	rtb.openx.net	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	dis.criteo.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	m.exactag.com	6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
1	cdn.adnxs.com	akamai.sscdn.co
1	adsdk.microsoft.com	akamai.sscdn.co
1	api.cifraclub.com.br	akamai.sscdn.co
1	hbopenbid.pubmatic.com	akamai.sscdn.co
1	fastlane.rubiconproject.com	akamai.sscdn.co
1	prebid.media.net	akamai.sscdn.co
1	s.seedtag.com	akamai.sscdn.co
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.t.tailtarget.com	www.cifraclub.com.br
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	tags.crwdcntrl.net	www.cifraclub.com.br
1	launchpad-wrapper.privacymanager.io	www.cifraclub.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.gstatic.com	www.cifraclub.com.br
384	100

This site contains links to these domains. Also see Links.

Domain
forum.cifraclub.com.br
www.formesuabanda.com.br
play.google.com
itunes.apple.com
www.microsoft.com
www.facebook.com
twitter.com
www.letras.mus.br
www.palcomp3.com.br
id.cifraclub.com.br
www.youtube.com
suporte.cifraclub.com.br
www.studiosol.com.br
apps.microsoft.com
www.instagram.com
www.tiktok.com
www.palcomp3.com
www.cifraclub.com
www.wechords.com

Subject Issuer	Validity	Valid
www.cifraclub.com.br R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-10` - `2023-12-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.sscdn.co R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
werelddeal.klm.com Sectigo RSA Organization Validation Secure Server CA	`2023-01-12` - `2024-01-12`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
dyn.vodafone.de Amazon RSA 2048 M03	`2023-11-13` - `2024-12-11`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-08-31` - `2024-06-04`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
popups.rdstation.com.br R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.cifraclub.com.br/oasis/
Frame ID: 0CAD6C2781C3C84CCD5D19CACA308802
Requests: 192 HTTP requests in this frame

Frame: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 244B053BF9A9D047F9F1ECB175C52BDC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn84HdlGREDICtZi9mxe9gYUQml9X9SVbEonCFh29IvTuOyETPO3w7o5Fk0CX5zKHAeQF0N6RKbpCmdBSTZib5gU3IZ18EbUiokSp1InAUhStDfC1mOwq_LeH7dXZ5kWiKOUivFlaaOQXQ5RI8fTVZs_CQFTK65rnh0Ys2LCNQZ_atxLoZAu1Q8byMbVbiXRllJuEvZebS21EBFIo5igVadNUiU5MpnG5a9a-hyZE6zsKN7SCN3i10T1fopSYJAEkFcWMaIoVp_DyaZFsVydk6wvxgtbD4QI2-awhxwjwjirzsyhpP_CCJ7Ez2CiVWA5ss4B-3O-9UBv73P-G-9xaknk4Tko962KitgYLe1jdFt1hZcTCcMaPyR6F1gNMSXyPE8LY&sai=AMfl-YQR9OKw-9Q4_pHxr_G4-o6InRHUyIMqsQyNJ9eN0aLU76IwzHghHN1PIKdiBXkeF6Oho2e-_XlBa71oc9boFl5ANetLcpyKvhcp1RhWpK62AJgHj750fDwQfvku16uBis16xFw2CMNmmA&sig=Cg0ArKJSzJxJRr5gxZX3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 58CCC1CE0E35737B556EAD7CCAB2043E
Requests: 15 HTTP requests in this frame

Frame: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 302382E73973BA44164515D17574D41B
Requests: 14 HTTP requests in this frame

Frame: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2C2EBFB492CA6386157A3D82B72A031C
Requests: 30 HTTP requests in this frame

Frame: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 118A3DD0F00669FFD02EBA99AA4C0A73
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Y8JnUrwEwAQ&v=APEucNUI_oMrfOYJT64HQbl9XSv8bzuNX6K5cfWWaj00zOzJyWAzQQdudvZERye5NabK_X_9Nebybpzjelz-KbcMWFWMDff3vENOzDoxrmevDOdmCDWecoaATXhekkjaxtyEMEZHFZabdMEzbYWDMIbwCgU2Fz_JXvCnFP9lPhXGiyg5S4w6Fio
Frame ID: 6605AD134B655CB9AB622FDCD1A0BEF9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 564A746FFA0DFF8BFAC2FCE95B9C0117
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU
Frame ID: 6DCFFFA81F211BA069CC4F047A65A0D1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY3M6TgAIwAQ&v=APEucNXpAPbSRexPitoRcpDccPiC_alk9c7eZNcGROFHQIgAbABEwlk753NyzVktQC9Yc96tJr_l7fLgRJEvVlwUiVIR2RPJM5uPNI2OtQOnQWF_ydfJefPZYJfEfOODffoCFqh2fJqW3-yAMDYnT_BvRaCm_Za59GpI6yVt_CoThWmydF6eu9A
Frame ID: 64BFBE6914B7B9B80B27644BF14B02CC
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250
Frame ID: 9FEBC729D2A1257B8DD6B10D67C0D505
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 56C53D8719A2995B886AC7EBF76680BF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AAB2CB971A1B9049F45D0989AEB7D3D0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1B67E212316222C38B9975D50B6B96EC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
Frame ID: 9A3BA043DA1CE82D5360D57A8AFC1AD9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2AD4F2AC84A73714966E604BE1EFFC4A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 70D11CBB704378CE82C85025CF4FD8C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5017.js
Frame ID: D18108D5ED79953176FBC2C0CCE87A72
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B20416241C97AB6E0AE1B57D8BD8A09E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E6E6DF0DBB5785FA976FC551FD14F7A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA2883DBB975BC60C9F79CFEAA914709
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BE67D7E64B1E87869CAE0E8C660E3630
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 69243A9B2F16AE89A3C6E1E3123EA7E1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Frame ID: 328256CBECC9A9ABA53941086C23EDA4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C27E819EF93B0784F2861B80535F2736
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oasis | Cifra Club

Page URL History Show full URLs

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

384
Requests

92 %
HTTPS

41 %
IPv6

58
Domains

100
Subdomains

78
IPs

11
Countries

4694 kB
Transfer

13241 kB
Size

67
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://forum.cifraclub.com.br/
Title: Fórum Cifra Club

Search URL Search Domain Scan URL

URL: http://www.formesuabanda.com.br/
Title: Forme Sua Banda

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.cifraclub
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/cifra-club/id921625944
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club/9wzdncrfj18m
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.afinadorlite
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/afinador-cifra-club/id480625281?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club-tuner/9wzdncrfj17z
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.metronomo
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/metronomo-cifra-club/id569883867?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&t=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&related=cifraclub&text=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/contribuicoes/enviar_letra/
Title: letra

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/
Title: Ouvir no

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/lambertos/
Title: Rock Lambertos

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/rocknupelo/
Title: Rock Rock nu Pêlo

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/omarcosalmeida/
Title: Rock Marcos Almeida

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/selvagensaprocuradelei/
Title: Rock Selvagens à Procura de Lei

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/iburiedmydreams/
Title: Rock I Buried My Dreams

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/tianastaciaoficial/
Title: Rock Tianastácia

Search URL Search Domain Scan URL

URL: https://id.cifraclub.com.br/cadastro/
Title: Crie sua conta grátis

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpypU2XLYmOsf36xgcgrW3w/join
Title: YouTube Membros

Search URL Search Domain Scan URL

URL: https://suporte.cifraclub.com.br/support/home
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/cifraclub?lang=pt
Title: Anuncie no Cifra Club

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/developer/studio-sol-comunicacao-digital-ltda/id480625284
Title: Aplicativos - App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=5223058821229460338&hl=pt_BR
Title: Aplicativos - Google Play

Search URL Search Domain Scan URL

URL: https://apps.microsoft.com/search/publisher?name=Studio+Sol+Comunica%C3%A7%C3%A3o+Digital+Ltda+Epp&hl=pt-br&gl=BR
Title: Aplicativos - Microsoft Store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/cifraclub
Title: Siga-nos: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cifraclub/
Title: Siga-nos: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cifraclub/
Title: Siga-nos: Facebook

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cifraclub
Title: Siga-nos: TikTok

Search URL Search Domain Scan URL

URL: https://twitter.com/cifraclub
Title: Siga-nos: Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/
Title: Letras

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com/
Title: Palco MP3

Search URL Search Domain Scan URL

URL: https://www.cifraclub.com/oasis/
Title: Ver em Español

Search URL Search Domain Scan URL

URL: https://www.wechords.com/oasis/
Title: Ver em Inglês

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/?lang=pt
Title: Studio Sol

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://id.cifraclub.com.br/id/v2/client.latest.css HTTP 302
https://akamai.sscdn.co/id/v2/3d130.client.css

Request Chain 49

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js HTTP 302
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

Request Chain 157

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2be29b17-4dd0-4049-92fd-5d66ee36f3db&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=61f3d11c-0941-4d61-8416-1047f019ae77&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dd3f3d4ea63b342989da4ed9cc67f4dae%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=13894058&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_yv_ubyqbhg&aid=9184317870406394230 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d3f3d4ea63b342989da4ed9cc67f4dae&SNR=1&GV=2&med=10

Request Chain 194

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

Request Chain 195

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWpD-LVFMRxdxFb86GfFjQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

Request Chain 196

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

Request Chain 197

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

Request Chain 200

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmTgojlwX-hzYG4Q0WYIqbprnR2ovmAB5kKW4qUulqY40N47dItWAOS7dP29VW7zN-a6lU7rYwzdH_pmnCU650phG88NuMqA4bY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_push=AXcoOmTgojlwX-hzYG4Q0WYIqbprnR2ovmAB5kKW4qUulqY40N47dItWAOS7dP29VW7zN-a6lU7rYwzdH_pmnCU650phG88NuMqA4bY

Request Chain 201

https://um.simpli.fi/gp_match?google_gid=CAESEFh12H2cjyiRURc3lOZw6Gw&google_cver=1&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-KqyDInKkn2EJFzPwU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=18A95B10B13B41B283DF22B822BBB819&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-KqyDInKkn2EJFzPwU

Request Chain 202

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENt5hSfMrSCFVpuw4LI1HQk&google_cver=1&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5xi6ARWjnO8_mB2f-q4PBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5xi6ARWjnO8_mB2f-q4PBQ&google_hm=-y3uRYDrQgeDLHIhdXVyck0

Request Chain 203

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKmu6uhG2gPVeoenuYGCdM0&google_cver=1&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKENXummlWI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKENXummlWI&google_hm=eS1JbHJYU3hkRTJwRlFXVDdMSGZyV01TNGhteEt6M3VMX35B

Request Chain 204

https://d5p.de17a.com/cookies/google?google_gid=CAESEHguYP_1kKoD9l7S-axd-yU&google_cver=1&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHguYP_1kKoD9l7S-axd-yU&google_cver=1&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGjT-6_dbFMU1YMy-tJuVSA&google_cver=1

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEB_VYmZOjADzsp6GhYBk_bI&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

Request Chain 214

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWpD-LVFMRxdxFb86GfFjQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

Request Chain 216

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

Request Chain 248

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE96BTOwi1HWLOQlNNad1lpJW5nt6iLigclUfzcoaYQJEJ1JV4JIfY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE96BTOwi1HWLOQlNNad1lpJW5nt6iLigclUfzcoaYQJEJ1JV4JIfY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHRra0xPSlQxUjlhZ2M1&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE96BTOwi1HWLOQlNNad1lpJW5nt6iLigclUfzcoaYQJEJ1JV4JIfY

Request Chain 249

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmQFs29S2U6nrZqnwDaqn9zeRAVWNxNoJxNZWj3VSetWyK2od6Fi38ncnvyyEE473SCLOLZevrvPmRT7ODT0Mz3J57mPioE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldwRC1BQUR2alFkVFFBTQ==&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmQFs29S2U6nrZqnwDaqn9zeRAVWNxNoJxNZWj3VSetWyK2od6Fi38ncnvyyEE473SCLOLZevrvPmRT7ODT0Mz3J57mPioE

Request Chain 250

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF36geKpv5Cj_pIFh-OPh3M&google_cver=1&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJmct3-1kwPM0I HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJmct3-1kwPM0I

Request Chain 253

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIbHH7egWhsA1ANblpM8GTk&google_cver=1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1701463037040 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-49887da4-c07d-4568-a409-5b3825a60202-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs%26google_hm%3DA0mIfaTAfUVopAlbOCWmAgI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&google_hm=A0mIfaTAfUVopAlbOCWmAgI

Request Chain 287

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5289793328419085&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.cifraclub.com.br/oasis/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jnXq6aHoqJYRn7ZFIIaHXA&adContainerId=brand_safety__ENqZa_AM86F9u8P5cuiCA&cbFunctionName=goog_wrapCb__ENqZa_AM86F9u8P5cuiCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.cifraclub.com.br&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.cifraclub.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39,c:vAe90M,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-zdpzt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:6ab1083d-9089-11ee-ae18-365e11811370,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__ENqZa_AM86F9u8P5cuiCA&cbFunctionName=goog_wrapCb__ENqZa_AM86F9u8P5cuiCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 307

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1&google_push=AXcoOmRPYkyOkrgiVt7FztDDOPC5Coh07kktBwMPaPd41vuNijLSq1IAIUbY_JL6reyHMwxuoEY9mAp15U8GgbQgetNsC-zs0xbU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY1OTU2OTAyNDMxODU0MTkwMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1

Request Chain 308

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENt5hSfMrSCFVpuw4LI1HQk&google_cver=1&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn8npHAQIwSLYTAtFGA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn8npHAQIwSLYTAtFGA&google_hm=-y3uRYDrQgeDLHIhdXVyck0

Request Chain 309

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF36geKpv5Cj_pIFh-OPh3M&google_cver=1&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bSnUwWFaNiffx2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bSnUwWFaNiffx2

Request Chain 312

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM1AeqyKIxE_e6kh5Ka-oYo&google_cver=1&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptppY4oHQV3z--nmyny HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptppY4oHQV3z--nmyny

Request Chain 313

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEwoGEKgKGshpGSlp_IWEJ8&google_cver=1&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv&google_gid=CAESEEwoGEKgKGshpGSlp_IWEJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI2MTMyNzE1MjU3NDc0ODk5NTg5&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv

Request Chain 319

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2be29b17-4dd0-4049-92fd-5d66ee36f3db&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=61f3d11c-0941-4d61-8416-1047f019ae77&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Dd3f3d4ea63b342989da4ed9cc67f4dae%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=13894058&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_yv_ubyqbhg&aid=9184317870406394230 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d3f3d4ea63b342989da4ed9cc67f4dae&tids=15000&med=10

Request Chain 363

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAmVAawdymKFVDFhK33Q4wk&google_cver=1&google_ula=862479430,0

384 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.cifraclub.com.br/oasis/
Redirect Chain

https://www.cifraclub.com.br/oasis/st
http://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/letra/
https://www.cifraclub.com.br/oasis
http://www.cifraclub.com.br/oasis/
https://www.cifraclub.com.br/oasis/

1 MB
63 KB

276ms
276ms

Document
text/html

2a02:26f0:3500:f::1732:831d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PHP/5.6.37
Resource Hash: afe20f6d5dc86b16a72c78f4afc9fd2370f6449fb66b6654563662f54c663788

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control: no-transform, max-age=23335
content-encoding: gzip
content-length: 64261
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:37:14 GMT
quic-version: 0x00000001
server: nginx
vary: Accept-Encoding, X-Site-Version
x-debug-nocache: 0
x-powered-by: PHP/5.6.37
x-site-version: desktop

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 01 Dec 2023 20:37:13 GMT
Location: https://www.cifraclub.com.br/oasis/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding, X-Site-Version
X-Site-Version: desktop

GET
H2 200 opensans-light.woff2
akamai.sscdn.co/cc/font/opensans/ 18 KB
18 KB 311ms
163ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/opensans/opensans-light.woff2
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Thu, 30 Nov 2023 13:28:37 GMT
server: nginx
etag: "65688e05-4828"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18472
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 d8e28.desktop.css
akamai.sscdn.co/cc/css/ 435 KB
76 KB 229ms
114ms Stylesheet
text/css 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 20:44:24 GMT
server: nginx
etag: W/"655e6828-6cb5c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 77514
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2

200

3d130.client.css
akamai.sscdn.co/id/v2/
Redirect Chain

https://id.cifraclub.com.br/id/v2/client.latest.css
https://akamai.sscdn.co/id/v2/3d130.client.css

16 KB
4 KB

172ms
172ms

Stylesheet
text/css

2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3749
expires: Sat, 30 Nov 2024 20:37:15 GMT

Redirect headers

location: https://akamai.sscdn.co/id/v2/3d130.client.css
date: Fri, 01 Dec 2023 20:37:14 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Fri, 01 Dec 2023 20:42:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 43ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b36692831e3d32fb5d3a366d7e4d8be604da6ba68f95a4ffe389a36f7d7fba7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 106ms
81ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b345f07f1d5170978ba2b7a32db361440ebe198ff5a8f42e55992c286f8c78e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30021
x-xss-protection: 0
server: cafe
etag: 872 / 19692 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 01c04.ads-manager.js Show response
akamai.sscdn.co/cc/js/ 6 KB
2 KB 250ms
153ms Script
application/x-javascript 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Tue, 19 Sep 2023 15:16:22 GMT
server: nginx
etag: W/"6509bb46-16d9"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1524
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 a33fbef6b99933fd4c7f4bf75eeee65a.jpg
akamai.sscdn.co/letras/150x150/fotos/a/3/3/f/ 3 KB
3 KB 1117ms
1002ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/150x150/fotos/a/3/3/f/a33fbef6b99933fd4c7f4bf75eeee65a.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6d9ed6a3ccbc0872ede26d0a61a935b5c0e7ec7de45cf7f66599ebebfb9faa39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3206
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 76ms
24ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:20:25 GMT
content-encoding: gzip
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront), 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 1010
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: kGKHCya8F08uTo0Te3B9LIwlS6kiK1STKfxLnCFN_RQh2EFnP8G1lg==

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/7.9.1/ 44 KB
13 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13255
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 21:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 17:12:24 GMT

GET
H2 200 e99f36428d9be616c7caa5bb66e7711c.jpg
akamai.sscdn.co/letras/162x162/fotos/e/9/9/f/ 6 KB
6 KB 245ms
170ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/e/9/9/f/e99f36428d9be616c7caa5bb66e7711c.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 641add6c942a307b08d3a46a521f67ceb594e19b72083f9dcd7855cea72dbacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5846
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 76a4c374014a6a5a61f3ca42bc644218.jpg
akamai.sscdn.co/letras/162x162/fotos/7/6/a/4/ 7 KB
7 KB 330ms
255ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/7/6/a/4/76a4c374014a6a5a61f3ca42bc644218.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 67ed678663f66de05ecc0cdcaf88f40f1ec588b9b345ce0ab23658ee90552353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6824
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 6f04f95d5e14ee45608365af0bd50967.jpg
akamai.sscdn.co/letras/162x162/fotos/6/f/0/4/ 4 KB
4 KB 1188ms
1182ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/6/f/0/4/6f04f95d5e14ee45608365af0bd50967.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 71ba7a9cbbe08f6b7afa15c89a02236d75e9b984cc8b0bc916f5f115d08daa6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4242
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 b4506de4afd7f665e8e8c17e93fae1f2.jpg
akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/ 2 KB
2 KB 183ms
177ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/b4506de4afd7f665e8e8c17e93fae1f2.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2154
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 d31e40f85f7e42c285357f6a67d67c5d.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/ 21 KB
22 KB 176ms
174ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/d31e40f85f7e42c285357f6a67d67c5d.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5fad1ff70aeb989c3e52557b2e4e1ef65bf4fc2f72b5f8f754a78a86d3e266bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 21894
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 931bc76a2bda4bbebfeb44349f862fa0.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/ 12 KB
12 KB 287ms
286ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/931bc76a2bda4bbebfeb44349f862fa0.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f35ae18fabbdf41c3b9f815cae3040a3d0d39d3aefc987e57c518a69bf2c763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 12002
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 d9ae6003f587475d86ed91c448848e26.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/ 5 KB
5 KB 254ms
252ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/d9ae6003f587475d86ed91c448848e26.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ef20e2b1b67a92e3fcaaa7ab4d4213916f3c656f5e04cd4c5126530a51101dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4826
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 eb17edcf634f4519829972ff799394d8.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/ 5 KB
6 KB 288ms
286ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/eb17edcf634f4519829972ff799394d8.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 89047ce19766d6b949b6fdd214a88910043b8c3bcfb75409398c80355c0a07cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5424
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 27270a170e014c9fa1d09ccaa8f96873.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/4/3/4/3/ 6 KB
6 KB 254ms
252ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/4/3/4/3/27270a170e014c9fa1d09ccaa8f96873.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 21904511b5b3fb054732fff430b2263d1c2f788cd4dd8091ba0fd6e90293b976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6150
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 46397_20130919234238.jpg
akamai.sscdn.co/tb/117x117/palcomp3-logo/e/5/8/0/ 3 KB
3 KB 398ms
396ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/117x117/palcomp3-logo/e/5/8/0/46397_20130919234238.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: defed337b792120ede970307e508aac299c5bacfc7926301e62ba9a3d15791ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3128
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 avatar.svg
akamai.sscdn.co/cc/img/desktop/ 2 KB
1 KB 254ms
252ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/avatar.svg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: W/"65148952-84c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 740
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4ftq1u965u4.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/ 2 KB
2 KB 255ms
253ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/4ftq1u965u4.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8651e0c1bf7605670249f0eef475c5b06b5c8502e6514199243c4efa5362f303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1946
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 47pvu5sthcc.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/ 2 KB
2 KB 128ms
127ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/47pvu5sthcc.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e27ddabf1110e52de7532d90dff1ee3c907ac5fe0fb62e91fb0e529663b65d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1544
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4k7gsnlso7q.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/ 2 KB
3 KB 221ms
219ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/4k7gsnlso7q.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4631555c380a404618ad15cb54ef8f57f2e4154f9ed0870b24a8ea3cb9da9306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2286
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4mnupmwyqnu.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/ 2 KB
2 KB 430ms
428ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/4mnupmwyqnu.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e14eeb1168a0bb4bdf3f492c04c15b2840145837ac02e0924ca4f69c9d85bc9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2196
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 45wz4kuf6up.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/ 1 KB
2 KB 311ms
310ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/45wz4kuf6up.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e0458fd009dd5bcee8601b7501b2ea91f28b52ee871d0f12dde6445ea5bdc57f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1376
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4l9n5imnkbt.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/ 1 KB
1 KB 255ms
254ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/4l9n5imnkbt.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8bef23f2733c67f6ad7dddc09e98d1dd22cc1061d9c1abd06005dc395b234639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1224
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4nf6khyjqc5.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/ 426 B
731 B 369ms
367ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/4nf6khyjqc5.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d6d1bea9920a3618255a4519e243872fad8d7da694dc10de6643657c6ad2762b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 426
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 47m43quqgy9.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/0/ 1 KB
1 KB 256ms
255ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/0/47m43quqgy9.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a8ec169659348d3c50e83f52b2beaf11840eada799ddfdfbfd48b271f7aaf6cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1066
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4jlzkqv8uyp.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/1/3/ 220 B
524 B 470ms
468ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/1/3/4jlzkqv8uyp.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 612e9af16924fa1127337dae91c12750c79ec1236b7c1c468e3674a7ae78987f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 220
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 4jf6swxeneq.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/7/ 524 B
829 B 176ms
175ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/7/4jf6swxeneq.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 11bd2be781da9338d62d2476d2d139493990d8107499ee9349c81cc0b3fc1ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 524
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 violao_iniciante-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 17 KB
17 KB 202ms
200ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao_iniciante-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50ce2be0ffe94eca5f65edb8b0f1f3a04499019161c18edf46830659aeffedfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17416
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 violao-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 18 KB
18 KB 128ms
127ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 298385c1b17e35a9710475ac7cbd3781346fde0bb4708503d71f309dbdb7f671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18372
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 viola%CC%83o_sertanejo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 169ms
167ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/viola%CC%83o_sertanejo-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5690063093152714ffa5e91e793f6ccc94ae646f174d66325170a9c71c23eb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7284
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 dinhoatual-1689593496.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 10 KB
10 KB 545ms
544ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/dinhoatual-1689593496.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d91220b5dbc70676ea9e1941e4b7d086e4dbcbb73b6e8a1f9690fe9d6296826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10388
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 fofaocurso-1696446624.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 7 KB
8 KB 257ms
256ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/fofaocurso-1696446624.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a7e2292263fc51c97c3f1c27a5eee48a4c7e5557eccd275d9fcd70fbac0e95c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7624
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 lives-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 5 KB
5 KB 169ms
167ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/lives-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 316e1d3d2b14ebcc1e14fc70e7865e2045dc714fdbad9c15838258b465d0d2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4898
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 canto-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 257ms
256ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/canto-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c6a5fe2631c931fd394de29d377c21dde3a1de0e6add6b01dd722cb2383f259c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8794
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 8 KB
8 KB 177ms
176ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: feeed033dfbd5a9ae01be265feb0e2f5eb6357ac0e881418a69f60754a5c7922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8156
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 teclado-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 169ms
168ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teclado-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b76f37462c263693297294981992679b1dac456a0d22f4438e435b2245306c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7090
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 ukulele-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 221ms
220ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ukulele-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cc35098d44e047ccd575fc6c6f9b9a4a9fca64151c814da1ffe7086f0d11d51b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9728
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 bateria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 311ms
310ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/bateria-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 059fde446eca56b850d84915e85920731578dbfa93979ca10ddca0c20d945075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7350
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 contrabaixo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
10 KB 287ms
286ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/contrabaixo-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2724b477d4c039551d1f08a034f4af573dec4d89bd52a6a72a16220160106a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9690
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 fingerstyle-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 14 KB
15 KB 169ms
168ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/fingerstyle-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c6479c6ced6e99a04dc6faccbf7b63ce22f12d2a6a08152c9de6cd9bbb1e620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 14814
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 teoria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 369ms
368ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teoria-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6047c33c918d59db473a295012ce74658d40357389f06e8435e6ca5f25661ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6110
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 partitura-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 312ms
311ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/partitura-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2b851b972fa32357c957e2e5aee300afe8d42c813d86f806125bf4286261a786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6306
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 harmonia-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 202ms
201ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/harmonia-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b63a4cb2301f3ecdcdd3d12a5a008ba755cb72047e8483388a22a73ca43dcdee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9912
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 guitarra-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 202ms
201ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e4c844ae615e35fff816a007964fed049286ab71d246ab7af3ab2af781d0342a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9404
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 guitarra_blues-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 312ms
311ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra_blues-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f29d719b1c1083432ad2f4deb233f8b7ac42ebc70bdb158d600e92ae6a978a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10202
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 instrutores.png
akamai.sscdn.co/cc/img/pro/ 14 KB
14 KB 183ms
182ms Image
image/png 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/pro/instrutores.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 1
date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: "652d4f06-3832"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 14386
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2

200

client.7da0f.js Show response
akamai.sscdn.co/id/v2/pt-br/
Redirect Chain

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

219 KB
62 KB

139ms
138ms

Script
application/javascript

2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7620fb859f2d4043d22636886cf9cab799f2a7c7e764febf3c9231eb3d469f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
server: nginx
etag: W/"4bfaea6920b112f07e34c1f4a9713c3a"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62601
expires: Sat, 30 Nov 2024 20:37:15 GMT

Redirect headers

location: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
date: Fri, 01 Dec 2023 20:37:14 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Fri, 01 Dec 2023 20:42:14 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 44ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2589ca4da9f866decc402295708f0a2427672154eb82eb767c5dc7404e19488b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:14 GMT
content-md5: 2aXrvNj6/gdMGZ9bYZbdMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: 4Ab0cpXdS5Grm+XVw7ZWguD95ycifdt1SHw8TNqPhj2dfjpQOIVZ+FqUb2edXhebg/yRRgdM0rk0mSPdNPMZ0Q==
x-fb-content-md5: 108bd0b2342c41ff86d071699211576b
cross-origin-opener-policy: same-origin-allow-popups
etag: "a4b8fb1502e6e3cbe3d5f57f44df608d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:40:53 GMT

GET
H2 200 pt.js Show response
akamai.sscdn.co/cc/js/9bf7d.desktop/ 8 KB
3 KB 263ms
263ms Script
application/x-javascript 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/9bf7d.desktop/pt.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 20:00:32 GMT
server: nginx
etag: W/"651489e0-1f37"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2508
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 a970a.desktop.js Show response
akamai.sscdn.co/cc/js/ 554 KB
149 KB 103ms
103ms Script
application/x-javascript 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31a7f6b125985fcebc86273eccd7b8a9347cf5f40ff32365ee3e6c9aa7e640a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: gzip
content-length: 152549
x-debug-nocache: 0
last-modified: Thu, 23 Nov 2023 18:47:02 GMT
server: nginx
etag: W/"655f9e26-8a769"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 964ms
901ms Script
application/javascript 65.9.94.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-131.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: oMbmV.0AF2GkkIfSAvohn0U.ljGYNNCf
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 20:37:16 GMT
last-modified: Tue, 03 Oct 2023 18:45:17 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
etag: W/"32d5cf5159a5742b9a45b5a348a320c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: NiLjHj6eA123JQ5V02mklmqEBPjXPNY02AnUZRx_DOsRYpXDlJMAsQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36159
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:34:35 GMT

GET
H2 200 ed469278-746b-4198-921b-c75d368907cc Show response
config.aps.amazon-adsystem.com/configs/ 537 B
814 B 125ms
51ms Script
application/javascript 65.9.95.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-3.prg50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:50:32 GMT
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
age: 2802
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: HMFvaQ3FaE_vyrlFQGNdUi-wHjXqdYMdtdj5ZZEjxqXIcPuFAYu1iA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 39ms
37ms XHR
application/json 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br&pubid=ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: 7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:45:40 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
age: 13893
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1399
x-amz-cf-id: w03U8lkiA0T4boa2vHjsGKtEwreucY91bG807gtAGS8g9Z8_ELM_IQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 72ms
26ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 09:16:20 GMT
x-amz-cf-pop: PRG50-C1
age: 40855
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: e7NE0ya-yF0WuP58DWPEj8jv2qzK_OCrErwyOZ3MiOPSfiE1BeyLCQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

569720322a5c9920d78e67230b2edc7b4f10dc5d0ffd8a851f55b9987afc5550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90861
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 19:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2856
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 21:49:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

941c7ca058540cec729fef1e81d1f383eedd792b0c0e51c1e9a58eea36f12f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68950
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f54844d7f13bebf2ddd935d0f9410342ddc5a197d23e04a1866e855bd312e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74491
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ae54e7a18a566585463e0c02bb3a8951a96c4fe09b17a4df5dc82c1488e6a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72458
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3bad0648be31036288f59e321bce1f07

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22ba388f87f7c0a90d3b1c3af4c311555b59acb370b4e2b1d298d23dd876067b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:14 GMT
content-md5: yqfCfp4yCLycb1CRufDocw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86868
reporting-endpoints
x-fb-debug: PpA50T4WbAYjeR82tIKAGj7NghEC08piOuJxDLSbpyNG88XLwyznWDYcp6JDOp5umFlt/hNW2ob2hS3zsx9mmw==
x-fb-content-md5: b20298117427ffa25a1527b11bce76f3
cross-origin-opener-policy: same-origin-allow-popups
etag: "d5c17879d916a7825afd46d7ccfe3f64"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 19:01:54 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/ 2 KB
2 KB 84ms
23ms Script
text/javascript 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 4a67YMV30TlyhjL1nN4.FrVHRkaqurdi
content-encoding: gzip
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 09:53:26 GMT
x-amz-cf-pop: PRG50-C1
age: 42461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 15:22:12 GMT
server: AmazonS3
etag: W/"40a2e6e75dc550891802657b9b2dda35"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: zE1V33vZBUDPnls5bKAeqw-4TPVfnv4j9xgR_yn5ouXv4fh-hKcjXw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 81ms
21ms Script
text/javascript 65.9.95.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-19.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 06:08:59 GMT
content-encoding: gzip
via: 1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 52104
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: bFjVbhA76XykqBmiw6BkHIRb2Nn09wS-mVvrT8XmObmBAT6FyA_ygQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 41ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701463034293&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954502170.1701463035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701463034&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6944
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logos.svg
akamai.sscdn.co/cc/img/desktop/ 69 KB
22 KB 179ms
179ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logos.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Fri, 03 Nov 2023 15:55:25 GMT
server: nginx
etag: W/"654517ed-11499"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 22510
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 roboto-regular.woff2
akamai.sscdn.co/cc/font/ 19 KB
19 KB 231ms
231ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Tue, 19 Sep 2023 15:12:51 GMT
server: nginx
etag: "6509ba73-4b88"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19336
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 sprite.svg
akamai.sscdn.co/cc/img/desktop/ 118 KB
38 KB 176ms
176ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 38382
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 roboto-bold.woff2
akamai.sscdn.co/cc/font/ 19 KB
20 KB 147ms
147ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Wed, 20 Sep 2023 12:53:49 GMT
server: nginx
etag: "650aeb5d-4cdc"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19676
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 Montserrat-Bold.woff
akamai.sscdn.co/cc/font/ 85 KB
85 KB 303ms
302ms Font
application/font-woff 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Bold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15384"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86916
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 sprite.svg
akamai.sscdn.co/cc/img/desktop// 118 KB
38 KB 115ms
113ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 38382
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 verified.svg
akamai.sscdn.co/cc/img/desktop// 1 KB
859 B 178ms
175ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//verified.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-41d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 490
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 icn.svg
akamai.sscdn.co/cc/img/desktop/ 54 KB
18 KB 260ms
258ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/icn.svg?v=3
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Tue, 19 Sep 2023 15:12:51 GMT
server: nginx
etag: W/"6509ba73-d69f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17823
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 Montserrat-Regular.woff2
akamai.sscdn.co/cc/font/ 61 KB
62 KB 187ms
186ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-f52c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62764
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 Montserrat-ExtraBold.3b1849a0.woff2
akamai.sscdn.co/gcs/cifraclub-static/ 68 KB
68 KB 187ms
187ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/cifraclub-static/Montserrat-ExtraBold.3b1849a0.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Mon, 30 Oct 2023 15:11:20 GMT
server: nginx
etag: "653fc798-10e70"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 69232
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 Montserrat-SemiBold.woff
akamai.sscdn.co/cc/font/ 84 KB
85 KB 186ms
186ms Font
application/font-woff 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-SemiBold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15090"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86160
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 133 KB
51 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P6C6QNR&t=gtag_UA_446764_81&cid=1954502170.1701463035

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77c1f1106b1dac12de091eda7ff3e639de51bc86219f484c13e9dab13e1c99e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
1 KB 156ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1701463034589&cv=11&fst=1701463034589&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

031aba446f0d34b8d6e7c63309c34d56588979552d02dd892ed36bb7eb904a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
2 KB 144ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1701463034603&cv=11&fst=1701463034603&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc4f26b2664c37cb6f507892481ac59a60e726eca7082f574eea3c5d7bdaa413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a36be01554363c285eca63dbd0e98a4dbac109fb974a4d82fc008e0c0c06c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81215
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 20:37:14 GMT

GET
H2 200 logo_palco.svg
akamai.sscdn.co/cc/img/desktop/ 5 KB
3 KB 209ms
208ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logo_palco.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Wed, 23 Aug 2023 19:18:23 GMT
server: nginx
etag: W/"64e65b7f-15fb"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2212
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 984a4.headerbidding.js Show response
akamai.sscdn.co/cc/js/ 361 KB
96 KB 181ms
181ms Script
application/x-javascript 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 16:17:11 GMT
server: nginx
etag: W/"65579207-5a36b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 97609
expires: Sat, 30 Nov 2024 20:37:14 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
26 KB 91ms
27ms Script
application/x-javascript 65.9.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-9.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: RqxhuEqCNd1s7.WeOk9hr4eUawsbzlx2
content-encoding: br
via: 1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 20:24:58 GMT
last-modified: Thu, 30 Nov 2023 15:24:46 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 742
x-amz-server-side-encryption: AES256
etag: W/"2c168941d7d5456860d15b9fc8c8d4e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: RlHFMPKtJvXQ9y8PxxWgt5HHTal76yA9EdtDPTYc5WlZwTjJnIXKzQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 73ms
22ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:29:49 GMT
content-encoding: gzip
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 40123
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: lBPs0JoflP9XpSdERZQfwadaA3KCnBS_cDovQ6jN6LaU7XYho16FFg==

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 65ms
8ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:42:11 GMT
content-encoding: gzip
via: 1.1 google
age: 3303
x-guploader-uploadid: ABPtcPqAyPTk7NFHvprm5swsdrTSwXHL2-mndLvRvJ_KvSeuFn2EjXrVrt_6JQ1OQmStmi0WedA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21234
last-modified: Wed, 13 Sep 2023 13:22:21 GMT
server: nginx/1.8.1
etag: "13721cc7c233ffe3299c16c1f82c8394"
vary: Accept-Encoding
x-goog-generation: 1694611341874847
x-goog-hash: md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21234
accept-ranges: bytes
expires: Fri, 01 Dec 2023 21:42:11 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 132ms
41ms XHR
application/json 34.255.67.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 84c51aca8ad35019d8c86ac48eb7be08faa09e65801fea1d148f1c8475aeb0fb

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache
x-server: 10.45.25.127
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 610ms
198ms Fetch 177.54.145.109
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/2309674e
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Fri, 01 Dec 2023 20:37:15 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/2309674e
content-length: 0

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 614ms
202ms Fetch 177.54.145.109
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/2309674e
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Fri, 01 Dec 2023 20:37:15 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/2309674e
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 20:37:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: zFZIGZs/6ysC9FMsA24lbdcxrquYGk//oMHRu/DF3+f2LcASbUp6sPjWN/sSy3CnY+QzW2pTugcFcMHwSqQJHQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 d2360.desktopArtist.js Show response
akamai.sscdn.co/cc/js/ 12 KB
4 KB 419ms
419ms Script
application/x-javascript 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/d2360.desktopArtist.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 13:24:49 GMT
server: nginx
etag: W/"6537c5a1-3157"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3672
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 thumb-art.svg
akamai.sscdn.co/cc/img/desktop/ 3 KB
2 KB 163ms
163ms Image
image/svg+xml 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/thumb-art.svg?v=3
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: W/"65148952-d6c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1682
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1701463034603&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN4okosm3tqoWBQcg077asLQNswNaI5w&random=192004804&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 43ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1701463034603&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN4okosm3tqoWBQcg077asLQNswNaI5w&random=192004804&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
108 B 41ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1701463034589&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNwRiErpvBG1gtVUCOj6cOwaO-0pTCoQ&random=1889113933&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
455 B 43ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1701463034589&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNwRiErpvBG1gtVUCOj6cOwaO-0pTCoQ&random=1889113933&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 35ms
34ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1701463035029&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&c8=Oasis%20%7C%20Cifra%20Club&c9=
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ukp4FstQvuypsmS-wLMtrBRfnZRe4CuNT3N1eBLANxJGSHzEli8Vxg==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
617 B 21ms
20ms Fetch
application/json 65.9.95.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-59.prg50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 01:55:26 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront), 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, PRG50-C1
age: 67309
x-amzn-requestid: 39ca34a3-bde2-429f-b052-13de1d9dc741
x-amzn-trace-id: Root=1-65693d0e-4bb2a563709d17a72eb86f2a;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: PPZ6SFobDoEERfQ=
content-length: 30
x-amz-cf-id: jX1DvKC2gEek-6k5dj5Y5mVc_rSyc5osD-sR6RNq0svoSKDWlkuTpg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 197ms
135ms Preflight
application/json 65.9.95.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-59.prg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 01 Dec 2023 20:37:15 GMT
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront), 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
x-amz-apigw-id: PR-PTF6UDoEEcog=
x-amz-cf-id: imV5LQ6AWivB-cNMAogqUKMJCOSaihfheD-AxjVf0--oiTh5EsHeyw==
x-amz-cf-pop: PRG50-C1 PRG50-C1
x-amzn-requestid: d7a82201-9ce3-4932-a890-2dc091cc6059
x-cache: Miss from cloudfront

GET
H3 200 727884491260161 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 137ms
136ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727884491260161?v=2.9.138&r=stable&domain=www.cifraclub.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 20:37:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iH0Sz22JWDoJgtATw7kS417ImQ1sxVWV0dr+xF5+liUHmkFzSbw3snFswBWdnS/tnbrtVh8bu/m8eoS54xaQiA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 480ms
203ms Fetch 177.54.145.109
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/2309674e
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Fri, 01 Dec 2023 20:37:15 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/2309674e
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 51ms
23ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231201

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65bb008994fa5db03b2d2e55358e58280714d4392e17af6eaa55a900347931fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16586
x-jsd-version: 1.0.1891
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230107-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-62Qzsh2rpPOzYIYGu+YRHWOL6yc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45Ww9pHXTN1itMtYW4ZwHNnyhSPk%2F3I1WidPDpXVlCv9g3TjHCutSV7Oly8F90j705pICOwumgfDM8ZHBKiXEilpvC9vMsOubYQbh1yCrvoz0%2ByImToyooAPwcxSMrBIPwE04hk3PGB%2FuHXhWtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82ee20817d7a3618-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 151ms
78ms XHR
text/javascript 65.9.93.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&pid=soMX1Ea6hgjT5&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22pub-cc-capa2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A970x90%3Acapa%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internas_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internasSquare_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A300x250%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-dynamicVertical_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AdynamicVertical%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-floatingAds_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AfloatingAds%22%7D%2C%7B%22sd%22%3A%22pub-cc-desktopFixed_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3AdesktopFixed%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-bandsintown--artist_above_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Aartista%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopLeft_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Aleft%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopCenter_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Acenter%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopRight_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Aright%3Areload%22%7D%5D&pubid=ed469278-746b-4198-921b-c75d368907cc&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.93.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-93-173.prg50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 4bc1976da553dde6dd59c4ea33001b72.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-amz-rid: DT7QXZ0Y1AV4XK7ZA6PF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RcH-puubagLNPpxe7sAbcpxmMS-JlJjTOdwfVSu40q_x7bTCfYXEXA==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 24 KB
9 KB 380ms
350ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

894c292d72d13587e8c003306c1079e8492e72f463d5ad092dc10d33d0694d4d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: gzip
an-x-request-uuid: c77f4dfa-b84c-4482-80ae-11baec5e9b51
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
383 B 457ms
427ms XHR
application/json 34.149.50.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 368ms
334ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMSRPRR
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 217aec20facaa21f5efbbf506a157da11b86496e31708bce35b04ab5c1ad842a

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 20:37:15 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1 KB
3 KB 504ms
332ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15546&site_id=101124&zone_id=1047730%3B1047736%3B1047732%3B673500%3B1924340%3B2850432%3B3101134%3B3101124%3B3101120&size_id=2%3B2%3B15%3B15%3B2%3B43%3B300%2C50%3B300%2C50%3B300%2C50&alt_size_ids=55%2C57%3B55%2C57%3B16%3B9%2C10%2C16%3B55%3B%3B320%2C50%3B320%2C50%3B320%2C50&eid_pubcid.org=c0410365-5988-4f14-ac4c-ed69bbcc2e20%5E1&rf=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&kw=Oasiscifras%2COasis%2Ccifra%2Cletracifrada%2Cletras%2Ctablatura%2Ctab%2Csolo%2Criff&tg_i.page=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&tg_i.domain=cifraclub.com.br&tk_flint=pbjs_lite_v7.39.0&x_source.tid=c6b141a5-54ca-46a7-acc6-846588033b22%3Bdba80806-1c07-42f4-aa11-58042ca23b08%3B5484a5e1-b1f1-40bc-b7bd-2d0951da5823%3Bfb9ad1be-bc12-4ce6-8d30-1fa5f1bc9608%3Bcbd91271-9d54-4855-9796-4382d8dcd615%3Bce3f6a4c-8fa1-4195-a693-cf6ab170d67f%3Bb741649c-a7c0-4916-8fbc-df92fd98571e%3Bc50a1158-d5a4-4f99-8126-0a2b53547f53%3Ba29e5f30-015c-40b1-9e35-464f1e1bdb1e&l_pb_bid_id=2504d0754127f75%3B262804c27f2ccc5%3B27ac8bb300be24b%3B28621735cd300db%3B2970e9f57cea29c%3B30e02051e5bd306%3B31313f1b43edef%3B321e99279f0c0b7%3B33c659bfd3ff29b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=9&rand=0.8318797296455813
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f00707ac1a8bcb6529f6e21f5cf055ebdb01186216a9c11aebc3781c9be362f8

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 183ms
95ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 260ms
98ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 317ms
140ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 192ms
122ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 183ms
112ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 176ms
106ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 181ms
111ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
342 B 87ms
18ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 160ms
91ms XHR
application/json 89.149.192.64
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:14 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 100ms
42ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Fri, 01 Dec 2023 20:37:13 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 client Show response
accounts.google.com/gsi/ 205 KB
79 KB 114ms
69ms Script
application/javascript 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: id.cifraclub.com.br
URL: https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ImadGOVXEkmDzy1LMUZeIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ImadGOVXEkmDzy1LMUZeIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 01 Dec 2023 20:37:15 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
2 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1701463035178&cv=11&fst=1701463035178&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49967b4ecf31cebe67b6a3c8f69d19e690f29a97b2f1afe5a64128bdc1a69f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
2 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1701463035180&cv=11&fst=1701463035180&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f28c46727be49559d61cb229a24b63e0420c26a72833b7ebb265d3c9dfd8232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XBHRSMDBK4&gtm=45je3bt0v9124943832&_p=1701463034293&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954502170.1701463035&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701463035&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_fv=1&_ss=1&_ee=1&ep.event_category=LGPD&up.login=Deslogado&up.subscription=free&tfd=7600
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
master.cifraclub.com.br/geoip/ 0
234 B 369ms
196ms Fetch
text/plain 177.54.145.109
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/geoip/country
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
server: nginx
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept
content-length: 0

GET
H2 200 loading.gif
akamai.sscdn.co/cc/img/desktop// 17 KB
17 KB 124ms
124ms Image
image/gif 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//loading.gif
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: "65148952-439d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17309
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H/1.1 200
OK 11 Show response
api.cifraclub.com.br/v3/comments/artist/ 1 KB
1 KB 1568ms
1512ms Fetch
application/json 2a02:26f0:3500:f::1732:8318
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cifraclub.com.br/v3/comments/artist/11
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:8318 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / CifraClubAPI/2309674e
Resource Hash: 3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:16 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: CifraClubAPI/2309674e
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://www.cifraclub.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Authorization,cookie
Content-Length: 621

GET
H2 200 Roboto-Bold.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
65 KB 167ms
167ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
last-modified: Thu, 10 Sep 2020 19:32:09 GMT
server: nginx
etag: "5f5a7f39-101b4"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 65972
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 Roboto-Regular.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
65 KB 79ms
79ms Font
application/octet-stream 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
last-modified: Thu, 10 Sep 2020 19:32:11 GMT
server: nginx
etag: "5f5a7f3b-1017c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 65916
expires: Sat, 30 Nov 2024 20:37:15 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1701463035178&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNEh2lDdE2jOog2eKotBBUzM6XNNHUZ0jAd5XVbom5o3Ztzfjm&random=16011223&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
108 B 21ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1701463035178&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNEh2lDdE2jOog2eKotBBUzM6XNNHUZ0jAd5XVbom5o3Ztzfjm&random=16011223&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1701463035180&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNbF1FSBn4Ge2GsLG7cEZ5gLqcUopV6jGpQ_gvIctO0lspaaCP&random=2318242741&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1701463035180&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNbF1FSBn4Ge2GsLG7cEZ5gLqcUopV6jGpQ_gvIctO0lspaaCP&random=2318242741&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 35ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727884491260161&ev=PageView&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&rl=&if=false&ts=1701463035409&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701463035409.169297158&ler=empty&it=1701463035071&coo=false&rqm=GET

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 20:37:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 bundle.js Show response
d335luupugsy2.cloudfront.net/scout/ 45 KB
14 KB 901ms
901ms Script
application/javascript 65.9.94.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-131.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
x-amz-version-id: xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified: Thu, 28 Jan 2021 17:27:51 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"88819ce057f99124674a75d611e4f53a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: iS0atq6HcA_pPWTyKoxp1xwa9NaqsH9q7GNp6iZA1EVaah8U7cVlQA==

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 197ms
197ms Fetch 177.54.145.109
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.109 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/2309674e
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Fri, 01 Dec 2023 20:37:15 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/2309674e
content-length: 0

GET
H2 200 default.jpg
img.youtube.com/vi/X8ng4_7sZeg/ 4 KB
4 KB 80ms
58ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/X8ng4_7sZeg/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3683
x-xss-protection: 0
server: sffe
etag: "1657112391"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/0zAiP4x9xUU/ 3 KB
4 KB 73ms
52ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0zAiP4x9xUU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3574
x-xss-protection: 0
server: sffe
etag: "1657112463"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/sw-l2PBSJLU/ 4 KB
4 KB 81ms
60ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/sw-l2PBSJLU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3726
x-xss-protection: 0
server: sffe
etag: "1657112392"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/lMghBT8iZlU/ 4 KB
4 KB 82ms
61ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lMghBT8iZlU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4112
x-xss-protection: 0
server: sffe
etag: "1657112404"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/yk_w0TC63a4/ 4 KB
4 KB 54ms
33ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yk_w0TC63a4/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4080
x-xss-protection: 0
server: sffe
etag: "1657112380"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Sfm95urr4Rc/ 4 KB
4 KB 53ms
32ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Sfm95urr4Rc/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657112379"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2WA7nH5jwUQ/ 4 KB
4 KB 33ms
32ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2WA7nH5jwUQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657113037"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2omaEbJvuTo/ 4 KB
4 KB 81ms
80ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2omaEbJvuTo/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3725
x-xss-protection: 0
server: sffe
etag: "1657113316"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/cuoGwkQCcQw/ 4 KB
4 KB 68ms
67ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cuoGwkQCcQw/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3745
x-xss-protection: 0
server: sffe
etag: "1657113138"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/NmhsObul9UA/ 4 KB
4 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/NmhsObul9UA/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
server: sffe
etag: "1657112314"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/D8dkrHnQwWQ/ 5 KB
5 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/D8dkrHnQwWQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4779
x-xss-protection: 0
server: sffe
etag: "1657112262"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Dec 2023 22:37:15 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 113ms
113ms Stylesheet
text/css 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-P5j5yz-vcNrm1ZGTbPSxgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-P5j5yz-vcNrm1ZGTbPSxgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 01 Dec 2023 20:37:15 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
530 B 74ms
73ms XHR
application/json 2a00:1450:400c:c0c::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=oSV4daIcebYBonsg9IdSUw

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f155cebf16d243080c0994dd01fcae514a7bfa6e7ff31f51a8fb89482a99c432

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ahnmkdi1u2HhNPFwAHygYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ahnmkdi1u2HhNPFwAHygYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 KB
111 KB 893ms
892ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3288540576435664&correlator=41699488806754&eid=31079233%2C31079525&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=3697496%2Ccifraclub%3A970x90%3Acapa%3Areload%2Ccifraclub%3A728x90%3Ainternas%3Areload%2Ccifraclub%3A300x250%3Ainternas%3Areload%2Ccifraclub%3AdynamicVertical%3Areload%2Ccifraclub%3AfloatingAds%2Ccifraclub%3Abg%2Ccifraclub%3AInterstitial%3Adesk%2Ccifraclub%3AcustomAds%2Ccifraclub%3A728x90%3AdesktopFixed%3Areload%2Ccifraclub%3A320x50%3Aartista%3Areload%2Ccifraclub%3A320x50%3Acifra%3Aleft%3Areload%2Ccifraclub%3A320x50%3Acifra%3Acenter%3Areload%2Ccifraclub%3A320x50%3Acifra%3Aright%3Areload&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C300x250%7C336x280%2C300x250%7C300x600%7C160x600%7C336x280%2C1x1%2C1x1%2C1x1%2C1x1%2C728x90%7C970x90%2C320x50%2C300x50%7C320x50%2C300x50%7C320x50%2C300x50%7C320x50&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=480&fas=0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701463035634&lmt=1701463035&adxs=436%2C436%2C1090%2C1090%2C0%2C0%2C-9%2C0%2C436%2C1080%2C153%2C650%2C1148&adys=13111%2C102%2C417%2C3244%2C1200%2C1200%2C-9%2C1200%2C1110%2C347%2C13226%2C13226%2C13226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C-1%7C5%7C0%7C0%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&vis=1&psz=1295x0%7C1295x0%7C415x0%7C415x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0%7C300x0%7C300x0%7C300x0&msz=728x0%7C728x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0%7C300x0%7C300x0%7C300x0&fws=0%2C0%2C0%2C512%2C512%2C512%2C2%2C512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1954502170.1701463035&ga_sid=1701463036&ga_hid=1075087557&ga_fc=true&dlt=1701463034271&idt=226&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D1.32%26hb_adid_appnexus%3D54c46a11a1112f4%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D1.32%26hb_adid%3D54c46a11a1112f4%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C%7C%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D320x50%26hb_pb_appnexus%3D0.15%26hb_adid_appnexus%3D55f23ac3bc53cf1%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D320x50%26hb_pb%3D0.15%26hb_adid%3D55f23ac3bc53cf1%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=reload%3D0%26page_visibility%3D1%26viewport_height%3D1200%26viewport_width%3D1600%26connection%3D4g%26page%3Dartista%26artista%3Doasis%26idioma%3Dpt%26domain%3Dwww.cifraclub.com.br&adks=1256583580%2C70520306%2C1414448433%2C1074996685%2C3836274097%2C2615809906%2C31671829%2C2750821183%2C3249029758%2C4164029453%2C1531172727%2C3962061878%2C3815672264&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a5446d1a3234b1a1aab9d1f410f456fadda2a5191f4f22a1208503edb855aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113884
x-xss-protection: 0
google-lineitem-id: -1,5512734630,-1,-1,-2,-2,-2,-2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138327264147,-1,-1,-2,-2,-2,-2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 244B 6 KB
3 KB 81ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:15 GMT
expires: Sat, 30 Nov 2024 20:37:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 39 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31726
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13736
x-xss-protection: 0
server: cafe
etag: 9658267497644244280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58CC 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn84HdlGREDICtZi9mxe9gYUQml9X9SVbEonCFh29IvTuOyETPO3w7o5Fk0CX5zKHAeQF0N6RKbpCmdBSTZib5gU3IZ18EbUiokSp1InAUhStDfC1mOwq_LeH7dXZ5kWiKOUivFlaaOQXQ5RI8fTVZs_CQFTK65rnh0Ys2LCNQZ_atxLoZAu1Q8byMbVbiXRllJuEvZebS21EBFIo5igVadNUiU5MpnG5a9a-hyZE6zsKN7SCN3i10T1fopSYJAEkFcWMaIoVp_DyaZFsVydk6wvxgtbD4QI2-awhxwjwjirzsyhpP_CCJ7Ez2CiVWA5ss4B-3O-9UBv73P-G-9xaknk4Tko962KitgYLe1jdFt1hZcTCcMaPyR6F1gNMSXyPE8LY&sai=AMfl-YQR9OKw-9Q4_pHxr_G4-o6InRHUyIMqsQyNJ9eN0aLU76IwzHghHN1PIKdiBXkeF6Oho2e-_XlBa71oc9boFl5ANetLcpyKvhcp1RhWpK62AJgHj750fDwQfvku16uBis16xFw2CMNmmA&sig=Cg0ArKJSzJxJRr5gxZX3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 58CC 26 KB
10 KB 31ms
20ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23731
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjBt5Noo5TBwhm%2Fnn143LEhowbTcENYojwXaREFebmSCKRZiMt05SwANC9FhbeLwGZv4TcLVwwI1JV2Bjc%2BKWzQpGbZM1MVRYbEZeV1RTeAuRSqjJKoIVknCHtINJMdrayF%2FC9bQetz4ecI5kb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82ee208a88d671e2-FRA

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58CC 202 KB
64 KB 72ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701463034293&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954502170.1701463035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1701463034&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_ee=1&ep.event_category=LGPD&_et=646&up.login=Deslogado&up.subscription=free&tfd=8968
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 23ms
22ms Script
application/javascript 65.9.94.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-131.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 18:00:33 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 9451
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VGJDANKpPZsvkfS1HkbRK9HDyjhIXEI4Usbhg78H2ZGuOSTDMTt0zg==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 24ms
23ms Script
application/javascript 65.9.94.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-131.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 16:27:34 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 15056
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 75UF7gu89sdHMrH55bJNKodC9vQxPZsYuNtN64K7UV5FvtMZlnYs1A==

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 58CC 91 KB
36 KB 91ms
16ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 19:05:36 GMT
vary: Accept-Encoding
x-azure-ref: 20231201T203716Z-hb29s4m88d5231nehb8w9sqe880000000au0000000010892
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa866cf1-701e-0084-305e-1d91e3000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 58CC
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2be29b17-4dd0-4049-92fd-5d66ee36f3db&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=61f3d11c-0941-4d61...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d3f3d4ea63b342989da4ed9cc67f4dae&SNR=1&GV=2&med=10

0
547 B

55ms
55ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d3f3d4ea63b342989da4ed9cc67f4dae&SNR=1&GV=2&med=10
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A3C25BFAE79428A980176E5B6EFB4C1 Ref B: DUS30EDGE0415 Ref C: 2023-12-01T20:37:16Z
x-cdn-traceid: 0.9ea12417.1701463036.203c6e6f
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 01 Dec 2023 20:37:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED4828832938420F842CCB8E049E2036 Ref B: FRA31EDGE0821 Ref C: 2023-12-01T20:37:16Z
x-cdn-traceid: 0.9ea12417.1701463036.203c6ce0
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=d3f3d4ea63b342989da4ed9cc67f4dae&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 58CC 80 KB
28 KB 40ms
8ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: Thu, 14 Nov 2024 14:07:00 GMT
Date: Fri, 01 Dec 2023 20:37:16 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1405816
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21956-LGA, cache-fra-eddf8230059-FRA
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
X-Timer: S1701463037.623393,VS0,VE0
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 7, 1900686

GET
H2 200 it
fra1-ib.adnxs.com/ Frame 58CC 0
647 B 14ms
7ms Image
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.cifraclub.com.br%252Foasis%252F&e=wqT_3QKQCOgQBAAAAwDWAAUBCPuHqasGEPbC4c6UjtC6fxgAKjYJIe1dmOoF0z8R3zpZqmsS0j8ZAAAAYLge-T8h3w0SACkRJNAxAAAAgD0K1z8wqoPQBjiFOEC1XkjjA1C6iYq2AViekE9gAGj0yVt489gFgAEBigEDVVNEkgUG8GmYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACp4446gIjaHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy-AAwCIAwGQAwCYAxegAwGqA60DCsMCaHR0FTnwhmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTYxZjNkMTFjLTA5NDEtNGQ2MS04NDE2LTEwNDdmMDE5YWU3NyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAURwMzg5NDA1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_Q0AV95dl91YnlxYmhnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTOTE4NDMxNzg3MDQwNjM5NDIzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5qZ3pNVFkwTmpFak1qTXlORFUzTXpjME1ERTNOVFl4T1E9PcAD2ATIAwDYA5CVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjc3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwASn_fchyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXYnbTnxtaIwT7ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXCd_oFBAgAEACQBgCYBgC4BgDBBgUvMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH89gF0gcNCREoASYM2gcGCAUJ8HPgBwDqBwIIAPAHiN0DighHCkMAAAGMJxmMeH91QHFJ2GF26MeLso1hgvExFVwxHGCu4hquTwPWvH6OMhNRngLkhd8Ay5B03yRUPDdga6FOhJV9C-87EAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=e900ea1bc855b27c659e521e676c449ab787542b

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: 8027da7a-2fe2-445a-8b46-b937b9e4e6ef
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html Show response
6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3023 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:15 GMT
expires: Sat, 30 Nov 2024 20:37:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2C2E 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:15 GMT
expires: Sat, 30 Nov 2024 20:37:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 118A 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:15 GMT
expires: Sat, 30 Nov 2024 20:37:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6605 624 B
242 B 57ms
55ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Y8JnUrwEwAQ&v=APEucNUI_oMrfOYJT64HQbl9XSv8bzuNX6K5cfWWaj00zOzJyWAzQQdudvZERye5NabK_X_9Nebybpzjelz-KbcMWFWMDff3vENOzDoxrmevDOdmCDWecoaATXhekkjaxtyEMEZHFZabdMEzbYWDMIbwCgU2Fz_JXvCnFP9lPhXGiyg5S4w6Fio

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3023 111 KB
39 KB 41ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 07:40:28 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 3023 7 KB
3 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:42:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3023 24 KB
9 KB 43ms
11ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:42:54 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3023 41 KB
14 KB 47ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3023 3 KB
1 KB 49ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 15:57:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 564A 1 KB
1001 B 40ms
10ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sat, 02 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3023 20 KB
9 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3023 42 B
173 B 73ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_v4VPI7dL9Ngto-klxrAA_dK0DEcUthZSuPBIeWxAWsOAPtewxt8_jnjR4kuaZDwyguvMkfdEB5yS45hwBU_sCyiNxMVKeGcLQHAvA6VBrmhgfW0

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3023 0
0 27ms
27ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_wkcdfgtWN6bD1I2E7A2T9SqDIAggxU6qdKc42jOjKjLmz7wDg9NkIHogg3lE8joVMpiWuxjjGEmrMepX2Lv1e3hGNQ
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3023 202 KB
64 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6DCF 640 B
262 B 56ms
49ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2C2E 89 KB
31 KB 95ms
84ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 42 B
107 B 55ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQyK9cL9FgdUAsmQRbx0NXZ-kEuTfz8eLtWGOqg0MDBOe-P8U0cjz58fznunuh5UBRQIK-kVfwk61F33-DZkH_kugAWAyE6uPt4iV6sAAI82X6FTE

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 0
58 B 55ms
45ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=281293051867496336&x=1&ct=76

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2C2E 3 KB
1 KB 27ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 15:57:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 2C2E 20 KB
8 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C2E 0
0 31ms
24ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaYezl-smbhSyvC8GxBRE-h0CRHKmC61c8r3MczXt1ReeFu5rf1zVudbayamcBjTtRejHQ2bIbYB9JYk8XaZh0T7droQ
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C2E 202 KB
64 KB 76ms
68ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 64BF 624 B
242 B 56ms
50ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY3M6TgAIwAQ&v=APEucNXpAPbSRexPitoRcpDccPiC_alk9c7eZNcGROFHQIgAbABEwlk753NyzVktQC9Yc96tJr_l7fLgRJEvVlwUiVIR2RPJM5uPNI2OtQOnQWF_ydfJefPZYJfEfOODffoCFqh2fJqW3-yAMDYnT_BvRaCm_Za59GpI6yVt_CoThWmydF6eu9A

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 118A 89 KB
31 KB 141ms
132ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 118A 42 B
107 B 52ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAs6X48gxoPKpRV7jqSCGo_9eu05Rv_m1hS9ENZNjt_R5Qk54zk7dWJw-dMMby2t7tKB1oBcQllffRlSmLdQDr7fq5wM95A_wbSTBiI-Of6C-eCZU

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 118A 0
56 B 53ms
45ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1850977446373975680&x=1&ct=77

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 118A 3 KB
3 KB 103ms
30ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=69977905;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19820480540&extPm=19820480540&extCr=537192284&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CHf9B-0NqZfPMLKeQ-cAP8NWNgAKDvYfDb7Si9ObNEo2A5LbrAhABIOC8rSNgleKQgqAHoAH2vq2YKMgBCakCe9GgUoErsj6oAwHIA5sEqgSjAk_QSsDs-tst3gRMPBl9VjX6jbNPkvuig8W7UvXIOuQ42lcoTQTqeVzoc6-Xuri1lwjlf8KntgmKjucG2qlcvumeud44efihSyA8KOizehRcIPlddftDphPl61GfZZPHK_-2dw6KfE_XNE4lnhdy_Dj2bVNItOkvjXn5nzMYlbsYmVuUQcU-oQszOYNTST6UliI7V7CZ9XosK08m2PIixS8I6RSFr3nsT_4DI2nMcbrx0JJ3KIr_BMnl_UB1qNKD_vmn20NR5Mw0CVI1y2K3tY4rYkizx3TO8rSDhjRNTcoW6LRynt4kjOeVsEEIkdkToh1FNL8QTR8gZ5wz6dhTaB8HOhSgs3xdWRZmiAmNobS1LIpGbYpHeBoc58RV4Vasmd6bTMAEqqjM35EE4AQDiAWckJLrSZAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljK8dvei--CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwi3kd3ei--CAxUnSB4CHfBqAyCwE6TO5RXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&sig=AOD64_0fVmxhFOy_DMF40b0eq20ewVYoFA&client=ca-pub-5289793328419085&dbm_c=AKAmf-Bwlez0URuyAjyaJdeOJdkDulVS1tkn84L53u9WrJ68zOx5yRBawAUl4574F1gDwuK_YqLM2liYemciayv1KKeK3L9Aslls5307_xbOxvhu1aUrhiEvTorbEmg3Sf6FeHWLSjD_NRaHue_pFOpz8quAVfoGJb_MUO-RaKqt7M6gKBhAGA4&cry=1&dbm_d=AKAmf-AASeOnYebCxQ3HIaxJBa8W2GBotpxseAKN05s1-c0UoPQmfkNjBiZ79AivE1S7UuMoiKVPT9laeSWE_xmyR0P0-r5NKYmM_mfRS5xDOuF6MYGtv3gIuW7pFCBM9yCyoNlIE58540mJDlRozj44HQLt1OVMxD7M1YUmwe-lQMHZ5D-zKM1On2cV13P804x8wyrtv08LRRcdwYlfmjBl9mQJtK6h6n5YsUaBMmujM3-WhTBIgmKczru6FirOMnqbIYHTL3ZDqzCf5YwhqLL6umqsqJEaSkeH92WZVysvk0fwR86ZwYDRrI8ZS7LfPZbyQjTge2uvVEErZ7ihHFovnIAgKPgePSomC8LD79pGetRnQycLIxdfvBo8WjCcQMMF1TLhDznqF0hMLDFUqm8Ly4vfGELxTDvFsfkU87rjrFDxGe_7W5mLXKw_nTiJWEDb_sQdCi2aVVkIvh-8Q3tTFOIgrJId8YCvsgzS4MK9pr-HjNxsD56ylamJV3QV96E-RNG4Cmr5lbDI5H076FMSwvNCYiA8OLzOLAkrjw-x65bjLk2PtZAFQYxPb6S8fKluKML1aPrS&adurl=

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fd14e8a67b1b88963a6de955d889cedde0b4b22faf2d80e6bb004ee74b109e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2982
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame 118A 60 B
1 KB 87ms
20ms Script
image/gif 213.202.235.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=19820480540&extPm=19820480540&extCr=537192284&rnd=1701463035730739

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.10 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Fr, 01 Dez 2023 08:37:16 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1756
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 118A 3 KB
1 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 15:57:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 118A 20 KB
8 KB 17ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 118A 0
0 27ms
23ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiU7EfzQq2Ed0R2ZE2zwJdP56KhItPO53yX6KpE6CaZHGPWdQo6nwvRy79SaoTiO53INun3HZXtRG4UZfRj_rF2S1bcA
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 118A 202 KB
64 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H2 200 th
www.bing.com/ Frame 58CC 23 KB
23 KB 22ms
18ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7215958472433_1UJS0REQJN0GER1VPH&pid=21.2&c=16&roil=0&roit=0.1077&roir=1&roib=0.893&w=379&h=198&qlt=90
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3236b2b4dca0b162230fcd317a468a9017907b3ceaa251def2d04ac7957ac826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.9ea12417.1701463036.203c6dbd
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 23089
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
fra1-ib.adnxs.com/ Frame 58CC 0
647 B 12ms
8ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&e=wqT_3QK2BXy2AgAAAwDWAAUBCPuHqasGEK3kheub5tW5CxgAKjYJAA0BABENCCgAGQAAAEAK1-s_IRESACkRCfQFATEAAADA9Si8PzCpg9AGOIU4QIU4SABQAFiekE9gAGj0yVt489gFgAEBigEAkgEDVVNEmAHYBaABWqgBAbABALgBAMABAMgBANABANgBAOABAPABANgCAOACp4446gIjaHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy-AAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2AOQlTDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNNDUuMTQxLjE1Mi43N6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggA4AQA8AQAiAUBmAUAoAUAwAUAyQUpDhDwP9IFCTU-dNgFAeAFAOoFBwoDdGFiEgDqBQ0KCXRhYmxhdHVyYQEQIAoKBmxldHJhcwENGAkKBU9hc2kRDAhjaWYJJRgICgRyaWZmASMIEAoMBTAFHABkBUMYCAoEc29sbwEeCA8KCwVBBR5ccxIA8AUA-gUECAAQAJAGAJgGALgGAMEGCakYAADaBhYKEBENEQFwEAAYAOAGAPIGAggAgAcBiAcAoAcAyAfz2AXSBw0V2AEmCNoHBgFZ8G0YAOAHAOoHAggA8AeI3QOKCEcKQwAAAYwnGYx4C3NXMb1hci2KY253IXEDHrQLINbp-7V0C5hWq2JPQwJQ3qOAaScTIGMZGC7_vuniYjR_FD-WKicPookQAZUIAACAP5gIAcAIANIIBggAEAAYAA..&s=5c7bcd0926072bedff9e18747651d10df1673cbc&bdref=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F,https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: dc137808-55d6-4b06-80f3-ece542c92a4e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6605
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

43 B
342 B

29ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Y8JnUrwEwAQ&v=APEucNUI_oMrfOYJT64HQbl9XSv8bzuNX6K5cfWWaj00zOzJyWAzQQdudvZERye5NabK_X_9Nebybpzjelz-KbcMWFWMDff3vENOzDoxrmevDOdmCDWecoaATXhekkjaxtyEMEZHFZabdMEzbYWDMIbwCgU2Fz_JXvCnFP9lPhXGiyg5S4w6Fio
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qb0VhlznqS14uso%2Fy%2BM5i%2BPDD%2Bx341TBZDPDurAQassyKaCzzMx1LcZ7n9FErajtfgnFTnVgKCt4VDT6XMEvT%2B482T5wWD3GO7vRJ9igzzsCC17b8rwAqQ2NyCMYdCP%2FmLWSYDFJkQS0Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ee208bed4e1963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6605
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWpD-LVFMRxdxFb86GfFjQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

43 B
740 B

23ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Y8JnUrwEwAQ&v=APEucNUI_oMrfOYJT64HQbl9XSv8bzuNX6K5cfWWaj00zOzJyWAzQQdudvZERye5NabK_X_9Nebybpzjelz-KbcMWFWMDff3vENOzDoxrmevDOdmCDWecoaATXhekkjaxtyEMEZHFZabdMEzbYWDMIbwCgU2Fz_JXvCnFP9lPhXGiyg5S4w6Fio
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEU%2BEuLe614ZDySwL6MqQlNjPDbyZzlm%2BqNJXHK5ashzJ0%2FSJX9bClLY%2FISwXbiSFfbzYrx%2BCL4gJx74jxDMTsARc%2Baa0EVs2LYX0sZrEp3FlPU84H8pRr7AEbbJybrwW%2FwTpnxABWBFsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ee208c3c233687-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6605
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

43 B
839 B

18ms
16ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHcChCgng4Y8JnUrwEwAQ&v=APEucNUI_oMrfOYJT64HQbl9XSv8bzuNX6K5cfWWaj00zOzJyWAzQQdudvZERye5NabK_X_9Nebybpzjelz-KbcMWFWMDff3vENOzDoxrmevDOdmCDWecoaATXhekkjaxtyEMEZHFZabdMEzbYWDMIbwCgU2Fz_JXvCnFP9lPhXGiyg5S4w6Fio

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: 284bb076-af2c-4a4e-bb82-b1cf8bd3bbd7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6605
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: 4837d884-fef4-474b-a0f0-6572dbc623d0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3023 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f484159f792dac83fdd4738b6806ef00d342c724679d16df28d30c84d9c9abce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 564A 35 B
464 B 44ms
12ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGP9Pd4kN4FOf05dmRy06s0&google_cver=1&google_push=AXcoOmR_ZPE-NgWX0IjjQh67YffG8EfdQFhq9Nyob6R1XSgZ8_rcjkOzAxgviDORHAOX4-SSZjQ7ELKbq53kCSdfopmAGTnKnrQOkEg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_push=AXcoOmTgojlwX-hzYG4Q0WYIqbprnR2ovmAB5kKW4qUulqY40N47dItWAO...

170 B
188 B

20ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_push=AXcoOmTgojlwX-hzYG4Q0WYIqbprnR2ovmAB5kKW4qUulqY40N47dItWAOS7dP29VW7zN-a6lU7rYwzdH_pmnCU650phG88NuMqA4bY

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701463037.779564,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_push=AXcoOmTgojlwX-hzYG4Q0WYIqbprnR2ovmAB5kKW4qUulqY40N47dItWAOS7dP29VW7zN-a6lU7rYwzdH_pmnCU650phG88NuMqA4bY
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFh12H2cjyiRURc3lOZw6Gw&google_cver=1&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-KqyDInKkn2EJFzPwU
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=18A95B10B13B41B283DF22B822BBB819&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-K...

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=18A95B10B13B41B283DF22B822BBB819&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-KqyDInKkn2EJFzPwU

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 20:37:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=18A95B10B13B41B283DF22B822BBB819&google_push=AXcoOmQMzqd2GCQNP92b3-e3ft2N3GahE-n_MoYSI1rCq5YY4T86FWEe_rDB_wuWght-JZkF2eYSXjn0Y3b18-KqyDInKkn2EJFzPwU
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 30 Nov 2023 20:37:16 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENt5hSfMrSCFVpuw4LI1HQk&google_cver=1&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5x...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5xi6ARWjnO8_mB2f-q4PBQ&google_hm=-y3uRYDrQgeDLHIhd...

170 B
232 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5xi6ARWjnO8_mB2f-q4PBQ&google_hm=-y3uRYDrQgeDLHIhdXVyck0

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS1VcLYUtneAZXtn9-y7XUCoVPrAI56BQkI5ZD8ljRedDY55h8Nym9Iw77AWMi-lFvmjlnuykLhE5xi6ARWjnO8_mB2f-q4PBQ&google_hm=-y3uRYDrQgeDLHIhdXVyck0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKmu6uhG2gPVeoenuYGCdM0&google_cver=1&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKE...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKENXummlWI&google_hm=eS1JbHJYU3hkRTJwRlF...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKENXummlWI&google_hm=eS1JbHJYU3hkRTJwRlFXVDdMSGZyV01TNGhteEt6M3VMX35B

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 20:37:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ_9hvei-1sHTMFxaDFUQGM2OLHfJppiGxK1OoaXKdQjMcFJmoYO0j8rBDUNyhumvnllxxlXJr4OsZ2rBqdJPKrKKENXummlWI&google_hm=eS1JbHJYU3hkRTJwRlFXVDdMSGZyV01TNGhteEt6M3VMX35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 564A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHguYP_1kKoD9l7S-axd-yU&google_cver=1&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEHguYP_1kKoD9l7S-axd-yU&google_cver=1&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcA...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQeA3NEd8xpdbB4phykfsev-JglRCvtcZPhJIFza5ir5oDTl-5AZXi_0e74OgAAVuil_xxpSFLSTKbitouVXEjcAYJLXq4dUw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 564A 43 B
363 B 47ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRINzvbqnaaw8HSKYIQQGkLfWLwjzSADt-p4r4EdoxhJy5aWBta-3uLmb4kJIYRkzSYcWzLftkzWI5hcPViJ36o0SXT-uAbLng&google_gid=CAESENSag2HIA9Hv2G7Iysc4n8Y&google_cver=1

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 198143
expires: Fri, 01 Dec 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 564A 0
130 B 32ms
14ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LqLYjyiDdG-G6RyVWbO8hAYmsbFu6zTiAS0-3qzAIHx1Cu4MarWV2KdU8MRajF7gzlQREL

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13916606041847298126/ Frame 9FEB 8 KB
3 KB 27ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32504538284faed1bb55612e57e9b5072bd96b983bbe927308eaec0ba2d25b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 564500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2713
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 07:48:56 GMT
expires: Sun, 24 Nov 2024 07:48:56 GMT
last-modified: Wed, 14 Jul 2021 16:29:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3023 0
0 84ms
51ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsujtHOqp5JzX2D4c_KjRC160gHhA2evnGv5rgRUU3UMdPh_pOlgRgc_Dyi_8XAbZTwpodd8eHADVtUnNT-8hgx-99jmmG62FizlRpQuKlWc8tBqxg-NPoBUxavqFK8WBZWVIm-YupNuQEPK0GNJsiRqzGjYILNFHhoTTLG8sgdWLHX6HypGMybFU6DlbNxJt6bQyqqVC3eS3PjzomD0EGaVGo-vgV1HYkQNm4IxifjWWEaILEdlUlT0380bjHkYgz4Ah9N1AbCnSlBpKO1vNoYUTGLSlj3ld0439apkzchDzp7g-U6lCCyvJEW5OVz9r1RrG_oTow2Y66e6XKHTIq9t4bOZbE7sDl6n8ukxOT7_iipVpHCN76Y7OfHtmE7O77lgPnlxQgVxSjRA4WHx4I3IYuw50njd-WiBcDMxYbZy7QKWLM9r2y-3H8JmEF5PQEI3POi_60_Qvdo7eQ8Qn0Zv3GtfN22DSwUWTrmrpiGpafXoPOuvOvPQYbx-b3IljXjNApD_zia7-bDQvANXCZwkBaifieN1Oh6jTT0CLIxM3U7B4u4gBhkwaqV453xOkZ9eKsN6mP8FsRCtaFi0oYNKmKpkTjNuvZ5M95a5_ix_Vo8J0ham7rjtrXR8Hu-SK3EsCQ75qLFKi2OxRloNO_5LF6XABrArw1WDU5w0yayWn_Stm9TmFPSXK58vxiLrRgwHDMC_-WgNestnKWpp02Jb5lfA5NEd9nM9uCOisdIstKUNVFRMfmp4iTJV6be3dXQJcaEb3k5mwSGrTxDlE-z5ptvazUrHn6nnGaDV8_gMj2G7GcDyisPegSybDmag8kngZY5jz4I5yMr8b8arZIvTCUqcqdsqslmT0iU_FgcbJc0HGMSucCDGOxqmMKOwkbFY-Db_iq8PDI9ogwSZ9qiRowNL8tBLYkt--D3VJIfPVjJhgooh0EQxG8mPfcMG72Ye725ngtk6cwBIkEhO4GHnk4UOCuLKGi4weL2vCL_z3XTxfUmAlosRHwZ15SMS6v0trU0vwwW_9bRKQd9VTreRVeSTpjl20SaRMbc9VpGeG8O08dsix9cowGG4SKpMd1ulMyWWCke4G4j9Yu6zA_r54EWpbUxAb8qKadnQi9w8-EFZ1HSOGO7A6w0OoB4m3g_3GI_fNzCHA-HKcbDnvfi43nSkR8XjWflX6sAOiL9xLrRt3zugZVXjeKZQT_AKsrjMEPMKbsCuHRX-WHLtMcgk0ca-lfE1YRlIVBp8Kp9ClDrg8mFJ6S6IxEANup72baE96IY3VYa2q4ky3uJrWB0YWLlOwCsO1IqNHgyNWoOE7o-J8j9HkMRR_G4zY_tK9XqEbjahtt6c-I1rsubxeCvMJ29zHts-1W-PtIQG7mqXurqq-NQpo5Po8crUqTSkjFDL4qkMmsZigM4UY_VozQd6uifEgUUlEo4Q7FH9Ue4kxzYVBk1E7WeWpyRvlKgl70maeEMp7ZROvatMxyrwF9q7wh8_96YkBW1RHnVFnJSMDcUt36NHU5HoTzUGglglXoUy5B9WGfdjIwyvDhOLFbn8riORESbk2sd-GV6mfyXM8Ew&sai=AMfl-YTq4adbPUcUWlcNRU5QExX2aUdFLcOg0MJVB84CVN94gnCOYTEw9atVoBtMEJY7dDDkGKy2opTi0s-y4iH_u8bNYgcv1nwdr0ehgri2_y08NoSXRa0PFjLo0Auid1mdnetH-Ya2jRNzcX_rljhikbbjQCRvU_DWhQ9Kk-hWNzES7PSMHLwubFWR6ENvr8-S_1t1oOmuSv1CPO2vBSjrhkeEINM3przY7GkVCOQSrOvkdT0v-DXqtZKfP1YVyhvkyptS4NpN3IIBhDCXi7pAWDQAN4QEVzQXIfWOHp_pZE7qe6IBublnzYYpn5ufa8S1q9Gf5e4OSvxymhf6nnzfZEDKyn-16r_gDCjFSWiUxS7a9Yco1hpn4YwfxWzawwKz8c4Waie2HuxQQH_G4DXIGtXx4INW6w0oejzBbSowfytO7l_aPUF4&sig=Cg0ArKJSzBt9Y7oBC2TIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rbG0uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=106&cisv=r20231129.59879&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6DCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGjT-6_dbFMU1YMy-tJuVSA&google_cver=1

43 B
105 B

22ms
19ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGjT-6_dbFMU1YMy-tJuVSA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGjT-6_dbFMU1YMy-tJuVSA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 6DCF 43 B
295 B 42ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 6DCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEB_VYmZOjADzsp6GhYBk_bI&google_cver=1

23 B
163 B

46ms
34ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEB_VYmZOjADzsp6GhYBk_bI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 01 Dec 2023 20:37:16 GMT
pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEB_VYmZOjADzsp6GhYBk_bI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6DCF 23 B
163 B 70ms
33ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYxo39xAEwAQ&v=APEucNUUjuW92DVyiD0sT_WDAsyl-OGQk8S-VKmZB5eNikxNPql5lf9XChg13k19Tgk2BtMjIbMkL1-NYuFtcJ7qbRxZjjkZH5IX1wAnzdmNP81RZMgv2sHICqxTHtN8Y__1ffzjxhZfrhElV_hQn_RuUitvcR8FpFZKccnlka53_gHbfVSgctU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 01 Dec 2023 20:37:16 GMT
pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 64BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

43 B
325 B

30ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY3M6TgAIwAQ&v=APEucNXpAPbSRexPitoRcpDccPiC_alk9c7eZNcGROFHQIgAbABEwlk753NyzVktQC9Yc96tJr_l7fLgRJEvVlwUiVIR2RPJM5uPNI2OtQOnQWF_ydfJefPZYJfEfOODffoCFqh2fJqW3-yAMDYnT_BvRaCm_Za59GpI6yVt_CoThWmydF6eu9A
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAI%2BJu1DDw9gC0sHFJJBn2EZb8Qwy9weWc2D7NZUHxCj3v3XhrSckqQNbI2JUqbhvwb1DMy1wJCggASBtMkq3HuHNEENZP8nk%2BhtFeOX0eIGt25pur1v82KSpmdhQlXZMy3ZplJExiKhjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ee208bed501963-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 64BF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWpD-LVFMRxdxFb86GfFjQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1

43 B
736 B

31ms
30ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY3M6TgAIwAQ&v=APEucNXpAPbSRexPitoRcpDccPiC_alk9c7eZNcGROFHQIgAbABEwlk753NyzVktQC9Yc96tJr_l7fLgRJEvVlwUiVIR2RPJM5uPNI2OtQOnQWF_ydfJefPZYJfEfOODffoCFqh2fJqW3-yAMDYnT_BvRaCm_Za59GpI6yVt_CoThWmydF6eu9A
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hq9wuC9HG4BdXvuXJSv%2FNnxQdbevLH2i85vt1xh13Yy4zJNJ1Q4JhT8rRb5uTW%2FWw9LzsQPZnEqoPK%2FCdXHWB5ex5PPB%2BeTUxrQEb0eE4yyZ%2FuVnBzk9Xswr12LlHQhf3TEooPn8uU9dmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82ee208c5c423687-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECPNZWlfi6FFw_7Mwsxc0pQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 64BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

43 B
839 B

10ms
9ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQuOmt-QIY3M6TgAIwAQ&v=APEucNXpAPbSRexPitoRcpDccPiC_alk9c7eZNcGROFHQIgAbABEwlk753NyzVktQC9Yc96tJr_l7fLgRJEvVlwUiVIR2RPJM5uPNI2OtQOnQWF_ydfJefPZYJfEfOODffoCFqh2fJqW3-yAMDYnT_BvRaCm_Za59GpI6yVt_CoThWmydF6eu9A

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: 56f6c1a4-50d4-4ef3-b280-962d3634c7f0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPFDgRBIH8taA7SLzIqEkv4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64BF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: 10d6f16b-0d90-4c3a-b4b5-8a5485976492
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIyMDc4MzA1MTAyMDQ3MTA0OQ%3D%3D
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 56C5 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 494316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 58CC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93cfa56912340907c4b0810e3ae00b9bd231cb6055666c7381007dd40481a345

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 58CC 0
667 B 12ms
9ms Ping
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&e=wqT_3QKQCOgQBAAAAwDWAAUBCPuHqasGEPbC4c6UjtC6fxgAKjYJIe1dmOoF0z8R3zpZqmsS0j8ZAAAAYLge-T8h3w0SACkRJNAxAAAAgD0K1z8wqoPQBjiFOEC1XkjjA1C6iYq2AViekE9gAGj0yVt489gFgAEBigEDVVNEkgUG8GmYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACp4446gIjaHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy-AAwCIAwGQAwCYAxegAwGqA60DCsMCaHR0FTnwhmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTYxZjNkMTFjLTA5NDEtNGQ2MS04NDE2LTEwNDdmMDE5YWU3NyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAURwMzg5NDA1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_Q0AV95dl91YnlxYmhnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTOTE4NDMxNzg3MDQwNjM5NDIzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5qZ3pNVFkwTmpFak1qTXlORFUzTXpjME1ERTNOVFl4T1E9PcAD2ATIAwDYA5CVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjc3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwASn_fchyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXYnbTnxtaIwT7ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXCd_oFBAgAEACQBgCYBgC4BgDBBgUvMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH89gF0gcNCREoASYM2gcGCAUJ8HPgBwDqBwIIAPAHiN0DighHCkMAAAGMJxmMeH91QHFJ2GF26MeLso1hgvExFVwxHGCu4hquTwPWvH6OMhNRngLkhd8Ay5B03yRUPDdga6FOhJV9C-87EAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=e900ea1bc855b27c659e521e676c449ab787542b&type=nv&nvt=5&jm=1003&px=316&py=102&bw=478&bh=250&sid=8972228871504956763&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13894058&sw=1600&sh=1200&pw=1600&ph=14369&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
an-x-request-uuid: b278b135-4db5-4bfc-b4aa-f73d0e5a6884
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 banner_300x250.min.css
client.bannerspace.net/111329/ Frame 9FEB 5 KB
2 KB 103ms
16ms Stylesheet
text/css 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/111329/banner_300x250.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a7fcfbc2cffe7086bab174053531cf4841c2ab543f9f19a78fcb12fdd425cf09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:16 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1405
expires: Fri, 01 Dec 2023 21:07:16 GMT

GET
H2 200 royal_dutch_airlines.svg
client.bannerspace.net/111329/ Frame 9FEB 6 KB
2 KB 104ms
17ms Image
image/svg+xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/royal_dutch_airlines.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:16 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1846
expires: Fri, 01 Dec 2023 21:07:16 GMT

GET
H2 200 winglogo.svg
client.bannerspace.net/111329/ Frame 9FEB 5 KB
2 KB 121ms
34ms Image
image/svg+xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/winglogo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:16 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1891
expires: Fri, 01 Dec 2023 21:07:16 GMT

GET
H2 200 TimelineLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 9FEB 12 KB
4 KB 51ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TimelineLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 48445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3706
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-3026"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER%2FacI0M8dCqlIjzbTu6uvPFBk7GpSV3twKVKLcjkgKm5HFUkfeLslA%2BGBp2a3T%2FjS7KgFLZfSF9jxOQnkq0U8g5V9AYWXXbUiLHnbXB%2BjQBPRhkxkEK8WHVNMMS6R1WTQIO%2Fl5S1RXtnfmGslg8sEht"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ee208cffdf9b2d-FRA
expires: Wed, 20 Nov 2024 20:37:16 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 9FEB 26 KB
9 KB 32ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 133487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8578
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKH5w2axUK%2Fqre%2F9EWlhbsJfkfyAxz03P3T%2BIPav%2BKu6%2F8Cp5%2FhE6EtME%2B2UoWcKfJA5nG7nOKuLNx%2Bbp3d9bS%2FJu7JkloF1QYpGEL49fn%2FPDllVcYI2dasXMJQ6Csf%2F5QbGhcVArNnP3KVL3sjmeFC1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ee208cffe29b2d-FRA
expires: Wed, 20 Nov 2024 20:37:16 GMT

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 9FEB 38 KB
14 KB 36ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 133823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13669
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-9833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j20uX4UyzwXqlAJ6seGi5SQgdIbDb9MxbCJwE0XVq79nFKmEDXLEAPQduEZJYsw8Dw5j8lbAwKDFv8HpDzUkDokn%2BkOSFrXDht5Mkpp9OyIqKC9n5M7oLktJIIbr9NbSSEA%2Fw1cGabuEhv3JJUo5fS0%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ee208cffe19b2d-FRA
expires: Wed, 20 Nov 2024 20:37:16 GMT

GET
H2 200 EasePack.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 9FEB 5 KB
2 KB 33ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1701159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1730
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-146f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8a6Mw8msQc8qssxq11qkTNBRKWoRF%2FlY%2FSdTiuACmD%2FxxxgFXiSh0ERZCNH5uuqVNGMzfXMsL7V0j5HTdNPhDuA6xRf3DIJMSwHV%2F0CbMv%2FObtqo7KBNK0NyrUupucETNAMOTef%2BzJcYGt4YjOXuX041"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82ee208cffe09b2d-FRA
expires: Wed, 20 Nov 2024 20:37:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 58CC 0
0 64ms
49ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstin63kfYm74tWOi9SMeKwSW7BAz7Boy_q8MkouLxk-BLIyrxrP3wLP1ECOeXgAMqFOoer7ABl89aepaX82qTxI2s_uF7flx2V18ByUhVtLyX8zNpNH86ZAWIdU62RnJB_1aWEtcUDuHkcPgBLAuFBVnk3VqLFwuW45HV7LSJXodP325dFHDhymBy3HTaiHEGAun-yePiweuycsC3Hq1SlYBwYsPB1mRxIoZ-QiX6ANszaUTgrkzJV9jt9Ko-LZfeUtKi7wRt5fIV5-PiyjghrQ13PI3IqR3-xYzhjABIKp8leVefdj9sTdGP_L7no9F1q-6TqNBmMCHAfJmWg7WhKPP30jSrPQ_-8ceZ-YDFWL4ODH43HY6JZ5rzqtlbvXs2Jru-ID9Q&sai=AMfl-YRqqU13ryY1-WkgIYGODdOXKPPjPBioOI9a-HUmPkfk4D7PxCZTz_nug15OacdgnLb6nY4ANx4Ad_K7GoFTAT87_CNC_bAJZV4_XIO1DvivVy2kGUhOzAVUBVITEkjlnR5InDefBpQ7KQ&sig=Cg0ArKJSzMvgFhu0JBwGEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 20:37:16 GMT

GET
H2 200 41821520942.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/ 318 B
623 B 243ms
239ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/41821520942.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9f328676e304fd00e3137bec2128ce6f9cf19244ee7be37a901dfd4772f1d3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 318
expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H2 200 39118139871.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/ 650 B
955 B 244ms
240ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/39118139871.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6903a34fb38ccc77a65f5fb43b43502a430492a6cb443a23025fcdffbed9b750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 650
expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H2 200 39501721926.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/ 2 KB
2 KB 244ms
241ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/39501721926.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5398bb5a0b481f244d4d6acd1a4e5991521bbfae055aca47327aeebafc3fa7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1962
expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H2 200 38989123692.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/ 2 KB
2 KB 440ms
437ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/38989123692.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 333790a08743cda14dd3f8de8fb729b6bab0c81e33a1c8ce4d50a87e0db14e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1762
expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H2 200 38809746892.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/ 1012 B
1 KB 357ms
353ms Image
image/webp 2a02:26f0:3500:f::1732:831f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/38809746892.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:f::1732:831f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e822051911dd8a23b071e002aff3422e6c2ea8e05823e1965c8197541901a0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1012
expires: Sat, 30 Nov 2024 20:37:17 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 0
56 B 43ms
40ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1445169889346&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 0
56 B 42ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1445169889346&version=m202309260101&ct=76&x=1&cor=281293051867496320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2C2E 108 KB
41 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8g0wHPfC4sPPHBeYMWSDE5MWk1tslvlbVFggh-Slo-lN4SR-RJ7Xc2D3nnmhJhhHk1kI6_MZrbP_YQuzlBQVfbmNa616F-6dM2K-jTiG-U6tB0_ASgpZuaHohuk2OaCu1UXR5lsdFClcVaONGT1kA06z5K-KQoPi-KhZkDy2YLwBRasc&dbm_d=AKAmf-BUV26968Zeip_lSE70BZCEGox-pXoA0fzj_av_Jmo_WTtapxccYvMlMnxIuM7vUczqa5ubGSoNeRo8nRgHScOLldKTRIN77CIMwrnVC0d47Em-XagHe9LuUrVRTCxS21_NZi11vN301U9PQIR22yTVzY08dW8gRT1Kexaoa6GKNePqr3lqqybvg--rpsTaiK938SogUs1NnllhqoF4DUMcQgXEOPlZgJDuUf7DfnojigY_LOB_txx7dikGpgj_sQELuTBsFVyMDLa0U6S4Dp7EOZKcaeR-De5GdEfM44g2MHUWvBnryfD7k0mDDItOexaWOudHadgdAocGMfCXkHG47epoJ3bKX-gQn4Wsm5OXpkNS-bVZXxmxvTdSOZ2p7HD6u9r4HK8hoVMlCiA8zrnBha-_CxxV4lseUbzc2cChOHrY6wK49E6TlY50TKNjlObR8tDPC57CFcYqPNHZYxDn71qpgzq3Q6ko_EvvlxomBVCr631PWQv_xXi6cLmqRBdzOH0YGkWNzmVqVvRc-xb48INHTzh_ECtkn8PBBAC2_MHJ8dobWnpoYvuzhycEsb7K7derVKxw-uDYEj3QMf852AmsD1wya68JWaO1B6sMy_7zxiLE_Vek4z2Fh1NK1MP3Vj1xYLPtJq0-WI32Nw8so6NLkgw8hkHL7jAiIWGd9rtrxRU6jymcZa_Xw0KP1FQ2XdoRw-y2yNgxygoblF3obj9vJAd4BBDMz76YqoHAfb_KsA_CZHKOTo-n1Of6dsDifC0C8Ehu-MK6Hh-jLXWVCyRXu6waLJMLo2g6KoKUReq5xbuB1wlKqctl9utYT8NRfMx9NZvKUESdiiilFJYGTaRKUfRafTY5bybJzyIUHz1ClmIDRXQ2-aKwKCm_JtERHSf2hoi3EWLX7IGwjo-jAtRSH1HqpTqNtu8ixv9HyRtsTw9UcOsIqW0Eq9yRetDVO1s0eDPAVnsPoPPkmTUVdB2h0T8acSqvyIJ7qthxrC-EhaCIX7rYRLKisHGpF7sutRTynmMfKYHHEyOWWNTxdtNaQg2vKTVl6onW3RyavBFM4ZC7LP8rV8gi7VxUrBp15E7RsZpERJxH1ofUEXrEgrOyVrHjXkHqO1XCnefiK-tuXqaD5xh2DY9SmFOebarI-0R_p19u2e_yNt0_avLtjUbPEqaP20NQAbBrCtoj2PGszJNWYYwesMgKELM7ZQDJdYeZhmdMQqoKtOQ8sfgdKJJLvOTSkj08ZGPzE0XMVQeZiSTmWaul5HGvaJsH4v9K8D-SxsndHimARq7f51bZRGCt99h_DnTDXIzdSOwlsmfG8bISTKQSymtKVXokIhnxG_xErOgadCv2B4RZgkMzXBm-Ez70Q9IsU1AB1P5EOt5w8yjdEbokU48VFe9OFRIHl_BqVMynNp8HMdoHYV2Vt71v9K5N7XNqy6oX9UbDAo65pU05VwYdBIi75AQwNajYbP7M96OP0aw1WpRlLxkUowf8pBlRxc-rEj3H1QPxrQrmUpVJaU0Bd0tDYh8xVTK9v3_3a-zao4RAbeJ-VLdvMO8HvgG0ShE5vk_RcN1vTaXxQsHtLfyI8pZumYHyoogZe2iahSZ7n6scPaSUYwemUt7rzxElYZ-j77QuaWoSBpQHOg5vIPu9IPYtIxrZM4eU0HL7aEAl4KBdS4fwl72DjTNUjs2VVToUCoFpJV3Z2erZJVXd-ZtA3eOJ2bks-ox-jwz_lONA-5PYEYxzdP_mLxu4ApXuEuAR08TppnoveBJmeTjH4TRk9X5czbRsWDGqiKkWFZ1oaSh7dZ2oVgJ6S-HiVpV4mELHZ7ZT9mpLNVfmcFXcqbWgLPJwvpd6Ji58Vg1qPidqzEjKqdtOGAN3JFe53FfSPvW9PH2swQ2fiuDOdrbd8uo_CrjPUfWggppu1UHix2ZkS4M7wShNhYQKt_GhUYXAU3pEtfWvy6xLlYbfGTZiI7JtRH5XiDUBHq-MJPCHghou9uAqdwC408wz4w1soqHIOOuzMQt9jZ9Uq9ayrEi9pviFCUqmZ9jnqFW-Mxe26sIFphBxQZAlNoof2Bqlc3Gztsr-Lr-XeW2UxPgiSY-vqL3dTTSK5u-L9LZG4aqNev2bHbAtQ2XyNPFZtp_jGprMcCQV_SSYWZOUdKkUouhy4wOGx_bf6zkR54LHWYfWAhUxCb6CQdL_pt7Nk5sCufK8ZI3bGMih6ywuXsOn6decVsIiIbX-yESpC1SS-AAKnuJc5Dg6TcJROY8SshLjweOcneefefbbzQDc59w0IEco0ZQ2aM8s6HlkviX1ovT9ae9Ok7bonWQq-w3a7ttIPmYIL4Mpx1dU-u6qMzJQlA5Wr8O-XHUePV242NJPm_Z9GFrqzEoytIS59TmWndaCPzX6nLEnqL4Jxlv5HF8lhXlYplbNd-8cEefV73bfHkrODqjd7EAy7A-r3OfIf0c42Mor1zGS5P4803LzTOrd1Xt8XUEnQJuCAc-itEOw5gmYFo4dP7ZJWT5sy4CSudFw-FjowS6qDLNNTfAyIHpQbRIdb1-B8ME3y14SNMDKTEfAFIg3q8npXnOqTqbS3PvdRDHhgQMrm86xLqQgrOK85ELCl68zHIrAlt-vKvgCXQyEqfsqXp8Zak-SJKQKVkVy0dvZtRn_IM21j0SeTZ8G1sZ9Yl_q9Axf4dFiEy4WlR_3V3Xc0QrC2AsPuXeJO7nwYB-jsy0NCGJs8h1GpfTXZ_UcrhN9Ijq9_Bnp7WwanxOLeM2a3CvCJUXK3KvJ1YmPY4Hoc_7ecs2KIs0Yd5B36wPo-ynbZw2a9Cc-4w7ExLW_IHnJFA7kZVNSXpeXg6a0DDz2rN3V-xOzujZT3iZpEqO1pUpwRIn04gjSrBCzTraQ-RkYqK-W958nwc7xhP5h45Kc_t9Rp54fdKgQEoR8xTxZjePAjRboNfo4iMJYBoKaNTr-KzoUW_0osWjmGZfJwhds3J7spH40mojGrjBJ7cvPVnZT-t6pK3Lqc0kYhr6hG-n0XSifSIBZ73sP4z50l5K1GiWbd2wmrVtK_WB1N90PO2AeQsEIj6rgydhQs3XHWqsZ3njAXl5Zg0EEIq5U7U1uvfZW2VzIa3K40-S_LboEIegM-T_N7xsFrkCpQP0gBdFv9YoLszs0QH8BxWHx-scI51QRdZiIxBNUwYUhQcWWneEwoV4gRyLewpSl0ULw_hgzM3Y9rzpB_1xrv8-cPQplTmyrgYn3oJV3FEAb0ktg41GQiudsIusEp66jti_XSl8w3CjHMR5MfkiTphNqULzpYUCJmC3kr_VQ-kccRT-X2j2fPwvTXwwojAIo-lFpZccj6H11X9kpvmr71XFNCfJX-h1GpiuWJ62Jmi0_rukHTprlrCOQ4tYfDsbOJ8Kl6PXTfpEvALHcAljz8Zw2zKCaiS52AJYc4Dzv83XThziK_lXCMRn2PyRCQ0-jrnCCltgRtZIGmiTTMfxmPrjIHjzvQjm_-Qzq_G3toZn4VJeFJn5di-YUMdLZg0WsK_NIzn-q7O5MYUvRrx5BXmBh-zPsCgUoOSrVyZAOHgBs1Pnwr3xL3nXu3uySo_7K1_8nhPsE27ppIF0oLzd1rDN0dquTNBeUPgrqRcdP9YJJBYz5mBUt7sI53GeQ-uZqzg9iONdUlTlf58uoiGD5TD-6KBo94DDqbiCo94omIyVw1SOfjHBE2fQ23fmOu7Ir7P6EchFltfIBfWGw7BmRzoW7DdE5RQVBTgwTxEBufm7SYsemJaHeooFBZ9_Z51IDy0KDg9ExpsqjHkEvned5upOeFZGV6-soAPv_wbXoLQewx0CfLzYfdzuxI0YWsnNY94k4Th9kGn3G_j7sDmVKUzqi5oqvEAYlFQmpEplGWO5ZbwLVog0NG7R9sRow1NpwRo04yRiPrwpxPpY6ygm9pdMG8vKbbqILlS60g4MgDGBlN9golTPw58KFpJQwA6uGw3f3iklIk_hue_mWmY7SEWoPbN8jbI4OgV96HElDdhJwxS4vmygU_zKYYVusNlAV4i_TiPbYyQIH3CoX4PaSRIp3FghqFJExdhTfXp75is-syjgt4BcKJaq7gfsc_djkjnY5pFiIYNGlTwyXSYRiKe5fSw&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=281293051867496320&adk=2228999115&idt=102&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e660c0ccbd8b5225437ff15c0ce078696853c0815b26756c083472612241aadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 118A 0
56 B 42ms
41ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9514456425640&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 118A 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9514456425640&version=m202309260101&ct=77&x=1&cor=1850977446373975600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 118A 35 KB
20 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYFJHZOzpzRAFdBqb4ErX4kBBh0pHbZNAoyGcBIrI4ZkRS8k9bglbMIJdEN5IXiAbDb2Hh9bmViZUnTZbxOiNPUvJrwZchL0A_8aKFpfmefjbiTuvNieoXlrNRWz8RJ0UWZeAELNOAw5QeCXQvhbEQ2EB73AtEgpV2FDHHzHmYXfxFrw0&cry=1&dbm_d=AKAmf-CJ1Rl4Yw-pkUrPFPsCfb0nXE6uQTJr7e1iIxqkZRsUd09EvLkslEOW9n1nq73fzt0FuvrAE0oULHmICGfQT909Dr9NSoJdLyCJnclo5VNNwZhlK_dVGsZF8_PDGEN_qasSGMgFPQfuOsuveKmQ-2NiMyis96hWEuJKjEWQGREGZe-DVLYJ8U3I2brBnTlm_BulArzA_8eVHBmbOk00tTV-vJvFZHofvgRP8j80fWTjBeQFwPSUHF4UuEPdN_GLGR5MjMZ4zQt7dBCAttw0SW1uG5swSxoe3AX-dfjzcqgobr-cj8QRJgaZDEcmqGUIplbZ0JIw5k7lLo01iQiv2Qx88WW3uxPN4sv2MbXRkuBYUDWKV2j-yx7MvtPgBUnf6WfmUi3CuCSz9wmMSgTErcYQsKRfgNRyxRkx8vJ0xMwp4N0GJXhoPlcN0kgsC3GeZNg-trc6DzO_SkVsSUq_K2yif1vb_C3pForjrWCX6xuRqd-e-dmvKLxangmEKod0ygdscF7fBRApzjK8ammjw2cS148sGYWni0yU1NOPDgx1gXYdQ3c8SAJBOOXpuoFGmCi7js4rZgnIq4xGepYTx9_VlhyXbYMOuaIrVrEZoK9MxSegTBoiZZ51QhHYTVrLzS2n70TeShxRzqpcjRFkCD2tiiuolo-OuiCOHDv79G2uF5JVUTJXiXGv5BWw1pH3eKCZ3qNE7apRrvXEDSGGmQE3gtR5_qQiKFQ6SiakQlnByqTLhRyb7GARxqE72cTHY11EfYJHDEsBDlB5dz3gcwmg7mSqvQDdjBuEDkCe8xCKOUq1ZGJK7Dmu-wRhpcihp9z5HTVrfnQe6pedj8PIdkzt2-kS3sUfn4S45L4fsYt06kxPV__juIiYOwXdlEXu58Jhk_70gKdK0yqRP5Xm-1sdSRK1P1WrX8z3HwbqN0pXkq78DFR3i8iDugDv2lOjUuI1Rf4pggGXc3zBbfNIaXoVchF7eGcv6h_eMmgQmTvCQA7mzxyaeAEUIP3gbMylvuMTb_HKBYhYvLDXH2Xhp5Ie30CQfDsfUCKxKqe7IDx98ysW-O2HpjPFRSIg_1owWQ6pnwxttwcC7licpCxDdEMdeA-QetBr1Ga7p9MuESjSqldgG4D9nFkN4fYMlAwEWsaFIXAKaWLIHAcCE0Yzqn64CStCUEHO5IPriDjOsWja0Gah8Bb-YjHaDSpvCJISjySR0LpzvLchcvVi1STCqHokMTntdbSWpf_pITid18VenYoVY_YLz48z9vf0Lfdw5hbnFhd5LyTIhWqNPfeMSP7XasFgtRKu6GPIdlNExNWwt9yrV5vJ36RNf3jLo8-rCOVztQWOFgyEaNEitqalvYwPdJqCEgLraakii0Ltj9nwXuCi177WWISLzUXA_hS51Ekd9aQmqKJOba8eR-Lvg6ggGpsyGuc3MsXRvgEH3QGIxqQ1WvB3hyk4c5i2phWMapN76Hkp5aefvLFhn8LOVkQ16Cf1WOX_8hU5n536l6-7m5tBRlWv5nzu_jqTIAu6AzTzDOVXAYfBwQ6r0RDuMjDKxHeUnwQkXdYfOu8UNY3t3zETJIOTrtp9N5NMM7VLOn1AxTQWRqdBlTFm3KoAsUl2uuQJZm5alOPaDuAEIWDoJ01sgxkofAMoBzdz167G0wfGa39yh03sGq2VPMdgllJ8K18ZBzTXGOzaZy0za45ahf7qQB-Bd3sIPj60j6TUetwTl1ytdhcgZ_wkc0rrLTFBScDbGx-wcQ7WntGRYQRNNbE8v7d5fHNVMgeocCjqnxMMnAEW2ySVMJzf8YpC7IgyURnygG84YoS_MNdE-IwfykGsPcPmoRWxN3Sers4qWvTUtcRHBTUgpgVliWOouAzokSCiLytt_R41OEFyiDVJGGdQBlvmm5vCVHNUx44eY7mweVz4wptkZEYMElqOHwODxMFfvCVAGPQcVuceC_KZAHtCoz64qaIB70XeD0XxhUqXpY66zByWihlqEt9VHCgqSLDo1_fyvatmu3xC8hDaUKBCvRB9JoIEikQ1p0RGib0gqfXTbi88DG4m6kvHr9hxQH1fvJzuC5vW_40uFnz7tGokDgJixHdvwQHYuiVpwTTRwKCp9LD17exSxB37h6w1txW59SAdMP9LNtmwgZdDAaik_Yh69T26It5mdwU_ytV5ww-wJY3F5RkD2CMFqIytMTxHR4M2W-Ay-6IMaxvnW1WVYS7PBDczb1g9wETGMLI2oFYIXMYEMYQz2x2Y-WNHU5tYp1En_ulzv4OdvTMSJ4MBQqLtMlYS0NUuT8sSfm-RBN8Wdz9ebNBhUVXLZqidTOpc3MHlDVo9nInppG06Kll0k8aOiJ0PqUsBx3OPuf-Ol6tUslQo-so-eYAU8FTp2NwbfdsPVn6T6tZtvScovZTsvdpA8o2uQtS-IlseLUvTmRbSvZhpdc6mY4rF7SaqB1IQF9TmZLudkwYPkVhJunVm5Rz4oJql9Sw38tDh8RJRPr2s-C2AeqPd7ePnpoKNbw9vdVxp8Orp9yYQoQdRodRiEkT1iv0hoZL4d5FOSXOc4FVkbli6izVQuM7KtxDjIRSJxWsjgmytyurLUFL-e09-oUFowNg4t6qTqFYn-prEbVbX_uzxPdMUmk2SJ-fliTKqNYIflRRGyfFptSFtmskLvYgR6b2btQpO3bAcbpSLSCfLCTxCQK0NzQHMrAOBwaPx9yJc8SBrsstrIoqCjC5s0hh_1ZcxG1fDVF8LrsxSmMc14Vk0WbPoiETMIYs138p5Kw3rXxAVFsuFTLEwUzPEocyr6uW4Q8GQRXJqTYWJEknulp5yCxZRYaLuNPO6NdCbIaCOKMvGAxLp6IYb4_q36HWIBDkMlFEVcZFB9UythrtYeLxZ0JoyPoiVJ6SUK72-V97GLLB9q8ezIASklAO69K9Uq2ihhYI0qdZ4qE7e3AL_sXJCp9x6ZB7t9Ot0PHktE4bsjaCl2Ky1lZcBdvoZNe1GAvRdh50f4XQYAfhoZgTFEdwHm5l0RGgfNRT1-zGZK55izXmNQQYzmlDxOtt6YXyWT8aYUYtxoVUol5MdURSnlCRFq1lfXX8OfRDmMLrowl0UtbhVWW9SaYyrFDHXZMHbo0CykrWyTw_rPguOHdJuEWCnKbuoeJEIQH1xGDnN7o6JiH46pqCnD15a8RToGT8VEQSHy7igCgliHb2nboEm12k_yr3M-JFoIHI0QLazvHOEX2lQS5gRdX108_btvPK1ufxy4rh7OtkD4QgJeGpVz310DlwA4Lp6ZLXaqclUZc1ObI-6qL9KHKPkdFeKPCheVxDou0viki2-3FiCwUKe8a2ud6O0ky4SiT7VMCAZOk3T7CriInVKVni2T_HFpuHvrF2Vx-9CuSfAb9XolXXC9PgAySwFUk-pDVmxTo7RjAhdgG6OEwohxPGxxiCBUFKMk6RCTfb1Imz4fKO07w8VeW3jRWgnQFTTvN-E-eyaDC5Rw7xI3v5RXc3ZyXd5vBb5eMcQjVS1f-OBGcSy8cPcZZVOr3OUPfOZIc8HmBeQIL3RXfxiRdzZREAqQ1HSHgZXUWbP-JmqlunPdsaFGpl3UjQ3GVbYTMqbhPltdTRDGU62A6rrkgquHBADlV7UsLT3CmW86bqAQKRj0oSbcFN-Du6rmLZZILxDC9H3nfeAHc-KQYb_dFYncIx0eBjWAO3KwbPQjHhdISqKq4o2NEuk3xfxNgbQmHZXsZJiCryTKY6v0CiPqrKz87zqi6eiaOirk4NuJdRDI44jofQA5n-DKlMsYEcserkhZayUpQ4Av99XHK8mL7nu9XWkAJzdiFgfA0NxCnMFPDT3J1yueTSB1R6eU7SND21ex_TFOUPvUhdj0kT51yF2AiHPfv0t0l61ER4euVVxIbsAsTaK4gSnWC5KV3aq4oxutTPvE25qvNGK8Gn0mHZBNlYOPDVCe65FZq8HiCHK2VOXTZCndW3ShCd934Pll6-Z4PcOsYYpuOIlGVM4BDMJpGsc4TAM56W1kknxWHEomVVWmElvOz-DEQUYC26pMX1rmpxqnYjQZlgnM_X6aJqjAzLJKyPiMgqbW5uKTyrrJyB5uICZgPi-&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=1850977446373975600&adk=3047537735&idt=150&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a17c1471b9a306a99896ee23829d50b19a3449f5aa1042e933a15af251b46c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 56C5 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527017/ Frame 2C2E 256 KB
77 KB 128ms
35ms Script
application/javascript 52.210.223.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527017/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5289793328419085&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.cifraclub.com.br/oasis/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jnXq6aHoqJYRn7ZFIIaHXA
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.223.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-223-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cfba63679b69fafc6ff3c8d8c2452b99a164ae597af00dd2005b3b38bc9939e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2C2E 111 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46608
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 2C2E 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8g0wHPfC4sPPHBeYMWSDE5MWk1tslvlbVFggh-Slo-lN4SR-RJ7Xc2D3nnmhJhhHk1kI6_MZrbP_YQuzlBQVfbmNa616F-6dM2K-jTiG-U6tB0_ASgpZuaHohuk2OaCu1UXR5lsdFClcVaONGT1kA06z5K-KQoPi-KhZkDy2YLwBRasc&dbm_d=AKAmf-BUV26968Zeip_lSE70BZCEGox-pXoA0fzj_av_Jmo_WTtapxccYvMlMnxIuM7vUczqa5ubGSoNeRo8nRgHScOLldKTRIN77CIMwrnVC0d47Em-XagHe9LuUrVRTCxS21_NZi11vN301U9PQIR22yTVzY08dW8gRT1Kexaoa6GKNePqr3lqqybvg--rpsTaiK938SogUs1NnllhqoF4DUMcQgXEOPlZgJDuUf7DfnojigY_LOB_txx7dikGpgj_sQELuTBsFVyMDLa0U6S4Dp7EOZKcaeR-De5GdEfM44g2MHUWvBnryfD7k0mDDItOexaWOudHadgdAocGMfCXkHG47epoJ3bKX-gQn4Wsm5OXpkNS-bVZXxmxvTdSOZ2p7HD6u9r4HK8hoVMlCiA8zrnBha-_CxxV4lseUbzc2cChOHrY6wK49E6TlY50TKNjlObR8tDPC57CFcYqPNHZYxDn71qpgzq3Q6ko_EvvlxomBVCr631PWQv_xXi6cLmqRBdzOH0YGkWNzmVqVvRc-xb48INHTzh_ECtkn8PBBAC2_MHJ8dobWnpoYvuzhycEsb7K7derVKxw-uDYEj3QMf852AmsD1wya68JWaO1B6sMy_7zxiLE_Vek4z2Fh1NK1MP3Vj1xYLPtJq0-WI32Nw8so6NLkgw8hkHL7jAiIWGd9rtrxRU6jymcZa_Xw0KP1FQ2XdoRw-y2yNgxygoblF3obj9vJAd4BBDMz76YqoHAfb_KsA_CZHKOTo-n1Of6dsDifC0C8Ehu-MK6Hh-jLXWVCyRXu6waLJMLo2g6KoKUReq5xbuB1wlKqctl9utYT8NRfMx9NZvKUESdiiilFJYGTaRKUfRafTY5bybJzyIUHz1ClmIDRXQ2-aKwKCm_JtERHSf2hoi3EWLX7IGwjo-jAtRSH1HqpTqNtu8ixv9HyRtsTw9UcOsIqW0Eq9yRetDVO1s0eDPAVnsPoPPkmTUVdB2h0T8acSqvyIJ7qthxrC-EhaCIX7rYRLKisHGpF7sutRTynmMfKYHHEyOWWNTxdtNaQg2vKTVl6onW3RyavBFM4ZC7LP8rV8gi7VxUrBp15E7RsZpERJxH1ofUEXrEgrOyVrHjXkHqO1XCnefiK-tuXqaD5xh2DY9SmFOebarI-0R_p19u2e_yNt0_avLtjUbPEqaP20NQAbBrCtoj2PGszJNWYYwesMgKELM7ZQDJdYeZhmdMQqoKtOQ8sfgdKJJLvOTSkj08ZGPzE0XMVQeZiSTmWaul5HGvaJsH4v9K8D-SxsndHimARq7f51bZRGCt99h_DnTDXIzdSOwlsmfG8bISTKQSymtKVXokIhnxG_xErOgadCv2B4RZgkMzXBm-Ez70Q9IsU1AB1P5EOt5w8yjdEbokU48VFe9OFRIHl_BqVMynNp8HMdoHYV2Vt71v9K5N7XNqy6oX9UbDAo65pU05VwYdBIi75AQwNajYbP7M96OP0aw1WpRlLxkUowf8pBlRxc-rEj3H1QPxrQrmUpVJaU0Bd0tDYh8xVTK9v3_3a-zao4RAbeJ-VLdvMO8HvgG0ShE5vk_RcN1vTaXxQsHtLfyI8pZumYHyoogZe2iahSZ7n6scPaSUYwemUt7rzxElYZ-j77QuaWoSBpQHOg5vIPu9IPYtIxrZM4eU0HL7aEAl4KBdS4fwl72DjTNUjs2VVToUCoFpJV3Z2erZJVXd-ZtA3eOJ2bks-ox-jwz_lONA-5PYEYxzdP_mLxu4ApXuEuAR08TppnoveBJmeTjH4TRk9X5czbRsWDGqiKkWFZ1oaSh7dZ2oVgJ6S-HiVpV4mELHZ7ZT9mpLNVfmcFXcqbWgLPJwvpd6Ji58Vg1qPidqzEjKqdtOGAN3JFe53FfSPvW9PH2swQ2fiuDOdrbd8uo_CrjPUfWggppu1UHix2ZkS4M7wShNhYQKt_GhUYXAU3pEtfWvy6xLlYbfGTZiI7JtRH5XiDUBHq-MJPCHghou9uAqdwC408wz4w1soqHIOOuzMQt9jZ9Uq9ayrEi9pviFCUqmZ9jnqFW-Mxe26sIFphBxQZAlNoof2Bqlc3Gztsr-Lr-XeW2UxPgiSY-vqL3dTTSK5u-L9LZG4aqNev2bHbAtQ2XyNPFZtp_jGprMcCQV_SSYWZOUdKkUouhy4wOGx_bf6zkR54LHWYfWAhUxCb6CQdL_pt7Nk5sCufK8ZI3bGMih6ywuXsOn6decVsIiIbX-yESpC1SS-AAKnuJc5Dg6TcJROY8SshLjweOcneefefbbzQDc59w0IEco0ZQ2aM8s6HlkviX1ovT9ae9Ok7bonWQq-w3a7ttIPmYIL4Mpx1dU-u6qMzJQlA5Wr8O-XHUePV242NJPm_Z9GFrqzEoytIS59TmWndaCPzX6nLEnqL4Jxlv5HF8lhXlYplbNd-8cEefV73bfHkrODqjd7EAy7A-r3OfIf0c42Mor1zGS5P4803LzTOrd1Xt8XUEnQJuCAc-itEOw5gmYFo4dP7ZJWT5sy4CSudFw-FjowS6qDLNNTfAyIHpQbRIdb1-B8ME3y14SNMDKTEfAFIg3q8npXnOqTqbS3PvdRDHhgQMrm86xLqQgrOK85ELCl68zHIrAlt-vKvgCXQyEqfsqXp8Zak-SJKQKVkVy0dvZtRn_IM21j0SeTZ8G1sZ9Yl_q9Axf4dFiEy4WlR_3V3Xc0QrC2AsPuXeJO7nwYB-jsy0NCGJs8h1GpfTXZ_UcrhN9Ijq9_Bnp7WwanxOLeM2a3CvCJUXK3KvJ1YmPY4Hoc_7ecs2KIs0Yd5B36wPo-ynbZw2a9Cc-4w7ExLW_IHnJFA7kZVNSXpeXg6a0DDz2rN3V-xOzujZT3iZpEqO1pUpwRIn04gjSrBCzTraQ-RkYqK-W958nwc7xhP5h45Kc_t9Rp54fdKgQEoR8xTxZjePAjRboNfo4iMJYBoKaNTr-KzoUW_0osWjmGZfJwhds3J7spH40mojGrjBJ7cvPVnZT-t6pK3Lqc0kYhr6hG-n0XSifSIBZ73sP4z50l5K1GiWbd2wmrVtK_WB1N90PO2AeQsEIj6rgydhQs3XHWqsZ3njAXl5Zg0EEIq5U7U1uvfZW2VzIa3K40-S_LboEIegM-T_N7xsFrkCpQP0gBdFv9YoLszs0QH8BxWHx-scI51QRdZiIxBNUwYUhQcWWneEwoV4gRyLewpSl0ULw_hgzM3Y9rzpB_1xrv8-cPQplTmyrgYn3oJV3FEAb0ktg41GQiudsIusEp66jti_XSl8w3CjHMR5MfkiTphNqULzpYUCJmC3kr_VQ-kccRT-X2j2fPwvTXwwojAIo-lFpZccj6H11X9kpvmr71XFNCfJX-h1GpiuWJ62Jmi0_rukHTprlrCOQ4tYfDsbOJ8Kl6PXTfpEvALHcAljz8Zw2zKCaiS52AJYc4Dzv83XThziK_lXCMRn2PyRCQ0-jrnCCltgRtZIGmiTTMfxmPrjIHjzvQjm_-Qzq_G3toZn4VJeFJn5di-YUMdLZg0WsK_NIzn-q7O5MYUvRrx5BXmBh-zPsCgUoOSrVyZAOHgBs1Pnwr3xL3nXu3uySo_7K1_8nhPsE27ppIF0oLzd1rDN0dquTNBeUPgrqRcdP9YJJBYz5mBUt7sI53GeQ-uZqzg9iONdUlTlf58uoiGD5TD-6KBo94DDqbiCo94omIyVw1SOfjHBE2fQ23fmOu7Ir7P6EchFltfIBfWGw7BmRzoW7DdE5RQVBTgwTxEBufm7SYsemJaHeooFBZ9_Z51IDy0KDg9ExpsqjHkEvned5upOeFZGV6-soAPv_wbXoLQewx0CfLzYfdzuxI0YWsnNY94k4Th9kGn3G_j7sDmVKUzqi5oqvEAYlFQmpEplGWO5ZbwLVog0NG7R9sRow1NpwRo04yRiPrwpxPpY6ygm9pdMG8vKbbqILlS60g4MgDGBlN9golTPw58KFpJQwA6uGw3f3iklIk_hue_mWmY7SEWoPbN8jbI4OgV96HElDdhJwxS4vmygU_zKYYVusNlAV4i_TiPbYyQIH3CoX4PaSRIp3FghqFJExdhTfXp75is-syjgt4BcKJaq7gfsc_djkjnY5pFiIYNGlTwyXSYRiKe5fSw&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=281293051867496320&adk=2228999115&idt=102&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 2C2E 31 KB
12 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C2E 41 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AAB2 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sat, 02 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2C2E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2becf09a3d3c8fd26724dca79849e24d3fbe9baadaf1a440447b142b35c8bf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1B67 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 494316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHRra0xPSlQxUjlhZ2M1&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE...

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHRra0xPSlQxUjlhZ2M1&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE96BTOwi1HWLOQlNNad1lpJW5nt6iLigclUfzcoaYQJEJ1JV4JIfY

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 20:37:16 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHRra0xPSlQxUjlhZ2M1&google_gid=CAESEC1OcxXoWsvEQ-0pTEL0Wys&google_cver=1&google_push=AXcoOmQh9tqfrB2EHl_y5QbyWm6AGmDF6Lk9puCe0Ff2sBE96BTOwi1HWLOQlNNad1lpJW5nt6iLigclUfzcoaYQJEJ1JV4JIfY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldwRC1BQUR2alFkVFFBTQ==&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmQFs29S2U6nrZqnwDaqn9zeRAVWNx...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldwRC1BQUR2alFkVFFBTQ==&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmQFs29S2U6nrZqnwDaqn9zeRAVWNxNoJxNZWj3VSetWyK2od6Fi38ncnvyyEE473SCLOLZevrvPmRT7ODT0Mz3J57mPioE

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230022-FRA
pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701463037.937397,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WldwRC1BQUR2alFkVFFBTQ==&google_gid=CAESENI7fk-s3CQ7hzdadmjYXNQ&google_cver=1&google_push=AXcoOmQFs29S2U6nrZqnwDaqn9zeRAVWNxNoJxNZWj3VSetWyK2od6Fi38ncnvyyEE473SCLOLZevrvPmRT7ODT0Mz3J57mPioE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB2
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF36geKpv5Cj_pIFh-OPh3M&google_cver=1&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJmct3-1kwPM0I

170 B
188 B

21ms
20ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJmct3-1kwPM0I

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQIdKRhMGIlGuXeAZA_wfry1YbNEFgaLYDimgCR14kcmu-wfiRqo2BAWY3Yvevh3mPfTuhhNQWeTppvYMJmct3-1kwPM0I
x-host: tde-deliveryengine-production-6987bbc57b-dk4cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame AAB2 43 B
245 B 47ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEG_0NGiqtWrt6lX-AR0Uqr4&google_cver=1&google_push=AXcoOmS26iRqcnn7oosn5IJdDPv0BjmQ5HyLW1a7lE-bWaBsIGcOkgfPhLUkrQMBS3__wL_dCDe_4z-xzgKer3_cHILM649xyVY
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame AAB2 0
237 B 129ms
57ms Image
text/plain 2600:9000:2127:ce00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEHTZCXeG_Td85HrFtXt9jVY&google_cver=1&google_push=AXcoOmQ14QehrI-4o1iphF7KaJEmCKz9q0wq0h1LVMtQecd5bpXoG3MqM-WXTR1Zlb7WOrsj-lyurvVTviBT6eiTKgWZ8nxkr8M
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ce00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
cache-control: no-cache, must-revalidate
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 4kgmEFloBA8W8AvHShVVcNLxSiNm5J4ndu5PA-dp-vTj3-4VnhI-3A==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AAB2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-49887da4-c07d-4568-a409-5b3825a60202-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRB9WUu9oB-9aAhxJ8t_...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&google_hm=A0mIfaTAfUVopAlbOCWmAgI

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&google_hm=A0mIfaTAfUVopAlbOCWmAgI

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRB9WUu9oB-9aAhxJ8t_aVvlxKvO_eUi-wdfIUZeYgV8-I8IbA633KKK1clXfA0gMUbpkykrfVHUkc0FOKDAndEAI9-ZWs&google_hm=A0mIfaTAfUVopAlbOCWmAgI
date: Fri, 01 Dec 2023 20:37:17 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX49887da4c07d4568a4095b3825a60202003
content-type: text/html

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame AAB2 43 B
146 B 40ms
10ms Image
image/gif 35.157.253.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEABGDLIHkG1mVrmCnnLEuOU&google_cver=1&google_push=AXcoOmRwf8t0FSDenyeA163w3wZssxPUqq8AabnPWyEAF1n2nVMgMNU1fOORDocK_nedRL-LHL19RgsbREno2UNns2FEMcpuAGM
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.253.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AAB2 0
12 B 15ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4JVeWl37ZH2dk9yG4bXTLqWPI2OvaMdaVNMvpGxawTvI4YxL1DbvN2D44cwDQYBiJObZnhg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12784067222800087067/ Frame 9A3B 141 KB
22 KB 9ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 219726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 07:35:10 GMT
expires: Thu, 28 Nov 2024 07:35:10 GMT
last-modified: Wed, 09 Feb 2022 10:31:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C2E 0
0 100ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcj3U9--4A-1phOAe8paOg-LeMhyBLrDgyv9m_Zsvzvp1tzhXiJS8eIJnZX3F4dPmFh2qO4jdxjKGDY7kFu1-x_84J0q86NMcF5jfkoq-zHSVqOMfm5_XqV0e9j35oSH-S-hjgjkXCVoXpvD1gYV7GLis8Cdj3Dw3Jvo0U7FL5RmMwxbKHKeXys9CfHJUFDkpY1d1aEtO8-AxK-tBTyvS55G8pKBoy0CckeU4iU-XUzSk4_K0TGqcVHYVprK5d_NnvuHp9x-6FVJwZK8vZqQ7pnQP5bzHdQ24cTBYtPlYC7bVJXceoWuHIj-aUq7-VDc3WfZu4FDU9mGoURGq4IC1aVOWhwQxpwg07ZGntI_1iEKC2KzZzXBtfPjMBKb_iOGSuMYaAiTmKVQWshWBCxuPb5lRBSK5iWrfGA7JO11d2Kcw6CbPw-TFcAg6pmWi51jMScKdL_ZAhjiXDBl0f1fhvSGHHB4ytGgphrQg5r0NDzYcGbroOwcEXmw5SN_dlbtgWhqFDAKnMAWJmHJcwavrXYdnzuXiNBxDLaWMEW7E_Je69-at1LbybxfCn-g9D8G5ZbFWtpqqbcOVg1Z3AN3Nozw2ktvN-87Mc5oRTfYhUkcNA5fkfpQYnBFc0HKK1FduIGBpTc583VunS6pVO0EORZPFpID-bwj1RRR2BrS1jK3h2H0ZXpR__xEMUnjq2079sCRJ5wOkb93tH6ppdviLvE8oh7Lxl2at0k3Ova1pqFR8I9-CUW2GA_ryDXDffFu4bLtktUxC7aFQaVYMjV4s8nitCl-cppNMM74Z3TibVeVO4f3ycZEpnwXFGs3HjjNAlI8WcE_WsDEsEW3A3fghRAjspzj-zK0i4z79OsuVvc21BtgmGELDdr8fg9kVpP_3M7sfPn_29n3164rGd4_MjstBER9b_9LfzKT-ldLUZ1b0M2FJ9iNoXELKfeIvWqq4zZns9HlHdHl8nvMyuQsOuRkjKKpkeTAAZEWv8wMeH8FG6OM_BWiP7HUELucFM2e-9oxJHXLL4C1XlznDKU0frH_oHVy5vjZbEdkXdLOX4xYor0szMr0cOQwE6tnfXBvoKUxcNDdAN4zwPbBDTEpqxPMper2662by0XIpmL7PLsiUQLG9hQ5_2okmS5QM9QiQRkxy6nwcc28J4lAHMRGjN25h2BxaDtDCNMANcrYvXoVJrchq9VO3qyc_Ig4kk6NKTM9sfICXpmJAFeKACL3YS7b__XFWKkePsU7H0ibMHa0EH8J4GPtSahTlf4VhpHGtsTqXbT-B7xs28DkLs9avKmP8NavgVs6Jxh0g6F5teZA7SIWi8mZCmyhPO2CZJyxGEF9iwFk-QNfsJ9Xg1RSsqfq1v9zOWoruyquBO0J3RT7oUvWrwMFoy1RR8w9b-fWKpWPEm2qUtEgkKinucnvtaRES6Po0Gwh1obODcB45M6O8_QPEHdljLpKWIcP9lTHMgEpkLFmPn7PIyPCxPHg5XHb4tfTxt24dXNCGXFYmYJeM3Tw5n_wPu-kKyf47LkF3468aXASM&sai=AMfl-YQ9ZpaYv38PlXc82RnYXbMYTiQZh15kM_XCc7ARRSnzEpUM4BOR6JnSOURKxcjo8I_HZhjPGoVDsXg0ooASWqqcbwa_7A8nDNt5_gdZIsvdFYue7QBYO9H5czHc6yJjkR5Pix6FckFGN_fHKfMlfWcj7aZvNDOn6UTlUgcykhEmbgwHQQd1QmoEkF-5A2RKXkeSO9q0bj3IsfIIJsQMa7Vjzq-_Hwg8dFQNhLjKtoq8hNtyLwQKAN5icSAAgqUKgzKubLHg0-Fw1d49ohYZfmlJKvBsSoU&sig=Cg0ArKJSzA_UDrEfRjBhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=43&cbvp=1&cstd=42&cisv=r20231129.50206&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ctaarrow.svg
client.bannerspace.net/111329/ Frame 9FEB 274 B
426 B 15ms
15ms Image
image/svg+xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/ctaarrow.svg

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_300x250.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://client.bannerspace.net/111329/banner_300x250.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:16 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 210
expires: Fri, 01 Dec 2023 21:07:16 GMT

GET
H2 200 NoaLTStd-Regular.woff
client.bannerspace.net/111329/ Frame 9FEB 23 KB
23 KB 53ms
13ms Font
font/woff 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/111329/NoaLTStd-Regular.woff

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_300x250.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.bannerspace.net/111329/banner_300x250.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 23664
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9A3B 29 KB
10 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 00:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 00:27:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 118A 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYFJHZOzpzRAFdBqb4ErX4kBBh0pHbZNAoyGcBIrI4ZkRS8k9bglbMIJdEN5IXiAbDb2Hh9bmViZUnTZbxOiNPUvJrwZchL0A_8aKFpfmefjbiTuvNieoXlrNRWz8RJ0UWZeAELNOAw5QeCXQvhbEQ2EB73AtEgpV2FDHHzHmYXfxFrw0&cry=1&dbm_d=AKAmf-CJ1Rl4Yw-pkUrPFPsCfb0nXE6uQTJr7e1iIxqkZRsUd09EvLkslEOW9n1nq73fzt0FuvrAE0oULHmICGfQT909Dr9NSoJdLyCJnclo5VNNwZhlK_dVGsZF8_PDGEN_qasSGMgFPQfuOsuveKmQ-2NiMyis96hWEuJKjEWQGREGZe-DVLYJ8U3I2brBnTlm_BulArzA_8eVHBmbOk00tTV-vJvFZHofvgRP8j80fWTjBeQFwPSUHF4UuEPdN_GLGR5MjMZ4zQt7dBCAttw0SW1uG5swSxoe3AX-dfjzcqgobr-cj8QRJgaZDEcmqGUIplbZ0JIw5k7lLo01iQiv2Qx88WW3uxPN4sv2MbXRkuBYUDWKV2j-yx7MvtPgBUnf6WfmUi3CuCSz9wmMSgTErcYQsKRfgNRyxRkx8vJ0xMwp4N0GJXhoPlcN0kgsC3GeZNg-trc6DzO_SkVsSUq_K2yif1vb_C3pForjrWCX6xuRqd-e-dmvKLxangmEKod0ygdscF7fBRApzjK8ammjw2cS148sGYWni0yU1NOPDgx1gXYdQ3c8SAJBOOXpuoFGmCi7js4rZgnIq4xGepYTx9_VlhyXbYMOuaIrVrEZoK9MxSegTBoiZZ51QhHYTVrLzS2n70TeShxRzqpcjRFkCD2tiiuolo-OuiCOHDv79G2uF5JVUTJXiXGv5BWw1pH3eKCZ3qNE7apRrvXEDSGGmQE3gtR5_qQiKFQ6SiakQlnByqTLhRyb7GARxqE72cTHY11EfYJHDEsBDlB5dz3gcwmg7mSqvQDdjBuEDkCe8xCKOUq1ZGJK7Dmu-wRhpcihp9z5HTVrfnQe6pedj8PIdkzt2-kS3sUfn4S45L4fsYt06kxPV__juIiYOwXdlEXu58Jhk_70gKdK0yqRP5Xm-1sdSRK1P1WrX8z3HwbqN0pXkq78DFR3i8iDugDv2lOjUuI1Rf4pggGXc3zBbfNIaXoVchF7eGcv6h_eMmgQmTvCQA7mzxyaeAEUIP3gbMylvuMTb_HKBYhYvLDXH2Xhp5Ie30CQfDsfUCKxKqe7IDx98ysW-O2HpjPFRSIg_1owWQ6pnwxttwcC7licpCxDdEMdeA-QetBr1Ga7p9MuESjSqldgG4D9nFkN4fYMlAwEWsaFIXAKaWLIHAcCE0Yzqn64CStCUEHO5IPriDjOsWja0Gah8Bb-YjHaDSpvCJISjySR0LpzvLchcvVi1STCqHokMTntdbSWpf_pITid18VenYoVY_YLz48z9vf0Lfdw5hbnFhd5LyTIhWqNPfeMSP7XasFgtRKu6GPIdlNExNWwt9yrV5vJ36RNf3jLo8-rCOVztQWOFgyEaNEitqalvYwPdJqCEgLraakii0Ltj9nwXuCi177WWISLzUXA_hS51Ekd9aQmqKJOba8eR-Lvg6ggGpsyGuc3MsXRvgEH3QGIxqQ1WvB3hyk4c5i2phWMapN76Hkp5aefvLFhn8LOVkQ16Cf1WOX_8hU5n536l6-7m5tBRlWv5nzu_jqTIAu6AzTzDOVXAYfBwQ6r0RDuMjDKxHeUnwQkXdYfOu8UNY3t3zETJIOTrtp9N5NMM7VLOn1AxTQWRqdBlTFm3KoAsUl2uuQJZm5alOPaDuAEIWDoJ01sgxkofAMoBzdz167G0wfGa39yh03sGq2VPMdgllJ8K18ZBzTXGOzaZy0za45ahf7qQB-Bd3sIPj60j6TUetwTl1ytdhcgZ_wkc0rrLTFBScDbGx-wcQ7WntGRYQRNNbE8v7d5fHNVMgeocCjqnxMMnAEW2ySVMJzf8YpC7IgyURnygG84YoS_MNdE-IwfykGsPcPmoRWxN3Sers4qWvTUtcRHBTUgpgVliWOouAzokSCiLytt_R41OEFyiDVJGGdQBlvmm5vCVHNUx44eY7mweVz4wptkZEYMElqOHwODxMFfvCVAGPQcVuceC_KZAHtCoz64qaIB70XeD0XxhUqXpY66zByWihlqEt9VHCgqSLDo1_fyvatmu3xC8hDaUKBCvRB9JoIEikQ1p0RGib0gqfXTbi88DG4m6kvHr9hxQH1fvJzuC5vW_40uFnz7tGokDgJixHdvwQHYuiVpwTTRwKCp9LD17exSxB37h6w1txW59SAdMP9LNtmwgZdDAaik_Yh69T26It5mdwU_ytV5ww-wJY3F5RkD2CMFqIytMTxHR4M2W-Ay-6IMaxvnW1WVYS7PBDczb1g9wETGMLI2oFYIXMYEMYQz2x2Y-WNHU5tYp1En_ulzv4OdvTMSJ4MBQqLtMlYS0NUuT8sSfm-RBN8Wdz9ebNBhUVXLZqidTOpc3MHlDVo9nInppG06Kll0k8aOiJ0PqUsBx3OPuf-Ol6tUslQo-so-eYAU8FTp2NwbfdsPVn6T6tZtvScovZTsvdpA8o2uQtS-IlseLUvTmRbSvZhpdc6mY4rF7SaqB1IQF9TmZLudkwYPkVhJunVm5Rz4oJql9Sw38tDh8RJRPr2s-C2AeqPd7ePnpoKNbw9vdVxp8Orp9yYQoQdRodRiEkT1iv0hoZL4d5FOSXOc4FVkbli6izVQuM7KtxDjIRSJxWsjgmytyurLUFL-e09-oUFowNg4t6qTqFYn-prEbVbX_uzxPdMUmk2SJ-fliTKqNYIflRRGyfFptSFtmskLvYgR6b2btQpO3bAcbpSLSCfLCTxCQK0NzQHMrAOBwaPx9yJc8SBrsstrIoqCjC5s0hh_1ZcxG1fDVF8LrsxSmMc14Vk0WbPoiETMIYs138p5Kw3rXxAVFsuFTLEwUzPEocyr6uW4Q8GQRXJqTYWJEknulp5yCxZRYaLuNPO6NdCbIaCOKMvGAxLp6IYb4_q36HWIBDkMlFEVcZFB9UythrtYeLxZ0JoyPoiVJ6SUK72-V97GLLB9q8ezIASklAO69K9Uq2ihhYI0qdZ4qE7e3AL_sXJCp9x6ZB7t9Ot0PHktE4bsjaCl2Ky1lZcBdvoZNe1GAvRdh50f4XQYAfhoZgTFEdwHm5l0RGgfNRT1-zGZK55izXmNQQYzmlDxOtt6YXyWT8aYUYtxoVUol5MdURSnlCRFq1lfXX8OfRDmMLrowl0UtbhVWW9SaYyrFDHXZMHbo0CykrWyTw_rPguOHdJuEWCnKbuoeJEIQH1xGDnN7o6JiH46pqCnD15a8RToGT8VEQSHy7igCgliHb2nboEm12k_yr3M-JFoIHI0QLazvHOEX2lQS5gRdX108_btvPK1ufxy4rh7OtkD4QgJeGpVz310DlwA4Lp6ZLXaqclUZc1ObI-6qL9KHKPkdFeKPCheVxDou0viki2-3FiCwUKe8a2ud6O0ky4SiT7VMCAZOk3T7CriInVKVni2T_HFpuHvrF2Vx-9CuSfAb9XolXXC9PgAySwFUk-pDVmxTo7RjAhdgG6OEwohxPGxxiCBUFKMk6RCTfb1Imz4fKO07w8VeW3jRWgnQFTTvN-E-eyaDC5Rw7xI3v5RXc3ZyXd5vBb5eMcQjVS1f-OBGcSy8cPcZZVOr3OUPfOZIc8HmBeQIL3RXfxiRdzZREAqQ1HSHgZXUWbP-JmqlunPdsaFGpl3UjQ3GVbYTMqbhPltdTRDGU62A6rrkgquHBADlV7UsLT3CmW86bqAQKRj0oSbcFN-Du6rmLZZILxDC9H3nfeAHc-KQYb_dFYncIx0eBjWAO3KwbPQjHhdISqKq4o2NEuk3xfxNgbQmHZXsZJiCryTKY6v0CiPqrKz87zqi6eiaOirk4NuJdRDI44jofQA5n-DKlMsYEcserkhZayUpQ4Av99XHK8mL7nu9XWkAJzdiFgfA0NxCnMFPDT3J1yueTSB1R6eU7SND21ex_TFOUPvUhdj0kT51yF2AiHPfv0t0l61ER4euVVxIbsAsTaK4gSnWC5KV3aq4oxutTPvE25qvNGK8Gn0mHZBNlYOPDVCe65FZq8HiCHK2VOXTZCndW3ShCd934Pll6-Z4PcOsYYpuOIlGVM4BDMJpGsc4TAM56W1kknxWHEomVVWmElvOz-DEQUYC26pMX1rmpxqnYjQZlgnM_X6aJqjAzLJKyPiMgqbW5uKTyrrJyB5uICZgPi-&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=1850977446373975600&adk=3047537735&idt=150&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:51:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 118A 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQ2MzAzNjg2MzIzNQogIHNlcnZlcl9pcDogMTI2MDY4MzQwCiAgcHJvY2Vzc19pZDogMzc1ODg4MDU3Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0...
ad.doubleclick.net/ddm/activity/ Frame 118A 0
591 B 45ms
33ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTQ2MzAzNjg2MzIzNQogIHNlcnZlcl9pcDogMTI2MDY4MzQwCiAgcHJvY2Vzc19pZDogMzc1ODg4MDU3Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1ODU5Nzc0CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly92b2RhZm9uZS5kZSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiA4CmV2ZW50X2ltcHJlc3Npb25faWQ6IDE1OTMzOTAwMTg1NjEwODk0ODkxCmRlYnVnX2tleTogMTM3Njk4NDg2NjcwNzIzMDc4OTcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTAxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTg1OTc3NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MjYyMDAzNAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzkxMzc3MDgwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE5ODIwNDgwNTQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM3MTkyMjg0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3ZvZGFmb25lLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vb3RlbG8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9saW9uZ2F0ZS5zb2x1dGlvbnMiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:16 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x347600a7f619f7c80000000000000000","13":"0x38b499c9bca523d90000000000000000","14":"0xfccbc34778f484fc0000000000000000","15":"0xa98501750932fd7a0000000000000000"},"debug_key":"13769848667072307897","debug_reporting":true,"destination":"https://vodafone.de","event_report_window":"345600","expiry":"691200","filter_data":{"14":[],"21":[],"8":["5859774"]},"priority":"0","source_event_id":"15933900185610894891"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/630/s1.adform.net/ Frame 118A 37 KB
17 KB 156ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69977905;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19820480540&extPm=19820480540&extCr=537192284&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CHf9B-0NqZfPMLKeQ-cAP8NWNgAKDvYfDb7Si9ObNEo2A5LbrAhABIOC8rSNgleKQgqAHoAH2vq2YKMgBCakCe9GgUoErsj6oAwHIA5sEqgSjAk_QSsDs-tst3gRMPBl9VjX6jbNPkvuig8W7UvXIOuQ42lcoTQTqeVzoc6-Xuri1lwjlf8KntgmKjucG2qlcvumeud44efihSyA8KOizehRcIPlddftDphPl61GfZZPHK_-2dw6KfE_XNE4lnhdy_Dj2bVNItOkvjXn5nzMYlbsYmVuUQcU-oQszOYNTST6UliI7V7CZ9XosK08m2PIixS8I6RSFr3nsT_4DI2nMcbrx0JJ3KIr_BMnl_UB1qNKD_vmn20NR5Mw0CVI1y2K3tY4rYkizx3TO8rSDhjRNTcoW6LRynt4kjOeVsEEIkdkToh1FNL8QTR8gZ5wz6dhTaB8HOhSgs3xdWRZmiAmNobS1LIpGbYpHeBoc58RV4Vasmd6bTMAEqqjM35EE4AQDiAWckJLrSZAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljK8dvei--CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwi3kd3ei--CAxUnSB4CHfBqAyCwE6TO5RXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&sig=AOD64_0fVmxhFOy_DMF40b0eq20ewVYoFA&client=ca-pub-5289793328419085&dbm_c=AKAmf-Bwlez0URuyAjyaJdeOJdkDulVS1tkn84L53u9WrJ68zOx5yRBawAUl4574F1gDwuK_YqLM2liYemciayv1KKeK3L9Aslls5307_xbOxvhu1aUrhiEvTorbEmg3Sf6FeHWLSjD_NRaHue_pFOpz8quAVfoGJb_MUO-RaKqt7M6gKBhAGA4&cry=1&dbm_d=AKAmf-AASeOnYebCxQ3HIaxJBa8W2GBotpxseAKN05s1-c0UoPQmfkNjBiZ79AivE1S7UuMoiKVPT9laeSWE_xmyR0P0-r5NKYmM_mfRS5xDOuF6MYGtv3gIuW7pFCBM9yCyoNlIE58540mJDlRozj44HQLt1OVMxD7M1YUmwe-lQMHZ5D-zKM1On2cV13P804x8wyrtv08LRRcdwYlfmjBl9mQJtK6h6n5YsUaBMmujM3-WhTBIgmKczru6FirOMnqbIYHTL3ZDqzCf5YwhqLL6umqsqJEaSkeH92WZVysvk0fwR86ZwYDRrI8ZS7LfPZbyQjTge2uvVEErZ7ihHFovnIAgKPgePSomC8LD79pGetRnQycLIxdfvBo8WjCcQMMF1TLhDznqF0hMLDFUqm8Ly4vfGELxTDvFsfkU87rjrFDxGe_7W5mLXKw_nTiJWEDb_sQdCi2aVVkIvh-8Q3tTFOIgrJId8YCvsgzS4MK9pr-HjNxsD56ylamJV3QV96E-RNG4Cmr5lbDI5H076FMSwvNCYiA8OLzOLAkrjw-x65bjLk2PtZAFQYxPb6S8fKluKML1aPrS&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: UPDATING
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:20 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B67 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56C5 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdS8m-0NqZeG-LKeQ-cAP8NWNgAIAAAAAOAHgBAI&bg=!vL-lv_DNAAY3kmNgF5I7ADQBe5WfOHG90rLaimFHG-bk8e7hRCzexPi3GufQ2WqqiVldybuKvva_elgF0wXUn-nMiIz2AgAAAGxSAAAAAWgBB5kDAcDX9zwBuT59TdAghXp9-36-zumYliADy2p3Wz558tbgDc5eiQvNF9lK5vcUIe8iSsA_fS1YZRNOpWF59qnPVrn-NW73ZgpN9jwfSs14VGrQS4BnpDM3lDgeq1DAJWDlWcT89MvD-UhFbS2EtzXuhP9EJeOLnEt0h9kM5VCe0kkXJnV7Ia_TqLJ5Agkh8xNBfEWkripbxMEhWns2O5oHnZcJee7e7UJ26PJNIpfKeYqwfEJUvcYq-HodCT_VgahyZtWMgIQWFbpkBYCEbAD8I43bCmNCZsMFBmJCIjiX5ZTivek5sHcr4nuf-ANEFOPDiKGlT5MXo_eGY-Uo9PJL4-Cad_2oWhWjMEvPv-rAgE6g6ZK7Mi0dOGuoD__EATZBY44mxlsPSal6psHVZmzNIYMOygweS_5vKMeSo2RDX-23iEPfpSD4-NY0WBUfXSVm59t9F7LQ6FJ3yYvLeJXoUJRLYHJjvFmuSxbn4LCyYsdmMgCM4RMo6ZKHtdcYd3OgQU9J6WnvvZ9m5CVCKozjYrhKKoUBWVP5WqjKRWud7maZLq9lO9EBLaCPMktCZ9m59ILrzoQeXHhKgApzIjsonJ6dPoDBi9F6Sy0irILU0rT_hBLLdoKZA_dBszI4kdZYU1Gq88gkfC_sqXzd0PBbc6b3JDKutOwV_krCPChPTG271qkctdb4ElDDT2xGuedAnL5GZS9QwWBtR_FtVObPZ5hWBecMPp5DAcgKhsIx6ixr2n9tD6q4pYLbGzvbsz_IEfqyv6324zHQyLjQZkXSc6O6fo3ISINRCjt65u8pHJUnXUzroJottmhOYIzPaFFu8hvABrBczpdlNERGxn2JEY9muBpJNUE3PXsUA0C_e6BibPSp0KCsxapGHRIwnLcfnbapJ9x8b8AceqDxFaYp969D-dVDaw8AEiMwBIcle3-uKxFhpo_Y5W3_SjtfkkBqehz6cdAg8z-0QBHcw8X20lUDnHlWOEx4mLIw6XXNvvQX6u2fiPukvXsoBrLGfPgDqm0

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2AD4 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 494316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 03:18:40 GMT
expires: Mon, 25 Nov 2024 03:18:40 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2C2E 0
0 45ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcj3U9--4A-1phOAe8paOg-LeMhyBLrDgyv9m_Zsvzvp1tzhXiJS8eIJnZX3F4dPmFh2qO4jdxjKGDY7kFu1-x_84J0q86NMcF5jfkoq-zHSVqOMfm5_XqV0e9j35oSH-S-hjgjkXCVoXpvD1gYV7GLis8Cdj3Dw3Jvo0U7FL5RmMwxbKHKeXys9CfHJUFDkpY1d1aEtO8-AxK-tBTyvS55G8pKBoy0CckeU4iU-XUzSk4_K0TGqcVHYVprK5d_NnvuHp9x-6FVJwZK8vZqQ7pnQP5bzHdQ24cTBYtPlYC7bVJXceoWuHIj-aUq7-VDc3WfZu4FDU9mGoURGq4IC1aVOWhwQxpwg07ZGntI_1iEKC2KzZzXBtfPjMBKb_iOGSuMYaAiTmKVQWshWBCxuPb5lRBSK5iWrfGA7JO11d2Kcw6CbPw-TFcAg6pmWi51jMScKdL_ZAhjiXDBl0f1fhvSGHHB4ytGgphrQg5r0NDzYcGbroOwcEXmw5SN_dlbtgWhqFDAKnMAWJmHJcwavrXYdnzuXiNBxDLaWMEW7E_Je69-at1LbybxfCn-g9D8G5ZbFWtpqqbcOVg1Z3AN3Nozw2ktvN-87Mc5oRTfYhUkcNA5fkfpQYnBFc0HKK1FduIGBpTc583VunS6pVO0EORZPFpID-bwj1RRR2BrS1jK3h2H0ZXpR__xEMUnjq2079sCRJ5wOkb93tH6ppdviLvE8oh7Lxl2at0k3Ova1pqFR8I9-CUW2GA_ryDXDffFu4bLtktUxC7aFQaVYMjV4s8nitCl-cppNMM74Z3TibVeVO4f3ycZEpnwXFGs3HjjNAlI8WcE_WsDEsEW3A3fghRAjspzj-zK0i4z79OsuVvc21BtgmGELDdr8fg9kVpP_3M7sfPn_29n3164rGd4_MjstBER9b_9LfzKT-ldLUZ1b0M2FJ9iNoXELKfeIvWqq4zZns9HlHdHl8nvMyuQsOuRkjKKpkeTAAZEWv8wMeH8FG6OM_BWiP7HUELucFM2e-9oxJHXLL4C1XlznDKU0frH_oHVy5vjZbEdkXdLOX4xYor0szMr0cOQwE6tnfXBvoKUxcNDdAN4zwPbBDTEpqxPMper2662by0XIpmL7PLsiUQLG9hQ5_2okmS5QM9QiQRkxy6nwcc28J4lAHMRGjN25h2BxaDtDCNMANcrYvXoVJrchq9VO3qyc_Ig4kk6NKTM9sfICXpmJAFeKACL3YS7b__XFWKkePsU7H0ibMHa0EH8J4GPtSahTlf4VhpHGtsTqXbT-B7xs28DkLs9avKmP8NavgVs6Jxh0g6F5teZA7SIWi8mZCmyhPO2CZJyxGEF9iwFk-QNfsJ9Xg1RSsqfq1v9zOWoruyquBO0J3RT7oUvWrwMFoy1RR8w9b-fWKpWPEm2qUtEgkKinucnvtaRES6Po0Gwh1obODcB45M6O8_QPEHdljLpKWIcP9lTHMgEpkLFmPn7PIyPCxPHg5XHb4tfTxt24dXNCGXFYmYJeM3Tw5n_wPu-kKyf47LkF3468aXASM&sai=AMfl-YQ9ZpaYv38PlXc82RnYXbMYTiQZh15kM_XCc7ARRSnzEpUM4BOR6JnSOURKxcjo8I_HZhjPGoVDsXg0ooASWqqcbwa_7A8nDNt5_gdZIsvdFYue7QBYO9H5czHc6yJjkR5Pix6FckFGN_fHKfMlfWcj7aZvNDOn6UTlUgcykhEmbgwHQQd1QmoEkF-5A2RKXkeSO9q0bj3IsfIIJsQMa7Vjzq-_Hwg8dFQNhLjKtoq8hNtyLwQKAN5icSAAgqUKgzKubLHg0-Fw1d49ohYZfmlJKvBsSoU&sig=Cg0ArKJSzA_UDrEfRjBhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=104&vt=11&dtpt=61&dett=3&cstd=42&cisv=r20231129.50206&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 9A3B 2 KB
1 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:29:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:44:11 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 9A3B 3 KB
1 KB 12ms
9ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:44:14 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 9A3B 6 KB
2 KB 17ms
14ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:50:02 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9A3B 12 KB
3 KB 15ms
12ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:51:16 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9A3B 7 KB
2 KB 16ms
13ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:51:16 GMT

GET
H3 200 728x90_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 9A3B 38 KB
38 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_family.jpg

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12784067222800087067/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:36:16 GMT
x-content-type-options: nosniff
age: 61
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39260
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 20:51:16 GMT

GET
H2 200 feed.xml Show response
client.bannerspace.net/112828/ Frame 9FEB 2 KB
756 B 14ms
13ms XHR
application/xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/112828/feed.xml?preventCache=0.820260073901578

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

3e8b4075abc8b4b586a24fb831d3cf0d0805e6a39fc755379d48eaa67cc10cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:17 GMT
last-modified: Thu, 30 Nov 2023 04:05:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
cache-control: no-transform, max-age=300
accept-ranges: bytes
content-length: 540
expires: Fri, 01 Dec 2023 20:42:17 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 3023 0
0 48ms
48ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsujtHOqp5JzX2D4c_KjRC160gHhA2evnGv5rgRUU3UMdPh_pOlgRgc_Dyi_8XAbZTwpodd8eHADVtUnNT-8hgx-99jmmG62FizlRpQuKlWc8tBqxg-NPoBUxavqFK8WBZWVIm-YupNuQEPK0GNJsiRqzGjYILNFHhoTTLG8sgdWLHX6HypGMybFU6DlbNxJt6bQyqqVC3eS3PjzomD0EGaVGo-vgV1HYkQNm4IxifjWWEaILEdlUlT0380bjHkYgz4Ah9N1AbCnSlBpKO1vNoYUTGLSlj3ld0439apkzchDzp7g-U6lCCyvJEW5OVz9r1RrG_oTow2Y66e6XKHTIq9t4bOZbE7sDl6n8ukxOT7_iipVpHCN76Y7OfHtmE7O77lgPnlxQgVxSjRA4WHx4I3IYuw50njd-WiBcDMxYbZy7QKWLM9r2y-3H8JmEF5PQEI3POi_60_Qvdo7eQ8Qn0Zv3GtfN22DSwUWTrmrpiGpafXoPOuvOvPQYbx-b3IljXjNApD_zia7-bDQvANXCZwkBaifieN1Oh6jTT0CLIxM3U7B4u4gBhkwaqV453xOkZ9eKsN6mP8FsRCtaFi0oYNKmKpkTjNuvZ5M95a5_ix_Vo8J0ham7rjtrXR8Hu-SK3EsCQ75qLFKi2OxRloNO_5LF6XABrArw1WDU5w0yayWn_Stm9TmFPSXK58vxiLrRgwHDMC_-WgNestnKWpp02Jb5lfA5NEd9nM9uCOisdIstKUNVFRMfmp4iTJV6be3dXQJcaEb3k5mwSGrTxDlE-z5ptvazUrHn6nnGaDV8_gMj2G7GcDyisPegSybDmag8kngZY5jz4I5yMr8b8arZIvTCUqcqdsqslmT0iU_FgcbJc0HGMSucCDGOxqmMKOwkbFY-Db_iq8PDI9ogwSZ9qiRowNL8tBLYkt--D3VJIfPVjJhgooh0EQxG8mPfcMG72Ye725ngtk6cwBIkEhO4GHnk4UOCuLKGi4weL2vCL_z3XTxfUmAlosRHwZ15SMS6v0trU0vwwW_9bRKQd9VTreRVeSTpjl20SaRMbc9VpGeG8O08dsix9cowGG4SKpMd1ulMyWWCke4G4j9Yu6zA_r54EWpbUxAb8qKadnQi9w8-EFZ1HSOGO7A6w0OoB4m3g_3GI_fNzCHA-HKcbDnvfi43nSkR8XjWflX6sAOiL9xLrRt3zugZVXjeKZQT_AKsrjMEPMKbsCuHRX-WHLtMcgk0ca-lfE1YRlIVBp8Kp9ClDrg8mFJ6S6IxEANup72baE96IY3VYa2q4ky3uJrWB0YWLlOwCsO1IqNHgyNWoOE7o-J8j9HkMRR_G4zY_tK9XqEbjahtt6c-I1rsubxeCvMJ29zHts-1W-PtIQG7mqXurqq-NQpo5Po8crUqTSkjFDL4qkMmsZigM4UY_VozQd6uifEgUUlEo4Q7FH9Ue4kxzYVBk1E7WeWpyRvlKgl70maeEMp7ZROvatMxyrwF9q7wh8_96YkBW1RHnVFnJSMDcUt36NHU5HoTzUGglglXoUy5B9WGfdjIwyvDhOLFbn8riORESbk2sd-GV6mfyXM8Ew&sai=AMfl-YTq4adbPUcUWlcNRU5QExX2aUdFLcOg0MJVB84CVN94gnCOYTEw9atVoBtMEJY7dDDkGKy2opTi0s-y4iH_u8bNYgcv1nwdr0ehgri2_y08NoSXRa0PFjLo0Auid1mdnetH-Ya2jRNzcX_rljhikbbjQCRvU_DWhQ9Kk-hWNzES7PSMHLwubFWR6ENvr8-S_1t1oOmuSv1CPO2vBSjrhkeEINM3przY7GkVCOQSrOvkdT0v-DXqtZKfP1YVyhvkyptS4NpN3IIBhDCXi7pAWDQAN4QEVzQXIfWOHp_pZE7qe6IBublnzYYpn5ufa8S1q9Gf5e4OSvxymhf6nnzfZEDKyn-16r_gDCjFSWiUxS7a9Yco1hpn4YwfxWzawwKz8c4Waie2HuxQQH_G4DXIGtXx4INW6w0oejzBbSowfytO7l_aPUF4&sig=Cg0ArKJSzBt9Y7oBC2TIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rbG0uZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=381&vt=11&dtpt=273&dett=3&cstd=106&cisv=r20231129.59879&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AD4 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H2 200 engine.min.js Show response
client.bannerspace.net/111329/ Frame 9FEB 11 KB
3 KB 14ms
14ms Script
application/javascript 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/111329/engine.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13916606041847298126/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5efd5c070968ae7f3020be206ac993036ee7cbc6fab47e799ad4d9e9a86155f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:17 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 2988
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 royal_dutch_airlines.svg
client.bannerspace.net/111329/ Frame 9FEB 6 KB
2 KB 21ms
20ms Image
image/svg+xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/royal_dutch_airlines.svg

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/engine.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:17 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1846
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 winglogo.svg
client.bannerspace.net/111329/ Frame 9FEB 5 KB
2 KB 16ms
15ms Image
image/svg+xml 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/winglogo.svg

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/engine.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:37:17 GMT
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 1891
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 NoaLTStd-Light.woff
client.bannerspace.net/111329/ Frame 9FEB 23 KB
24 KB 14ms
13ms Font
font/woff 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://client.bannerspace.net/111329/NoaLTStd-Light.woff

Requested by

Host: client.bannerspace.net
URL: https://client.bannerspace.net/111329/banner_300x250.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.bannerspace.net/111329/banner_300x250.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:03 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 23972
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 300x250_1x1_transparent.png
client.bannerspace.net/111329/ Frame 9FEB 120 B
312 B 19ms
18ms Image
image/png 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/300x250_1x1_transparent.png

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:28 GMT
server: Apache
content-type: image/png
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 120
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 300x250_std_Sunrise.jpg
client.bannerspace.net/111329/ Frame 9FEB 66 KB
66 KB 29ms
28ms Image
image/jpeg 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/300x250_std_Sunrise.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

22a49dddda6518b4242a73ff7ea33b83c543aaea3f7901897f1a5a59b2011efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:27 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 67710
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 300x250_std_SFO.jpg
client.bannerspace.net/111329/ Frame 9FEB 23 KB
23 KB 19ms
18ms Image
image/jpeg 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/300x250_std_SFO.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dfc5e8d2d73be372398354967a23c6c1186953d08ce25ed41725c7c8f588419c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:08 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 23527
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 300x250_std_LIM.jpg
client.bannerspace.net/111329/ Frame 9FEB 20 KB
20 KB 40ms
40ms Image
image/jpeg 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/300x250_std_LIM.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2c0552f5f695bac6b38705b48dbe470311f45dce3a3a485efe95ddb51bed3757

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:08 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 20534
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2 200 300x250_std_CPT.jpg
client.bannerspace.net/111329/ Frame 9FEB 17 KB
17 KB 14ms
13ms Image
image/jpeg 2a02:26f0:3500:893::21cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.bannerspace.net/111329/300x250_std_CPT.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:893::21cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

794ea72e945bea99a7e936be803fc7363777bc22eb855c44a46edbc573b611e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31622400
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31622400
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 14:05:08 GMT
server: Apache
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform, max-age=1800
accept-ranges: bytes
content-length: 17472
expires: Fri, 01 Dec 2023 21:07:17 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 2C2E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527017/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-5289793328419085&ias_chanId=1&ias_placementId=20338658787&bidurl=https://www.cifraclub.com...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__ENqZa_AM86F9u8P5cuiCA&cbFunctionName=goog_wrapCb__ENqZa_AM86F9u8P5cuiCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...

1 KB
1 KB

21ms
21ms

Script
application/javascript

2600:9000:2127:4000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__ENqZa_AM86F9u8P5cuiCA&cbFunctionName=goog_wrapCb__ENqZa_AM86F9u8P5cuiCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:2127:4000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:22:14 GMT
x-amz-version-id: ptCY9mvdfO9FVxh7J7Hg_NqWxL3SNYBQ
content-encoding: gzip
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 260104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 28 Nov 2023 20:22:12 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: hFM94TMeEwkXsYKlhsUT44UDFxTD34MwN-4ZXvNpdtcP7RBEt0mEwg==

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__ENqZa_AM86F9u8P5cuiCA&cbFunctionName=goog_wrapCb__ENqZa_AM86F9u8P5cuiCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 70D1 91 KB
23 KB 95ms
24ms Script
application/javascript 2600:9000:2127:4000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:4000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 6208087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KtqYznI5grZnK_7dOPpuSqQJb1UCD1It0J1i4FyWKuPksUY7SLuGKw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 302ms
100ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe91g,pingTime:-3,time:43,type:v,im:%7BpBlk:26%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:0,renddet:na,siq:12%7D&br=c
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 300ms
99ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe91h,pingTime:-6,time:43,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B39~0%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:0,renddet:na,siq:12%7D&tpiLookup=ao:www.cifraclub.com.br*&br=c
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1B67 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7_Ee_ENqZa_AM86F9u8P5cuiCAAAAAA4AeAEAg&bg=!CQqlCkXNAAY3kmNgF5I7ADQBe5WfOM5k8_ZQfNWEXlMhGpd247Ovl-WmqPuQUl_a188tMOKO2xjAwgG-phacwH7GVaz3AgAAAGFSAAAAAmgBB5kDDCgTmaemeSNgekkMolY48strjDHvW3T4qkjLfk4uIAj_md0DPlZ0A_yCKmUqqhWGV5VtNC4FXQdcCC6YvOcMgJPU0aKA51fuAHjZLOh90BhnJdryZiFgNjp16uQ5kg_tk8vik1jdQjFj_i0mrSf7uLP3izY0CKbYLiJZC-yftqSFBq70Hj5m1Euc8rLXh2iaoIEgCB9mgCeVsxU64aPgHkhuvYV534ttkrHI1Rr0OLrPmPxoJGfya313GwGIs8IiOUDWyp46pOnrIEHXYHQoigoI6jWGDY_7RuRu7yccHyvi9n3NcO0HB4LvfbEAst7L6tco1VLyv9GZ47itJXrCVyERsywOYq3Myr2pLqr4w-DEXlN1uWFCQ6eKiKbUElQNa-0jVPm6OjrcYzW2edQrzZRbKuG_Cq55PCdSerg8xNLX5nilJr0z6zjV64SRlQLXsWnrKyf8Kkdr1sX1fMNc29ezhb1k5IEQ178Wiaf5vcRizEBjg55m1EMZI6VxDE5cpzKfopUFmmegkLK_3268QYNc17TlVBWrVdg2RJL9SzgzHLfzH8b-TCDw_PNfUrVQTJO29a48BeXWRnMmhAkXqPaaxuz-lOHf74XhBwLmkaAR5xoeRQMKc7aWD6VhGBCteEb-xf0G9v2Lb4ESbSG7d_GpEbrij6ZPLcGWmvehLOUGjMGJMWL3ae-dxGCJk3OXhH0mWw-7vZT0MMpOfiylthkX4_9SYbbE8-T1c3IFD_YHLcwaP2zeayxVm6lNthbYpdDSk_Wm4EOETW7CS_DeFsIwCu50l_ZrjLWXhFv_3TWIWOQUN4VijTxLmIUvTmaQ9ZU3jFfff2Tu0MoZzgEZT2mRtSuJYTUrN7Sq0i8CQztSjERMse6kfWwhS021r9_-GzTxVxJgtpF8nQ0Dw1g5_X5cSF1qJPg6Q-QC34xgSoGuN7N2Pu7MkLzWwLiT_0G_BYnW71Z6faGT3vN9PvZU7hXQv3SZ4E3Rl56YdzNzVUQp6ZCUzPQMDW3H3Lri_BO7YY77BzNB5iq563AB3Q

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
216 B 292ms
97ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe91p,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:484,beZ:485,mfA:487,cmA:488,inA:488,inZ:490,prA:491,prZ:494,si:497,poA:497,bl:510,poZ:510,cmZ:510,mfZ:510,loA:528,loZ:529,ltA:535,ltZ:535%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:12,sinceFw:38,readyFired:true%7D&br=c
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 118A 2 KB
1 KB 74ms
16ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1619223&plc=69977905&sid=1366186&dvregion=0&unit=320x50&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1619223&auorder=1457420&aucrtv=61555176&auadid=1366186&c6=1447160&c8=&auplc=5033929&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_Y_G_M_cic-215-cre----per-nta-gimy-Tracking-PER&c3=RT_PD_C-215-nta-yng-Pre-Tracking&c4=gmy_pre_20prozent_231129_tc639a_640x100&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_SimOnly-Youth-Pre-Tracking
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sat, 02 Dec 2023 20:37:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AD4 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BtuOD_ENqZYPYNPTMjuwPve6vgA4AAAAAOAHgBAI&bg=!KSqlKmXNAAY3kmNgF5I7ADQBe5WfOEn4-a3FNgjB2wPyCOfoysTVV9tFcr3sV8ENAnAdkpmF2uD3brI0Fe-4xjyH-to-AgAAAHlSAAAAAWgBBwoAdwPpqQn4hgr8hkjpG0PHOmiFcnwuPiU7BnllR1l-1HqF4DpLBDTW31wCxeg5iLcw7t_midalwOi3gUzalBFc-fwnsMFEQRMiRwomTOtBIxVN1QD5y82qbX8H477Hfwf3G-1JTkgbLRprdpnE46kGWrHIvWUx-W21mQMKL_nm6wUbZfjlY1SI0Ml2ZdZf6UeOaOiaBLIp3NE2A10yU0e4Yxrs9hM5vfFmuv_Clsn1_J9ReHD66KSLCjw9Z3Oemot0ZFq92kRWm5y6ZZSqJLV1wV_eRlvXEohGre6Yqo0SRhB6SJFICSFTiMgs8rmYogPJSqt9dP30NQEwAP923sjNqLclEUblLv2i3RjG_jcKicsYEF1KNUO8wIbC7RpJYbeXouWwC2jvymrrpevk2kzkZ-dvDAAZw-L6rbVTJq7ukFM0dzaNMT-0C0_l8c66iRqUSdrkJT_UURGffq_64rVBKjQ_wco8b2AunqSjNmHa3V3QiKo4TwEO9HAt1mp13IoX2-tscngPs8Jmm578kZ_cVHxCecqKSWLjeWjpdbtFJgz2K42PQ2tvC76HvhMBZv7M932uh2ltPdaVEXJr6zo-tPkcVdM4Ax-9oHH_Q5RUaexqTCy4DDeM0RnjVee_6oojhJPAPRT8zXepYOFQUpiZ214txtsRvgEb2nE5y9oAQ52-u_qsBfy4d9cx7Ih2L21mnc5ABvoZA4TDbyCtzoRjvZ0k-1ZQwIocgg9IiRGzZLmAD10cX5Eif5Lx1HQiXN-C5iuCM1CB72qZjjCY0jt4UNhebth9xliRbx920dDyPA_JyUmKXgdvwtl1mMwVNcRJ4NtrA7m2s0XGiYjI61durYOwg4ridGJWEvylpce9rmQvx679QwHYtQB4enxM7SduPsbP3wG4HIAvWhqkwmLeuotLwtnHSnUMUiJWGz0tKjWV2XOxQAYr3N5pgtOqdd8702GnXz-Vl3onEnnC7Tpv8KAuhYPPOBQLCkuKKbHP5HBLB-Mh5AlfhhmQK1P-nCELJt-D92bTDUy9ou6M63VVItlnHxHRdLS4BAskwNVD4CaTo3-Jv_XK37cie7IySP0Za48POo3vwsFg-yf8carBXs8Qhj7PAfLe0ywY7ORcpme0MoVIElWsdUij-7-sEUnM1QufdXpT7fGGRkx_LZe7iBHe90yj7SZOiBZ0APz1M-7deBjORw

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 235ms
98ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe92k,time:108,type:e,im:%7BpWait:6%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:108,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:0,renddet:na,siq:12%7D&br=c
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame 118A 60 KB
20 KB 16ms
15ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1619223&plc=69977905&sid=1366186&dvregion=0&unit=320x50&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1619223&auorder=1457420&aucrtv=61555176&auadid=1366186&c6=1447160&c8=&auplc=5033929&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_Y_G_M_cic-215-cre----per-nta-gimy-Tracking-PER&c3=RT_PD_C-215-nta-yng-Pre-Tracking&c4=gmy_pre_20prozent_231129_tc639a_640x100&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=Adform_AO_AL_None_BNR_CM_SimOnly-Youth-Pre-Tracking
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 118A 442 B
580 B 118ms
23ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_595649671913&jsTagObjCallback=__tagObject_callback_595649671913&num=6&ctx=11655933&cmp=1619223&plc=69977905&sid=1366186&advid=&adsrv=&unit=320x50&isdvvid=&uid=595649671913&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=119&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1619223&aucrtv=61555176&auorder=1457420&auplc=5033929&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_Y_G_M_cic-215-cre----per-nta-gimy-Tracking-PER&c3=RT_PD_C-215-nta-yng-Pre-Tracking&c4=gmy_pre_20prozent_231129_tc639a_640x100&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=Adform_AO_AL_None_BNR_CM_SimOnly-Youth-Pre-Tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTar9EEADTbpTauTaue74%606%60g7%60a4cgg62_%60cb645c2d%60764g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_595649671913
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4e8fdb16f0bc169c9f98925a0d080277600dc7e631e4f62c2cbb8fa01e0fa4f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/30/2023 20:37:17

POST
H/1.1 204
No Content bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 118A 0
345 B 32ms
15ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=14b169ceed2e4405bdb50a16865df5c3&vfdur=120&cbust=1701463037391407
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 01 Dec 2023 20:37:17 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-30T20:37:17

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 118A 9 KB
5 KB 34ms
33ms Script
text/javascript 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=69977905;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=19820480540&extPm=19820480540&extCr=537192284&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CHf9B-0NqZfPMLKeQ-cAP8NWNgAKDvYfDb7Si9ObNEo2A5LbrAhABIOC8rSNgleKQgqAHoAH2vq2YKMgBCakCe9GgUoErsj6oAwHIA5sEqgSjAk_QSsDs-tst3gRMPBl9VjX6jbNPkvuig8W7UvXIOuQ42lcoTQTqeVzoc6-Xuri1lwjlf8KntgmKjucG2qlcvumeud44efihSyA8KOizehRcIPlddftDphPl61GfZZPHK_-2dw6KfE_XNE4lnhdy_Dj2bVNItOkvjXn5nzMYlbsYmVuUQcU-oQszOYNTST6UliI7V7CZ9XosK08m2PIixS8I6RSFr3nsT_4DI2nMcbrx0JJ3KIr_BMnl_UB1qNKD_vmn20NR5Mw0CVI1y2K3tY4rYkizx3TO8rSDhjRNTcoW6LRynt4kjOeVsEEIkdkToh1FNL8QTR8gZ5wz6dhTaB8HOhSgs3xdWRZmiAmNobS1LIpGbYpHeBoc58RV4Vasmd6bTMAEqqjM35EE4AQDiAWckJLrSZAGAaAGTYAH9vb99wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljK8dvei--CA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJEReINEwi3kd3ei--CAxUnSB4CHfBqAyCwE6TO5RXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&sig=AOD64_0fVmxhFOy_DMF40b0eq20ewVYoFA&client=ca-pub-5289793328419085&dbm_c=AKAmf-Bwlez0URuyAjyaJdeOJdkDulVS1tkn84L53u9WrJ68zOx5yRBawAUl4574F1gDwuK_YqLM2liYemciayv1KKeK3L9Aslls5307_xbOxvhu1aUrhiEvTorbEmg3Sf6FeHWLSjD_NRaHue_pFOpz8quAVfoGJb_MUO-RaKqt7M6gKBhAGA4&cry=1&dbm_d=AKAmf-AASeOnYebCxQ3HIaxJBa8W2GBotpxseAKN05s1-c0UoPQmfkNjBiZ79AivE1S7UuMoiKVPT9laeSWE_xmyR0P0-r5NKYmM_mfRS5xDOuF6MYGtv3gIuW7pFCBM9yCyoNlIE58540mJDlRozj44HQLt1OVMxD7M1YUmwe-lQMHZ5D-zKM1On2cV13P804x8wyrtv08LRRcdwYlfmjBl9mQJtK6h6n5YsUaBMmujM3-WhTBIgmKczru6FirOMnqbIYHTL3ZDqzCf5YwhqLL6umqsqJEaSkeH92WZVysvk0fwR86ZwYDRrI8ZS7LfPZbyQjTge2uvVEErZ7ihHFovnIAgKPgePSomC8LD79pGetRnQycLIxdfvBo8WjCcQMMF1TLhDznqF0hMLDFUqm8Ly4vfGELxTDvFsfkU87rjrFDxGe_7W5mLXKw_nTiJWEDb_sQdCi2aVVkIvh-8Q3tTFOIgrJId8YCvsgzS4MK9pr-HjNxsD56ylamJV3QV96E-RNG4Cmr5lbDI5H076FMSwvNCYiA8OLzOLAkrjw-x65bjLk2PtZAFQYxPb6S8fKluKML1aPrS&adurl=;js=1;adfxid=1x;10741;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwww.cifraclub.com.br

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

28d8c81ff8ca600bacb8f924d8a8fd89481d0a2eda004442b048db74630b6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4275
expires: -1

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 118A 9 KB
4 KB 19ms
18ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1619223&sid=1366186&plc=69977905&advid=165376&app=&sup=&adsrv=178&region=40&btreg=69977905&btadserv=adform&crt=61555176&crtname=gmy_pre_20prozent_231129_tc639a_640x100&dvtagver=6.1.src&turl=&DVP_ADTYPE=Image&DVP_LINE=5033929&DVPX_IMPID=8051835027924827275&DVPX_GUID=1239240027172733872&DVPX_CDID=&DVPX_LAT=48.2594&DVPX_LONG=11.43431&DVPX_PAGE=https%3a%2f%2fwww.cifraclub.com.br%2f
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1e8255905b241808d05b885ad24ef9b55debdcf9362004c7fa53c2a6814d569e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:08:04 GMT
Server: UploadServer
ETag: "bc712440ade02d7a128c4b98ec1d9c0d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Fri, 01 Dec 2023 20:52:17 GMT

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 118A 43 B
208 B 30ms
30ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=276&rid=10436&cid=7639&adfserve=257&asset=187&deviceType=Desktop

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 27 Jul 2023 11:18:06 GMT
server: nginx
etag: "64c2526e-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 118A 0
0 140ms
71ms Image
text/html 65.9.95.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1779&r_id=htlp&rnd=22158
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-8.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1 200
OK dv-measurements5017.js Show response
cdn.doubleverify.com/ Frame D181 424 KB
100 KB 15ms
14ms Script
application/javascript 2a02:26f0:3500:d::1732:83d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5017.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: c3b04b64fa45af19c92cb704fcc1d0856c477060fa78815c7a0f050dd714feb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 08:32:12 GMT
Server: UploadServer
ETag: "6c51d60bc3f0f9e37f97539801285681"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102041
Expires: Sat, 30 Nov 2024 20:37:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B204 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sat, 02 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 118A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d95b1c4a61da22cde9111a5a780402f3add70e936096218a1bb4acc2f257fa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 98ms
98ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe979,pingTime:-10,time:407,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701463037519%7C%7C92c6356f2e2f1db813e13fa1a252ac52%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7C417849de9465792589c40f8465ce3b52%7C%7C863989828298abe77a7527e9d9bf18be%7C%7Ce259d491fd165479bd0efcefa07adc5b%7C%7C71be3151de5672866b15e1ceb4b6f2c3%7C%7Ccd3647d85f996baf729aed1da05358b6%7C%7C1663701684,im:%7Bpci:%7Btdr:370%7D,pLoad:379%7D%7D
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B204
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1&google_push=AXcoOmRPYkyOkrgiVt7FztDDOPC5Coh07kktBwMPaPd41vuNijLSq1IAIUbY_JL6reyHMwxuoEY9mAp15U8GgbQgetNsC-zs0xbU
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY1OTU2OTAyNDMxODU0MTkwMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1

43 B
398 B

71ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEP6LVTtLnE2ioec0fr7EpmQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B204
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENt5hSfMrSCFVpuw4LI1HQk&google_cver=1&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn8npHAQIwSLYTAtFGA&google_hm=-y3uRYDrQgeDLHIhdXVyck0

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn8npHAQIwSLYTAtFGA&google_hm=-y3uRYDrQgeDLHIhdXVyck0

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR1bWGaSoMqiR1AnzZWX4vvjtfU_HysATDb2afAD9MlM6SAyFBpAAbpsn3EJsWQpGoZHkOUAMJAMJn8npHAQIwSLYTAtFGA&google_hm=-y3uRYDrQgeDLHIhdXVyck0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B204
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF36geKpv5Cj_pIFh-OPh3M&google_cver=1&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bS...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bSnUwWFaNiffx2

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bSnUwWFaNiffx2

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 20:37:17 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=BcWZhn-dTyQDKRF62zzjbA&google_push=AXcoOmQve8EZV7s3SwyC71eadCwjfOdNSPE6SSovb_MLL1jplEhDYJUt8uY_v-oHMNcz_a-AhzmDTAoELdrb91bSnUwWFaNiffx2
x-host: tde-deliveryengine-production-6987bbc57b-dtmjz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame B204 43 B
145 B 9ms
8ms Image
image/gif 35.157.253.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOsMq9wOLFS3Tir0kMz9YUM&google_cver=1&google_push=AXcoOmSCYx0QkYrdvq61jgcdqzjNcP_VZIuD0Yn4wwBgO_divmSnODkJhm6RikmPqpI2g7Z1KHk-dnGHmLrQp7JMRrIb3-ZnLCM
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.253.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-253-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B204 0
166 B 64ms
21ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHL0IyE0DZ-jLTrL82nEcW4&google_cver=1&google_push=AXcoOmTA3FEqPBlLuzT1WS5lDBmXBGurdKCz50NBf0S-WVvAhfStduSd_0BIUAz8HUF10xxkgAm5a61YWi22ZuiPvcYh2dPtrB1S
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 01 Dec 2023 20:37:17 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B204
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEM1AeqyKIxE_e6kh5Ka-oYo&google_cver=1&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptppY4oHQV3z--nmyny

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptppY4oHQV3z--nmyny

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQkSO44Kb83HU6t260eDTillGW3bD1cMoITfdVd5HoOz26Prbzs3KZ1RAMKzNOEMhWJZXTzyS2v3ptppY4oHQV3z--nmyny
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B204
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEwoGEKgKGshpGSlp_IWEJ8&google_cver=1&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Z...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI2MTMyNzE1MjU3NDc0ODk5NTg5&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI2MTMyNzE1MjU3NDc0ODk5NTg5&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI2MTMyNzE1MjU3NDc0ODk5NTg5&google_push=AXcoOmQisp2c9YxQdxG1_a4X40DUiVKICmQLJh3SVW9foPljsXt8C33jcI-Kn269LWSbSA3iKbpw2VrhKPiAp7SBoXaOTiR5g_Zv
date: Fri, 01 Dec 2023 20:37:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B204 0
12 B 15ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNkYf854BIq4fRLaddfS4BScsrmTD81dIcHBEfu7cJjM-HVLf8i1oHxsWdn-IWLU68i8It

Requested by

Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame D181 699 B
732 B 174ms
25ms Script
text/javascript 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=76&ttfrms=13&brid=3&brver=119.0.6045.199&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4%3A7C24%3DF3%5D4%40%3E%5D3CTar9EEADTbpTauTaue74%606%60g7%60a4cgg62_%60cb645c2d%60764g4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=795&ddur=20&uid=1701463037537948&jsCallback=dvCallback_1701463037537786&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=50&winw=320&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5017&tgjsver=5017&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&dvp_epl=243&noc=4&nav_pltfrm=Win32&ctx=11655933&cmp=1619223&sid=1366186&plc=69977905&crt=61555176&btreg=69977905&adsrv=178&advid=165376&crtname=gmy_pre_20prozent_231129_tc639a_640x100&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=5033929&DVPX_IMPID=8051835027924827275&DVPX_GUID=1239240027172733872&DVPX_LAT=48.2594&DVPX_LONG=11.43431&DVPX_PAGE=https%253a%252f%252fwww.cifraclub.com.br%252f&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5961379740.406987&ee_dp_sukv=5961379740.406987&dvp_tukv=429655258.51933354&ee_dp_tukv=429655258.51933354&dvp_strhd=0.2999999523162842&dvpx_strhd=0.2999999523162842&dvp_tuid=633044965266&jurtd=1070912463
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5017.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5b1c8d48a633998b03aeda3689d1f2b0505c582f3d1565ebbf18b95e67988593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 20:37:17 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 11/30/2023 20:37:17

GET
H2 200 Standard Show response
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 118A 85 KB
36 KB 47ms
47ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 10:42:02 GMT
server: nginx
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Sat, 18 Nov 2023 15:27:21 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 118A 35 B
625 B 30ms
29ms Ping
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=69977905&csi=wlH3vZ_6sMbEsoxctC2MhqTvLA1RBGa_bSIIlW_cdF3rygPkIxxfkwklU3FdfzmPa3zNfUzv6osKzXbTTFAYHt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 61555176.gif
s1.adform.net/Banners/61555176/ Frame 118A 33 KB
33 KB 44ms
44ms Image
image/gif 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/61555176/61555176.gif?bv=3
Requested by: Host: 6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: adf38684fdc6c70a10dc4657a4f6bf6d19921ab0f386005b4cad2b246f80ba4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
last-modified: Thu, 30 Nov 2023 08:23:58 GMT
server: nginx
x-amz-request-id: tx000005a64f330c9a1c27b-0065696881-32959e94-default
etag: "7eb4d8bc144b15c2094ddd536c1703b9"
x-cache-status: STALE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33951

GET
H3

200

c.gif
www.bing.com/aes/ Frame 58CC
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2be29b17-4dd0-4049-92fd-5d66ee36f3db&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=61f3d11c-0941-4d61...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d3f3d4ea63b342989da4ed9cc67f4dae&tids=15000&med=10

0
18 B

67ms
66ms

Image
text/plain

2a02:26f0:3500:1b::1724:a39e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d3f3d4ea63b342989da4ed9cc67f4dae&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:3500:1b::1724:a39e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C510FB3B1F44B6CAAE2B681A2BC18D1 Ref B: FRAEDGE1421 Ref C: 2023-12-01T20:37:17Z
x-cdn-traceid: 0.9ea12417.1701463037.203c8459
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Fri, 01 Dec 2023 20:37:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CACCD91072034CAA8A38ED062F8BB1C1 Ref B: FRAEDGE1714 Ref C: 2023-12-01T20:37:17Z
x-cdn-traceid: 0.9ea12417.1701463037.203c82f9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=d3f3d4ea63b342989da4ed9cc67f4dae&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 22ms
7ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:24:50 GMT
content-encoding: gzip
age: 11547
x-guploader-uploadid: ABPtcPrffq9EYFtEywMulp6Eoc-YQ_L9f_QP7x1G359vIYpyMyC9Ig4fELyd104_91YQfjeYkCE1eJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sat, 02 Dec 2023 17:24:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08233093b6c59d49b84afbd0d551a07bab1c1cd3afbadb58c30d4299cccb7dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74592
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac55a51898573e7bb7489a16bb38df34754b188db7b44373664aee73c5ea6302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80942
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a0aea132cfbfe3f8d4f16d0208caf5b310bcfaff4eb993852ee66874cabf76c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83293
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

94a7acc2ea50680b38811015e38359e761c8d49ad380cb22761026881cb899a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81104
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f3f812ca3401b5882977dc25f862f6e1c7ce700659a26eae25723b83c8c3cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81101
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3308894913d302b9c608ef4edbbadb83aef22f5590c5656af4273e496f37786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72482
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 20:37:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 74ms
55ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91cbd6fc483eaf860de999961856decb57033ee485da09876451a3d751bc7762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12395
x-xss-protection: 0

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
622 B 381ms
122ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

37d53282cf614caeeb834ddea3ca2f547f7dedf972b4130ad1de309ab373cbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3023 42 B
64 B 59ms
50ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslytxIpWc0UfzYtTXFAS0SamC7SCJubtUSMwkL1mcIwNaNYVhk1S2zPr0-1y5kLXSXRG2m8k5xXuAVAHLdpgZO9n53HlEhHTDhSs1moMGRhcXc8WKc_jdwUoTf2SbhC35ArI3bVBJzM8ar&sai=AMfl-YRhCGFuw12K1qQ8WObBTC60o_wBYxzGGCoZbF1HFpNeq58-ugjr4b2L-IPXCA1_H7zGpG636AVWoHy_zIreN-fv8rsT3wkcMN9_as75rc1cZWzl-qjLTrXHgxrpAln6D75QyKUEIho&sig=Cg0ArKJSzASRmyvflMYMEAE&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&id=lidar2&mcvt=1010&p=576,1090,826,1390&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1414448433&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701463036593&rpt=142&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 10ms
6ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 21:08:14 GMT
content-encoding: gzip
age: 84543
x-guploader-uploadid: ABPtcPoZ4sUeR-l8Vz3mVKRx-g0PfJQHleAaQdNv7pNk0DhOEoImwdpGn2JGWmXb_4aUeXOO4G0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Fri, 01 Dec 2023 21:08:14 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
689 B 139ms
109ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-cifraclub:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1701463038&tM=direct&tL=direct&tN=direct&tY=3&tZ=95756498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ 627 B
688 B 258ms
258ms Fetch
application/json 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

368c1195e375b877f23dd637f8728184fd92ae028f2c928f454c8177bc9ca584

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.cifraclub.com.br/
x-goog-api-key: AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ Frame 0
0 57ms
23ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Dec 2023 20:37:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1701463037795&cv=11&fst=1701463037795&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6dd8c008866e86af55be5428c60084719d294a3b0e2dc7132af0c23cbc0abf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1701463037810&cv=11&fst=1701463037810&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b583a9ff9fa27c62e4643bb7f99f1a6ca10f831dfac49be86c6e56a578d47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
327 B 125ms
106ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: fce49e42c62a4151ecb10afcd0c0537fbbed1a2cb32a5438db646a7bb50277dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1701463037881&cv=11&fst=1701463037881&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1219721552.1701463035&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8948e2f660816aecc825aecbb61bad28cf5fbb65af1084f143a80f8553f411bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 20:37:17 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame 58CC 0
667 B 22ms
22ms Ping
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&e=wqT_3QKQCOgQBAAAAwDWAAUBCPuHqasGEPbC4c6UjtC6fxgAKjYJIe1dmOoF0z8R3zpZqmsS0j8ZAAAAYLge-T8h3w0SACkRJNAxAAAAgD0K1z8wqoPQBjiFOEC1XkjjA1C6iYq2AViekE9gAGj0yVt489gFgAEBigEDVVNEkgUG8GmYAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACp4446gIjaHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy-AAwCIAwGQAwCYAxegAwGqA60DCsMCaHR0FTnwhmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTYxZjNkMTFjLTA5NDEtNGQ2MS04NDE2LTEwNDdmMDE5YWU3NyZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgA2jnEANHJ0eXBlPW51cmwmdGFnAURwMzg5NDA1OCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWIJGRR6emYlM0ERH_Q0AV95dl91YnlxYmhnJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTOTE4NDMxNzg3MDQwNjM5NDIzMCIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOekkzTnpReU5qZ3pNVFkwTmpFak1qTXlORFUzTXpjME1ERTNOVFl4T1E9PcAD2ATIAwDYA5CVMOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA00NS4xNDEuMTUyLjc3qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwASn_fchyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXYnbTnxtaIwT7ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXCd_oFBAgAEACQBgCYBgC4BgDBBgUvMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH89gF0gcNCREoASYM2gcGCAUJ8HPgBwDqBwIIAPAHiN0DighHCkMAAAGMJxmMeH91QHFJ2GF26MeLso1hgvExFVwxHGCu4hquTwPWvH6OMhNRngLkhd8Ay5B03yRUPDdga6FOhJV9C-87EAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=e900ea1bc855b27c659e521e676c449ab787542b&type=pv&jm=1003&px=316&py=102&bw=478&bh=250&sf=1&sid=8972228871504956763&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=13894058&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
an-x-request-uuid: 69f829c0-049a-43c0-b1f5-712d06a7e923
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 58CC 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssB-eveS6TaTTyCN4oaQWoenAuOlcX5sXJPeccTk1-q-QSFgwaxKW57EWSrHbvRfQYkFoK-QKM00HYStzQq4ZEJGIvM7ZQFHrdAT07E8amv4BCrPzDFlUl6ABT7a59hfWb_dhJCUMW5VA&sai=AMfl-YTMdv66s8YUb-QpT52UTS2ojFZ-rHlVfzHKkTJGQBNwjLZn4_8&sig=Cg0ArKJSzNd0Bbs5sUJYEAE&id=lidar2&mcvt=1054&p=102,315,352,1285&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&v=20231129&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=70520306&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701463036546&rpt=273&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1701463037795&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNTcCnATRaflvCunZmVXwzRNrHpd2qjDct1n7E5lxX3D5nUXip&random=787471848&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1701463037795&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNTcCnATRaflvCunZmVXwzRNrHpd2qjDct1n7E5lxX3D5nUXip&random=787471848&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1701463037810&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLgNcQcP_ZI_kPusHtKjWhVwt2KKT7md_4pmK3_kS0gseNjl3&random=2103628012&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1701463037810&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNLgNcQcP_ZI_kPusHtKjWhVwt2KKT7md_4pmK3_kS0gseNjl3&random=2103628012&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C2E 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutYvKt5UJCYSlaufAhWmH8WmTL3TZ--c6Ji8SWRkZhHOkzCsVGZbzJSLKiD1OPOXOQI0R_rqEq9lvilgjWzSHHLva3yyfvDK1WshCcgaUYnyETvBW6ywVTftHTEHyUDoq6ooMhesqZap9s&sai=AMfl-YRzsSExP5-Fm-eePdc-9vuHRrR5rTd_g4Xbyy9Wy-BWnlKUA2Ugc8bmAUYNZSFwoHeQa_K1eRoi88ARCROw7lekfwFi1UQY2biwg3qNRsAPnYOPENtSmFCyx5MxV02m4bMefaJSk8I&sig=Cg0ArKJSzLFWYRHzyVi6EAE&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3249029758&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701463036628&rpt=286&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 25ms
25ms Script
application/javascript 65.9.94.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-131.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: oomtdpM6oP_XzYJszm90PPsmQplWgfJZ
content-encoding: gzip
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 12:31:35 GMT
last-modified: Wed, 23 Aug 2023 17:09:10 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 29174
x-amz-server-side-encryption: AES256
etag: "051eaa8016019d816c2ed2a9645c6935"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56782
x-amz-cf-id: 8koM5v8szhouwW3O1juJoDpR948QFpTUIhj98QsLQLxW_Fs-OmOBiQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1701463037881&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNKxj5zoxrco3Z9XpklCHRWfI6lbPXJjl379Hgeca6szTzivuK&random=566512918&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1701463037881&cv=11&fst=1701460800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNKxj5zoxrco3Z9XpklCHRWfI6lbPXJjl379Hgeca6szTzivuK&random=566512918&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E6E 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 15:57:45 GMT
expires: Sat, 30 Nov 2024 15:57:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FA28 829 B
560 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8298197d5c45023f4c580acc30fb5b63b7fbfd10a7df8c0852f012a503225e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XBbfD6zyZoe8noFV28u7uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XBbfD6zyZoe8noFV28u7uA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:37:17 GMT
expires: Fri, 01 Dec 2023 20:37:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E6E 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FA28 0
0 40ms
40ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=3288540576435664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 510ms
148ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=435534&uniq=_kb8hgh9qn&ref=aHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Fri, 01 Dec 2023 20:37:18 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E6E 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WDD82Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b Show response
b.t.tailtarget.com/ 113 B
571 B 118ms
118ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007FFD436A65CC06D03302B0100C&tX=b.52&tZ=642260157
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 387a8c104be5edb3c766a1e8145dfec5a32118c91bebf82001ce0100ec707cc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 101ms
101ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe9hz,pingTime:0,time:1053,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:134%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ 1 KB
710 B 184ms
183ms Fetch
application/json 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6eb844c9f03c7638ac3d0801d5942ab26cf989ebced75bfe7676c9c91b0f9b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTA0NjU0MTE0ODQ2MTp3ZWI6ZTAzZjU2N2QxYTAyZDM4ZWI2YjNhNCIsImV4cCI6MTcwMjA2NzgzOCwiZmlkIjoiZnpuMHZadF9KdG1fYzBjRkpvc3pfeiIsInByb2plY3ROdW1iZXIiOjEwNDY1NDExNDg0NjF9.AB2LPV8wRQIgUEsqBh8ZQGWogV2o7IlujWEdICUsZ-W9a5MEKcp-PUMCIQC7nhLWpMqOJpewrmdQZ5qNE4f2ir6Ya-TU7ZyWuQzb9Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-integral-accord-651-fireperf-fetch-1578239058
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ Frame 0
0 219ms
17ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 01 Dec 2023 20:37:18 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
117 B 110ms
109ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=442568384
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 0320f41b988e2d2c44059ba43fced64611cfc6f89f67a7b18f8c26a2b886f3a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 118A 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNK13OB1stCtCFxbcwbLsJFKYE59fU_PJyXAwmC7uXcaxg2g8zlRXZMIQyIPcsp4ZQC9a_5xnti8JIZ-6PIWKjzqLePVH_fc6XAQ1c9m10V6zutgWh-judQ22ZDOhblmNbECI0vomyxJNI&sai=AMfl-YTG1d4Dd28aCEbHGewh4fX9qTehpjBN_tSDhqJIacjl1-a6S7FckgFiz7VqPwa7q_rEmU04wbh0pYdC9ga7CmdP6hXF953CgTDCQRouBhGZe6xiJTUV_r8qcA-xHrtrWsYvUaF0fx4&sig=Cg0ArKJSzJ1DHCrqMnKEEAE&cid=CAQSPADICaaNJgoYAl934eEXnJvORMUC_Zqf00Sb9N24uf8PoXEFZh4oWFoqoIop1yhOWV-2G8qVdpzTuDwAlBgB&id=lidar2&mcvt=1000&p=482,1080,536,1400&mtos=178,1000,1000,1000,1000&tos=178,822,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4164029453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701463036633&rpt=848&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2E 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1445169889346&version=m202309260101&ct=76&x=1&cor=281293051867496320

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 20:37:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAmVAawdymKFVDFhK33Q4wk&google_cver=1&google_ula=862479430,0

70 B
373 B

123ms
108ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAmVAawdymKFVDFhK33Q4wk&google_cver=1&google_ula=862479430,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEAmVAawdymKFVDFhK33Q4wk&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 122ms
107ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1701463038174_764254285&tJ=CA15437,CA15795,CA15771&tQ=par-cifraclub,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FFD436A65CC06D03302B0100C&tX=b.52&tY=1&tZ=423179256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:18 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=3288540576435664&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOAcAmkwCZz8wsZ6ISNud3IprDJSiItI1TE63sVKOlEOwWjKqhO-wQ30hU0U0pKU2AgAAAH5SAAAAAWgBBwoAipV-k6x5zKVMIaYTzvlV8Sk2Mkha1Z4Q53BZiNwWaRKb1ZCnJLhHYd6dOjYNKA8E9PkmvEkzndRYYWARlrGvxqdsri9mfIvu_clKfapAo-IMSoWPxb7bT_23nbZWp8uaMoslYYx4PJUDXi3Zbr8A87rDxOIGc85AfDKOtboJitNlWDhKoWhfMDG1XZkCu4Px9WCRGXeQL_vNNOdSqdUwUwul1R4di2Zhg0FA4NpCmvFmTxB4rxelza29ErcfBO4FmUFiV9559HLuoIaFDH_va6snd-uTObK03mtLFZS0fOfb4L0yMuVuHvPcPsiTVIXP3EI6dsSh4m0CkHx7BApC2HTQZ2U9FlGDub5qxV4aBnuY1DN_-j0cwkMwd8nfIo_tf8yP7TdPhnRt2RbrZE5dlbf5G1-s2nGz2gEY1BY83Jegy1dE20eCRyHeNd6xTz-YUVaVe02OzCTWP8a8a1V0_R4jsLgrgJ8IsWTIohCRxrB1AEUGDUMGHt66-l3O6N6HnoO-nhefaQymfqX0wFw-ToSPaKEWc5VYmHJxZEPYtSjUj1nOfNZACpx7TUN1puWQpKR2Jkf8mXfhDXAByocbKCeXp-kV9MxZd6PwliTVsbgvW-_nPQ1eEtHOkkhZtq2FoFruDunRGnHuOMhg8RXT_sW4b7Q1QabMW-AuaZ-LDdgyKL3y_IFllR8zbLhgOzUlcOxD750s_vzkUEdWNu1H3z-9Gnbwr37Dq0tcgW1UK3UvwE_Ekdv-TL74u6Zethe1409aGEuM2KMJ6KUxUdJFHlSlq6qwy8ebAPoDCpgYdZGLYAcKG9XX4TfmWTnxjkjqfNU1FRQuv7FcH5eOA4tCtswHTmmppjwE_BH_W6hY69YqvrAH_UEH5DlJFwEH_6I86Ul58LCffx_3YXjkw5B9rFKSErXiOWohHiFs9tv27QsDa55cUM-RHk2c5wtJfLaUNkPw6PQbDFAYSXJQ0nai1Tej63BQJsAbVJxSvu1iqb3b_TOtL-Ia-ksuPp-yuQEaOvI5pcUiB273cGcH3Uw2wzeSjf-vnRHwu_Ab7tnUuBGa1QNbROHxGWKXWU2vXl_iQJAsosN1L8HRE0cR0h1naP9Spdw7yfOm2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 118A 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9514456425640&version=m202309260101&ct=77&x=1&cor=1850977446373975600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 118A 35 B
625 B 30ms
29ms Ping
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1239240027172733872@@69977905,8051835027924827275,100|1097|0|0|0|0|0|0|0||9|1|||||1|0|0|uBfQm00QpqxcPlakbYq96Qwm9IimHH1skDI0La7o7robF0JZz_mCW_L_QlhaeLlf0|||11||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe9xH,pingTime:1,time:2053,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:134%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:19 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2C2E 43 B
215 B 100ms
100ms Image
image/gif 2600:1f18:1aca:4282:e85e:5275:34fe:1496
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=5b97ee2d-c886-79c4-cf9e-5fa1f07d5f39&tv=%7Bc:vAe9xI,pingTime:1,time:2054,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1048~0,1~100%5D,as:%5B1049~728.90%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:102,fm:tXdPvtu+11%7C12%7C13%7C14%7C151%7C152%7C153%7C154%7C16*.987057-61527017%7C161%7C162%7C163%7C164%7C171%7C1721,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:134,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:e85e:5275:34fe:1496 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:19 GMT
server: nginx
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
373 B 199ms
199ms Fetch
application/json 52.35.82.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.82.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-82-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 406da2053885566326cd66d21cadc95c13faabfe442d807574c0a604e3e8568e

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 20:37:20 GMT
x-amzn-trace-id: Root=1-656a4400-10c4ecb320748ba340540fea
x-amzn-requestid: 4f064681-0df1-400f-b927-7effbf6eb069
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PR-QEE6ovHcEhdA=
content-length: 146

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 568ms
186ms Preflight 52.35.82.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.82.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-82-95.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Fri, 01 Dec 2023 20:37:19 GMT
x-amz-apigw-id: PR-QCEQ4PHcEA4g=
x-amzn-requestid: 24ff5d2c-c604-4442-a9d6-ede0969c749a

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 40ms
14ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 01 Dec 2023 20:37:20 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 240392
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
394 B 41ms
13ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:20 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 202519
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BE67 52 KB
17 KB 44ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 43156
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 01 Dec 2023 20:37:20 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 4220, 305169
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230060-FRA
X-Timer: S1701463041.666023,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6924 23 KB
8 KB 63ms
22ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

5b1b5618e8887b9d60e4456e61ae69f6bbccdcbeaed553bfe565a3d78ba2de0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8419
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 20:37:20 GMT
expires: Sun, 03 Dec 2023 20:37:20 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 3282 16 KB
6 KB 37ms
8ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=168258
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Fri, 01 Dec 2023 20:37:20 GMT
expires: Sun, 03 Dec 2023 19:21:38 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C27E 281 B
555 B 28ms
7ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 01 Dec 2023 20:37:20 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C27E 46 KB
13 KB 7ms
6ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 20:37:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 23:38:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=10874
Connection: keep-alive
Content-Length: 13236
Expires: Fri, 01 Dec 2023 23:38:34 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 3282 0
39 B 19ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77407069&p=163636&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:37:19 GMT
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame C27E 7 B
380 B 64ms
9ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BE67 0
596 B 20ms
20ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:20 GMT
an-x-request-uuid: 8a0b650c-043e-4728-bc8d-99d9432c8003
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame 6924 35 B
191 B 63ms
14ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=chlog&reqId=656943514088891481701463040704&fs=2&pid=8PRW23HG5&cid=8CUMSRPRR&itype=PREBIDNone&bs=2&bi=30000&ccs=8&svr=2023112809_251&gdpr=1&csex=0&usp_status=0&usc=1&lper=100&tr=787.8604767130728

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:20 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 01 Dec 2023 20:37:20 GMT

POST
H/1.1 204
No Content event.png
tpsc-ew1.doubleverify.com/ Frame D181 0
345 B 30ms
15ms Ping
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ew1.doubleverify.com/event.png?impid=a58a8b6f64304456806782ef00fb5cce&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=69977905&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=175&eoid=18&te_exec=0&msrjs=5017&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=20&tetms=6&msltms=29&vltms=175&sei=289&vetms=5&tuviims=89&tuviems=269&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=456&msrcannum=3&ee_dp_tmads=2294&ismms=1026&isumms=1025&nvr=6&isgmmims=1026&isgmv4mims=1026&elmtp=6&isbxdms=2225&b0=100&b11=1200&adhgt=50&adwdth=320&norwdth=320&norhgt=50&vsos=1&dvp_vsosnmr=16&lftb=1300&sftb=1300&msrdp=3&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=50&cwdth=320&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2025&isuiabvms=2025&isgmpims=1125&isgmv4dpims=2025&ispmxpms=2025&engalms=1024&engscrlms=1025&dvp_pageEng=true&dvp_dpr=1&vstsz=738&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3192
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5017.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 01 Dec 2023 20:37:20 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-11-30T20:37:20

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701463034293&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1954502170.1701463035&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1701463034&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&_s=3&tfd=13969
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame BE67 0
596 B 17ms
17ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:21 GMT
an-x-request-uuid: 3913da1d-a857-4f36-ae9b-b95c7ebb07b5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 118A 35 B
625 B 30ms
30ms Ping
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=1239240027172733872@@69977905,8051835027924827275,100|4897|0|0|0|0|0|0|0||41|1|||||1|0|0|uBfQm00QpqxcPlakbYq96Qwm9IimHH1skDI0La7o7robF0JZz_mCW_L_QlhaeLlf0|||01||0|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 20:37:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cifraclub.com.br/	1970-01-20 16:39:09	Name: _gid Value: GA1.3.1485542965.1701463035
.cifraclub.com.br/	1970-01-20 18:47:19	Name: _gcl_au Value: 1.1.1219721552.1701463035
.cifraclub.com.br/	1970-01-20 16:37:43	Name: lotame_domain_check Value: cifraclub.com.br
www.cifraclub.com.br/	1970-01-20 17:20:55	Name: _pbjs_userid_consent_data Value: 3524755945110770
.cifraclub.com.br/	1970-01-21 01:23:19	Name: _sharedID Value: c0410365-5988-4f14-ac4c-ed69bbcc2e20
.cifraclub.com.br/	1970-01-21 02:13:43	Name: _ga_XBHRSMDBK4 Value: GS1.1.1701463035.1.0.1701463035.0.0.0
.cifraclub.com.br/	1970-01-21 02:13:43	Name: _ga Value: GA1.1.1954502170.1701463035
.doubleclick.net/	1970-01-21 01:59:19	Name: IDE Value: AHWqTUlWl4pvDfrrieEMYSXljSPIUPdInCnUNIT5a11HyMknD01IC4qFwGMLfLSV
.cifraclub.com.br/	1970-01-20 18:47:19	Name: _fbp Value: fb.2.1701463035409.169297158
.adnxs.com/	1970-01-20 18:47:19	Name: icu Value: ChgIy6c-EAoYASABKAEw-4epqwY4AUABSAEQ-4epqwYYAA..
.adnxs.com/	1970-01-20 18:47:19	Name: uuid2 Value: 9220783051020471049
www.cifraclub.com.br/	1969-12-31 23:59:59	Name: geoip_country_code Value:
.rubiconproject.com/	1970-01-21 01:23:19	Name: khaos Value: LPN35SBL-M-1VGJ
.rubiconproject.com/	1970-01-21 01:23:19	Name: audit Value: 1\|yQuirGeEF6CiC6JXvJSEIiAkF7RiBdb4AgvEG2sPPZqRoUZOq/XfJijiVmunltdEomT579brcqgNziyHhJ22gdgpQT4gGBJl4WXUF1ge4Xge9RZU/e4r/yKPLRELhl3xG7JtXJVTTK0=
.cifraclub.com.br/	1970-01-21 01:59:19	Name: __gads Value: ID=eefe736ba9288884:T=1701463035:RT=1701463035:S=ALNI_Mb9zgFhbiyxGXK_980cvpeAr_Xxzg
.cifraclub.com.br/	1970-01-21 01:59:19	Name: __gpi Value: UID=00000d01605487e9:T=1701463035:RT=1701463035:S=ALNI_Mag40gkTR2V84nnEJcAmIAp6Syxrg
.cifraclub.com.br/	1970-01-21 01:23:19	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNzAxNDYzMDM2NTk3fQ==
.cifraclub.com.br/	1970-01-21 02:13:43	Name: _ga_3BB4FZD3LP Value: GS1.1.1701463034.1.0.1701463036.0.0.0
.bing.com/	1970-01-21 01:59:19	Name: MUID Value: 09EA2C014A7162940DC43FDB4BDD630A
m.exactag.com/	1970-01-20 18:47:19	Name: exactag_new_gk Value: 86ca3691ec05425fbe94bf36889a0cec%7C30.01.2024%2020%3A37%3A16
m.exactag.com/	1970-01-20 20:56:55	Name: exactag_new_uk Value: 24e4373ea1004c578dd1315761e5f8e7%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: e1194170d46d421d96ef824b
.adform.net/	1970-01-20 17:22:21	Name: C Value: 1
.ctnsnet.com/	1970-01-21 01:23:19	Name: gid_CAESENt5hSfMrSCFVpuw4LI1HQk Value: 1
.quantserve.com/	1970-01-20 18:47:19	Name: d Value: EHUBCQHHKoEA
.quantserve.com/	1970-01-21 02:07:57	Name: mc Value: 656a43fc-bdda9-318ea-26b2d
.casalemedia.com/	1970-01-20 18:47:19	Name: CMPS Value: 3302
.adnxs.com/	1970-01-20 18:47:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImJx6egK!@wnfH8K6pQK`!5=E<L5>xj'guBRtfoa2'/lp#'kZhqzht(K_:/Yq@g44?D%nugO%v4VB%no3E5IrQ
.simpli.fi/	1970-01-21 01:24:45	Name: suid Value: 18A95B10B13B41B283DF22B822BBB819
.casalemedia.com/	1970-01-21 01:23:19	Name: CMID Value: ZWpD-LVFMRxdxFb86GfFjQAA
.casalemedia.com/	1970-01-20 18:47:19	Name: CMPRO Value: 2149
.de17a.com/	1970-01-21 01:16:07	Name: guid Value: 1.8062267905207264232
.yahoo.com/	1970-01-21 01:23:40	Name: A3 Value: d=AQABBPxDamUCEHtAH5YjlmkyGDYkxBy2T9cFEgEBAQGVa2V0ZQAAAAAA_eMAAA&S=AQAAAsdrgI8qY7EWh6-MSrDifQE
.everesttech.net/	1970-01-21 01:23:19	Name: everest_g_v2 Value: g_surferid~ZWpD-AADvjQdTQAM
.doubleclick.net/	1970-01-20 20:56:55	Name: APC Value: AfxxVi55aVmZ-R3ommqSsQjecWVzkCHRwMf3a0CrSVunXCbXgz-SkQ
.travelaudience.com/	1970-01-21 02:09:23	Name: _tracker Value: %7B%22UUID%22%3A%2205C59986-7F9D-4F24-0329-117ADB3CE36C%22%7D
.w55c.net/	1970-01-21 02:09:23	Name: wfivefivec Value: htkkLOJT1R9agc5
.w55c.net/	1970-01-20 17:20:55	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-20 17:20:55	Name: ar_debug Value: 1
.1rx.io/	1970-01-21 01:23:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-49887da4-c07d-4568-a409-5b3825a60202-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 01:23:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-49887da4-c07d-4568-a409-5b3825a60202-003%22%7D
.adform.net/	1970-01-20 18:04:07	Name: uid Value: 1239240027172733872
.adform.net/	1970-01-20 16:47:47	Name: TPC Value: 1701463037392
ads.travelaudience.com/	1970-01-21 02:09:23	Name: _tracker Value: %7B%22UUID%22%3A%2205C59986-7F9D-4F24-0329-117ADB3CE36C%22%7D
.ctnsnet.com/	1970-01-21 01:23:19	Name: cid Value: fb2dee4580eb4207832c722175757272
.3lift.com/	1970-01-20 18:47:19	Name: tluid Value: 226132715257474899589
.vodafone.de/	1970-01-20 16:47:47	Name: oshop Value: queryparams\|\|b_id\|\|1779\|\|queryparams\|\|shopid\|\|2673
.turn.com/	1970-01-20 20:56:55	Name: uid Value: 7659569024318541900
www.cifraclub.com.br/	1970-01-20 16:37:44	Name: tt_c_vmt Value: 1701463038
www.cifraclub.com.br/	1970-01-20 16:37:44	Name: tt_c_c Value: direct
www.cifraclub.com.br/	1970-01-20 16:37:44	Name: tt_c_s Value: direct
www.cifraclub.com.br/	1970-01-20 16:37:44	Name: tt_c_m Value: direct
www.cifraclub.com.br/	1970-01-21 02:13:43	Name: _ttuu.s Value: 1701463037872
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:20:55	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGkpUiG0IX9zO66ucs4jPwx6
.t.tailtarget.com/	1970-01-20 16:40:35	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 01:23:19	Name: u Value: fwAAAWVqQ/0z0AbMDBCwAgB=
www.cifraclub.com.br/	1970-01-21 01:23:19	Name: tt.u Value: 0100007FFD436A65CC06D03302B0100C
.cifraclub.com.br/	1970-01-21 01:24:45	Name: rdtrk Value: %7B%22id%22%3A%228a6532fb-fc99-4925-ab2c-e3dcecf59d36%22%7D
.t.tailtarget.com/	1970-01-20 17:20:55	Name: ttbprf Value: _frankfurt am main_hesse_de_1701463038174_764254285
.t.tailtarget.com/	1970-01-20 16:37:44	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:20:55	Name: ttnprf Value:
www.cifraclub.com.br/	1970-01-20 16:39:09	Name: tt.nprf Value:
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 16:37:46	Name: ttca Value: CA15437,CA15795,CA15771_1701463038
.t.tailtarget.com/	1970-01-20 17:20:55	Name: n Value: 1701463038
.t.tailtarget.com/	1970-01-20 17:20:55	Name: tp1 Value: CAESEAmVAawdymKFVDFhK33Q4wk
.t.tailtarget.com/	1970-01-20 17:20:55	Name: dc Value: 1
.ads.pubmatic.com/	1970-01-20 16:39:09	Name: KCCH Value: YES

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
security	error	URL: https://6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=19820480540&extPm=19820480540&extCr=537192284&rnd=1701463035730739' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6fc1e18f12c488ea0143ecd4a51fec8c.safeframe.googlesyndication.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
adsdk.microsoft.com
akamai.sscdn.co
api.cifraclub.com.br
b.t.tailtarget.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.adnxs.com
cdn.doubleverify.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
client.bannerspace.net
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
d.tailtarget.com
d335luupugsy2.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fra1-ib.adnxs.com
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.cifraclub.com.br
image6.pubmatic.com
img.youtube.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
m.exactag.com
master.cifraclub.com.br
onetag-sys.com
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pm.w55c.net
popups.rdstation.com.br
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
prod.tahoe-analytics.publishers.advertising.a2z.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.ad.smaato.net
s.seedtag.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
track.adform.net
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
us-u.openx.net
vfd2dyn.vodafone.de
www.bing.com
www.cifraclub.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
13.248.245.213
130.211.44.5
142.250.184.194
151.101.129.108
151.101.130.49
172.217.16.134
172.217.16.194
177.54.145.109
177.54.145.110
178.250.1.9
184.30.16.195
184.30.20.22
184.30.22.30
184.30.24.22
185.64.189.112
185.64.190.78
2.16.97.41
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.182
213.202.235.10
2600:1f18:1aca:4282:e85e:5275:34fe:1496
2600:9000:2127:4000:8:48e:53c0:93a1
2600:9000:2127:ce00:1b:5138:8a40:93a1
2602:803:c003:200::21
2606:4700::6810:5614
2606:4700::6811:190e
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:46::44
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:400c:c0c::54
2a02:2638:3::c
2a02:26f0:3500:1b::1724:a39e
2a02:26f0:3500:893::21cf
2a02:26f0:3500:d::1732:83d6
2a02:26f0:3500:f::1732:8318
2a02:26f0:3500:f::1732:831d
2a02:26f0:3500:f::1732:831f
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3602:5079:1120:7dbf:7a0d
34.102.185.99
34.120.63.153
34.149.50.64
34.255.67.121
34.68.90.188
34.98.64.218
35.157.253.10
35.186.193.173
35.186.253.211
35.190.0.66
35.201.123.184
35.204.74.118
35.223.116.65
37.157.6.232
37.157.6.235
37.252.171.53
46.228.174.117
51.89.9.252
52.210.223.89
52.35.82.95
52.57.12.239
65.9.90.93
65.9.93.173
65.9.94.131
65.9.95.111
65.9.95.19
65.9.95.3
65.9.95.59
65.9.95.8
65.9.95.9
69.173.144.165
89.149.192.64
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
031aba446f0d34b8d6e7c63309c34d56588979552d02dd892ed36bb7eb904a1a
0320f41b988e2d2c44059ba43fced64611cfc6f89f67a7b18f8c26a2b886f3a4
03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6
059fde446eca56b850d84915e85920731578dbfa93979ca10ddca0c20d945075
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08233093b6c59d49b84afbd0d551a07bab1c1cd3afbadb58c30d4299cccb7dca
0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
09c17debd5eada55da5b146aa4ed88e227ed981ae9e8e05da411489002268a74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48
11bd2be781da9338d62d2476d2d139493990d8107499ee9349c81cc0b3fc1ecc
1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351
159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a17c1471b9a306a99896ee23829d50b19a3449f5aa1042e933a15af251b46c0
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2
1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384
1e8255905b241808d05b885ad24ef9b55debdcf9362004c7fa53c2a6814d569e
1f29d719b1c1083432ad2f4deb233f8b7ac42ebc70bdb158d600e92ae6a978a5
1f35ae18fabbdf41c3b9f815cae3040a3d0d39d3aefc987e57c518a69bf2c763
1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7
217aec20facaa21f5efbbf506a157da11b86496e31708bce35b04ab5c1ad842a
21904511b5b3fb054732fff430b2263d1c2f788cd4dd8091ba0fd6e90293b976
22a49dddda6518b4242a73ff7ea33b83c543aaea3f7901897f1a5a59b2011efe
22ba388f87f7c0a90d3b1c3af4c311555b59acb370b4e2b1d298d23dd876067b
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
2589ca4da9f866decc402295708f0a2427672154eb82eb767c5dc7404e19488b
25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b
28d8c81ff8ca600bacb8f924d8a8fd89481d0a2eda004442b048db74630b6f24
298385c1b17e35a9710475ac7cbd3781346fde0bb4708503d71f309dbdb7f671
2a5197525b2d844bd1ce5852e89988181164abcd15bcba5767e37a0800445ec9
2b851b972fa32357c957e2e5aee300afe8d42c813d86f806125bf4286261a786
2c0552f5f695bac6b38705b48dbe470311f45dce3a3a485efe95ddb51bed3757
2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071
2f3f812ca3401b5882977dc25f862f6e1c7ce700659a26eae25723b83c8c3cd6
2f54844d7f13bebf2ddd935d0f9410342ddc5a197d23e04a1866e855bd312e29
30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316e1d3d2b14ebcc1e14fc70e7865e2045dc714fdbad9c15838258b465d0d2c2
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
31a7f6b125985fcebc86273eccd7b8a9347cf5f40ff32365ee3e6c9aa7e640a5
3236b2b4dca0b162230fcd317a468a9017907b3ceaa251def2d04ac7957ac826
32504538284faed1bb55612e57e9b5072bd96b983bbe927308eaec0ba2d25b33
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
333790a08743cda14dd3f8de8fb729b6bab0c81e33a1c8ce4d50a87e0db14e5b
368c1195e375b877f23dd637f8728184fd92ae028f2c928f454c8177bc9ca584
3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
37d53282cf614caeeb834ddea3ca2f547f7dedf972b4130ad1de309ab373cbad
387a8c104be5edb3c766a1e8145dfec5a32118c91bebf82001ce0100ec707cc8
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c
3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232
3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718
3cdafa331554b9a58e4406b653270c0b44945e431761cfeb3876229f001f8af6
3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e8b4075abc8b4b586a24fb831d3cf0d0805e6a39fc755379d48eaa67cc10cb6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406da2053885566326cd66d21cadc95c13faabfe442d807574c0a604e3e8568e
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4631555c380a404618ad15cb54ef8f57f2e4154f9ed0870b24a8ea3cb9da9306
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49967b4ecf31cebe67b6a3c8f69d19e690f29a97b2f1afe5a64128bdc1a69f8d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4d91220b5dbc70676ea9e1941e4b7d086e4dbcbb73b6e8a1f9690fe9d6296826
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8fdb16f0bc169c9f98925a0d080277600dc7e631e4f62c2cbb8fa01e0fa4f7
4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521
50ce2be0ffe94eca5f65edb8b0f1f3a04499019161c18edf46830659aeffedfe
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5398bb5a0b481f244d4d6acd1a4e5991521bbfae055aca47327aeebafc3fa7a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5690063093152714ffa5e91e793f6ccc94ae646f174d66325170a9c71c23eb9d
569720322a5c9920d78e67230b2edc7b4f10dc5d0ffd8a851f55b9987afc5550
59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1
5a0aea132cfbfe3f8d4f16d0208caf5b310bcfaff4eb993852ee66874cabf76c
5b1b5618e8887b9d60e4456e61ae69f6bbccdcbeaed553bfe565a3d78ba2de0f
5b1c8d48a633998b03aeda3689d1f2b0505c582f3d1565ebbf18b95e67988593
5d95b1c4a61da22cde9111a5a780402f3add70e936096218a1bb4acc2f257fa5
5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065
5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609
5efd5c070968ae7f3020be206ac993036ee7cbc6fab47e799ad4d9e9a86155f9
5fad1ff70aeb989c3e52557b2e4e1ef65bf4fc2f72b5f8f754a78a86d3e266bd
6047c33c918d59db473a295012ce74658d40357389f06e8435e6ca5f25661ce5
612e9af16924fa1127337dae91c12750c79ec1236b7c1c468e3674a7ae78987f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
641add6c942a307b08d3a46a521f67ceb594e19b72083f9dcd7855cea72dbacd
65bb008994fa5db03b2d2e55358e58280714d4392e17af6eaa55a900347931fc
67ed678663f66de05ecc0cdcaf88f40f1ec588b9b345ce0ab23658ee90552353
6903a34fb38ccc77a65f5fb43b43502a430492a6cb443a23025fcdffbed9b750
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6c6479c6ced6e99a04dc6faccbf7b63ce22f12d2a6a08152c9de6cd9bbb1e620
6d9ed6a3ccbc0872ede26d0a61a935b5c0e7ec7de45cf7f66599ebebfb9faa39
6eb844c9f03c7638ac3d0801d5942ab26cf989ebced75bfe7676c9c91b0f9b10
71ba7a9cbbe08f6b7afa15c89a02236d75e9b984cc8b0bc916f5f115d08daa6e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e018b7e6c3b5cc0e0cc790f256033b97b3783c5853529bc6101b6a7ed23159
7620fb859f2d4043d22636886cf9cab799f2a7c7e764febf3c9231eb3d469f3a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d
778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079
77c1f1106b1dac12de091eda7ff3e639de51bc86219f484c13e9dab13e1c99e5
794ea72e945bea99a7e936be803fc7363777bc22eb855c44a46edbc573b611e5
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7f7d0faa4fd64ad50d60bf04c073f660a012ee6bc551a2cda239ec5048218ea8
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84c51aca8ad35019d8c86ac48eb7be08faa09e65801fea1d148f1c8475aeb0fb
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8651e0c1bf7605670249f0eef475c5b06b5c8502e6514199243c4efa5362f303
87b583a9ff9fa27c62e4643bb7f99f1a6ca10f831dfac49be86c6e56a578d47e
89047ce19766d6b949b6fdd214a88910043b8c3bcfb75409398c80355c0a07cb
8948e2f660816aecc825aecbb61bad28cf5fbb65af1084f143a80f8553f411bf
894c292d72d13587e8c003306c1079e8492e72f463d5ad092dc10d33d0694d4d
8bef23f2733c67f6ad7dddc09e98d1dd22cc1061d9c1abd06005dc395b234639
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623
91cbd6fc483eaf860de999961856decb57033ee485da09876451a3d751bc7762
93cfa56912340907c4b0810e3ae00b9bd231cb6055666c7381007dd40481a345
941c7ca058540cec729fef1e81d1f383eedd792b0c0e51c1e9a58eea36f12f93
94a7acc2ea50680b38811015e38359e761c8d49ad380cb22761026881cb899a1
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6
99163961fd831f483e9837c9ce73d878cdbff470c6cc606cd919cd86c683a8ef
9a36be01554363c285eca63dbd0e98a4dbac109fb974a4d82fc008e0c0c06c74
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b345f07f1d5170978ba2b7a32db361440ebe198ff5a8f42e55992c286f8c78e
9f28c46727be49559d61cb229a24b63e0420c26a72833b7ebb265d3c9dfd8232
9f328676e304fd00e3137bec2128ce6f9cf19244ee7be37a901dfd4772f1d3de
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7e2292263fc51c97c3f1c27a5eee48a4c7e5557eccd275d9fcd70fbac0e95c6
a7fcfbc2cffe7086bab174053531cf4841c2ab543f9f19a78fcb12fdd425cf09
a8ec169659348d3c50e83f52b2beaf11840eada799ddfdfbfd48b271f7aaf6cf
ac55a51898573e7bb7489a16bb38df34754b188db7b44373664aee73c5ea6302
adf38684fdc6c70a10dc4657a4f6bf6d19921ab0f386005b4cad2b246f80ba4e
afe20f6d5dc86b16a72c78f4afc9fd2370f6449fb66b6654563662f54c663788
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef
b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791
b36692831e3d32fb5d3a366d7e4d8be604da6ba68f95a4ffe389a36f7d7fba7d
b63a4cb2301f3ecdcdd3d12a5a008ba755cb72047e8483388a22a73ca43dcdee
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b76f37462c263693297294981992679b1dac456a0d22f4438e435b2245306c06
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c2724b477d4c039551d1f08a034f4af573dec4d89bd52a6a72a16220160106a4
c36d7baf0ca32ebdb9f04499a2e27b7110d0c486397412b53b98c1f0dc1d10fe
c3b04b64fa45af19c92cb704fcc1d0856c477060fa78815c7a0f050dd714feb7
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950
c6a5fe2631c931fd394de29d377c21dde3a1de0e6add6b01dd722cb2383f259c
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc35098d44e047ccd575fc6c6f9b9a4a9fca64151c814da1ffe7086f0d11d51b
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfba63679b69fafc6ff3c8d8c2452b99a164ae597af00dd2005b3b38bc9939e8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2becf09a3d3c8fd26724dca79849e24d3fbe9baadaf1a440447b142b35c8bf7
d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7
d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1
d6d1bea9920a3618255a4519e243872fad8d7da694dc10de6643657c6ad2762b
d6dd8c008866e86af55be5428c60084719d294a3b0e2dc7132af0c23cbc0abf9
d7ae54e7a18a566585463e0c02bb3a8951a96c4fe09b17a4df5dc82c1488e6a0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c
defed337b792120ede970307e508aac299c5bacfc7926301e62ba9a3d15791ec
df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6
dfc5e8d2d73be372398354967a23c6c1186953d08ce25ed41725c7c8f588419c
e0458fd009dd5bcee8601b7501b2ea91f28b52ee871d0f12dde6445ea5bdc57f
e14eeb1168a0bb4bdf3f492c04c15b2840145837ac02e0924ca4f69c9d85bc9e
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e27ddabf1110e52de7532d90dff1ee3c907ac5fe0fb62e91fb0e529663b65d2e
e3308894913d302b9c608ef4edbbadb83aef22f5590c5656af4273e496f37786
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c844ae615e35fff816a007964fed049286ab71d246ab7af3ab2af781d0342a
e660c0ccbd8b5225437ff15c0ce078696853c0815b26756c083472612241aadf
e6a5446d1a3234b1a1aab9d1f410f456fadda2a5191f4f22a1208503edb855aa
e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043
e822051911dd8a23b071e002aff3422e6c2ea8e05823e1965c8197541901a0b7
e8298197d5c45023f4c580acc30fb5b63b7fbfd10a7df8c0852f012a503225e3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20e2b1b67a92e3fcaaa7ab4d4213916f3c656f5e04cd4c5126530a51101dfd
f00707ac1a8bcb6529f6e21f5cf055ebdb01186216a9c11aebc3781c9be362f8
f155cebf16d243080c0994dd01fcae514a7bfa6e7ff31f51a8fb89482a99c432
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f484159f792dac83fdd4738b6806ef00d342c724679d16df28d30c84d9c9abce
f4f828bd932e3d2cfc41828f719a08047655f9572c4cc79828fc336c23a6f2ff
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389
f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf
fb43d06b4066924809b6d9054f4d4fd646298e057dbe0a0ec6286700ac09cd48
fc4f26b2664c37cb6f507892481ac59a60e726eca7082f574eea3c5d7bdaa413
fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f
fce49e42c62a4151ecb10afcd0c0537fbbed1a2cb32a5438db646a7bb50277dc
fd14e8a67b1b88963a6de955d889cedde0b4b22faf2d80e6bb004ee74b109e86
feeed033dfbd5a9ae01be265feb0e2f5eb6357ac0e881418a69f60754a5c7922

www.cifraclub.com.br Open in urlscan Pro 2a02:26f0:3500:f::1732:831d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

384 Requests

92 %HTTPS

41 %IPv6

58 Domains

100 Subdomains

78 IPs

11 Countries

4694 kBTransfer

13241 kBSize

67 Cookies

37 Outgoing links

Page URL History

Redirected requests

384 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cifraclub.com.br Open in urlscan Pro
2a02:26f0:3500:f::1732:831d Public Scan

Screenshot
Live screenshot

Full Image

384
Requests

92 %
HTTPS

41 %
IPv6

58
Domains

100
Subdomains

78
IPs

11
Countries

4694 kB
Transfer

13241 kB
Size

67
Cookies

384 HTTP transactions
4 data transactions