urlscan.io logo urlscan.io
SecurityTrails logo

guis2.com Open in urlscan Pro
2a02:4780:13:1050:0:2fb8:ffe9:4  Public Scan

Go To Rescan Add Verdict Report
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivo...
Submission: On September 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 6 countries across 32 domains to perform 158 HTTP transactions. The main IP is 2a02:4780:13:1050:0:2fb8:ffe9:4, located in São Paulo, Brazil and belongs to AS-HOSTINGER, CY. The main domain is guis2.com.
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time guis2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2a02:4780:13:... 47583 (AS-HOSTINGER)
4 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
25 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:249... 16509 (AMAZON-02)
1 2a04:4e42::649 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 23.32.185.60 16625 (AKAMAI-AS)
1 192.0.78.218 2635 (AUTOMATTIC)
1 2001:4860:480... 15169 (GOOGLE)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.239.18.33 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.161.178 16625 (AKAMAI-AS)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
1 52.31.175.73 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
19 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
15 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
1 34.98.64.218 396982 (GOOGLE-CL...)
4 70.42.32.191 13789 (INTERNAP-...)
1 146.75.118.132 54113 (FASTLY)
3 4 216.58.212.162 15169 (GOOGLE)
2 4 104.18.26.193 13335 (CLOUDFLAR...)
2 3 185.89.210.180 29990 (ASN-APPNEX)
1 2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
158 43
21    2a02:4780:13:1050:0:2fb8:ffe9:4 (São Paulo, Brazil)

ASN47583 (AS-HOSTINGER, CY)
guis2.com
4    2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:10::6816:4be5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sendwebpush.com
25    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
2    2600:9000:2491:a200:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    192.0.78.218 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
supertruco.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net
tags.crwdcntrl.net
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    52.31.175.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2600:9000:20ab:3800:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)
rock.defybrick.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
19    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
flint.defybrick.com
15    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
4    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
724 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 433
275 KB
21 guis2.com
guis2.com
313 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
327 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
384 KB
6 gstatic.com
fonts.gstatic.com
103 KB
5 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 10986
log.outbrainimg.com — Cisco Umbrella Rank: 3100
2 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
ajax.googleapis.com — Cisco Umbrella Rank: 720
33 KB
4 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 25798
ui.cleverwebserver.com — Cisco Umbrella Rank: 27253
call.cleverwebserver.com — Cisco Umbrella Rank: 27981
96 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
2 KB
3 defybrick.com
rock.defybrick.com — Cisco Umbrella Rank: 11079
flint.defybrick.com — Cisco Umbrella Rank: 9665
20 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
mug.criteo.com — Cisco Umbrella Rank: 1822
7 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2190
google-bidout-d.openx.net — Cisco Umbrella Rank: 2191
980 B
3 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2157
widget-pixels.outbrain.com — Cisco Umbrella Rank: 4581
mv.outbrain.com — Cisco Umbrella Rank: 2834
87 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
114 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
12 KB
2 orquideassp.com
tags.orquideassp.com — Cisco Umbrella Rank: 219341
2 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 4022
463 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
601 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880
1 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
14 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2392
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 2075
9 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
249 B
1 supertruco.com
supertruco.com — Cisco Umbrella Rank: 501992
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
1 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243
30 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10565
511 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
91 KB
1 sendwebpush.com
cdn.sendwebpush.com — Cisco Umbrella Rank: 731796
158 32
Domain Requested by
21 guis2.com guis2.com
20 pagead2.googlesyndication.com guis2.com
pagead2.googlesyndication.com
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
guis2.com
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 securepubads.g.doubleclick.net guis2.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 s0.2mdn.net guis2.com
s0.2mdn.net
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
guis2.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 log.outbrainimg.com widgets.outbrain.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 fonts.googleapis.com guis2.com
securepubads.g.doubleclick.net
2 googleads4.g.doubleclick.net guis2.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 flint.defybrick.com rock.defybrick.com
guis2.com
2 www.googletagservices.com securepubads.g.doubleclick.net
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects guis2.com
2 e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 tags.orquideassp.com guis2.com
2 scripts.cleverwebserver.com guis2.com
1 mv.outbrain.com widgets.outbrain.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 s.w.org guis2.com
1 mug.criteo.com guis2.com
1 rock.defybrick.com widgets.outbrain.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 widget-pixels.outbrain.com guis2.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 supertruco.com guis2.com
1 widgets.outbrain.com tags.orquideassp.com
1 call.cleverwebserver.com guis2.com
1 cdnjs.cloudflare.com guis2.com
1 code.jquery.com guis2.com
1 blogger.googleusercontent.com guis2.com
1 ajax.googleapis.com guis2.com
1 www.googletagmanager.com guis2.com
1 cdn.sendwebpush.com guis2.com
1 ui.cleverwebserver.com guis2.com
158 47

This site contains links to these domains. Also see Links.

Domain
blogger.googleusercontent.com
agencyorquidea.com
orquidea.ai
Subject Issuer Validity Valid
guis2.com
R3		 2023-09-03 -
2023-12-02		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2023-08-06 -
2024-08-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-23 -
2024-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tags.orquideassp.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tls.automattic.com
R3		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-02 -
2024-03-02		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
rock.defybrick.com
Amazon RSA 2048 M01		 2023-04-09 -
2024-05-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.defybrick.com
ZeroSSL ECC Domain Secure Site CA		 2023-08-04 -
2023-11-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Frame ID: C77F6F694D19DE1951EA8EC1EECD052B
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: A64BF0011D483739D90E3F5AEAD6DD16
Requests: 1 HTTP requests in this frame

Frame: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5DD012D0ED6DADB4736B10AF3310D190
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4385030691969218&output=html&adk=1812271804&adf=3025194257&lmt=1695029167&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695036367152&bpp=3&bdt=761&idt=306&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1568341524838&frm=20&pv=2&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31077774%2C44798934%2C31077910&oid=2&pvsid=4195486384555686&tmod=1868945075&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: 54CCD4D746977D2B8FFA128EE1D16FBF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=guis2.com
Frame ID: 85164853E0132BBE265D3777C0823BCD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7XbX_1GvsAoTAzP49bZQ66Zkl7GptRTQ6U8x-MiY57jRvBvPEBohx8XDV8u4RLMZBt8qFpAwrbu7vdcogrY4bs5gu8MxXUnWh3pe9NhEgKySpIvO3dMPsPfpDuw0b3oLioxy8wMp9ySgLG2Pa-1xk2N1sHnlBTriGSvFu3ur93Sp-smOdeWGZW3gAiVJL6rpGHtqD3s01wqdbhTeHC5txZ2qmqCXUGM6od6u1aETLIC6w9isKqrFWjPpzVY95uhZsl7R1Udjl4Nn6i1FIHl01ig1oH8QR9yEZ3IdcSnhyo-Q2RZHf0iypAQBhDsN9zpAxuE33d_zwVMeDmzBd1A&sai=AMfl-YTPJ_e7H8YZ30XHgSP-uKHGHDG02J1juoXrwSP6iVZRa6D_ELGMBTlLyyruZd4jJ-73FuDRJVrheP5cTlzeDxuEXh2XF5LMkieSzFU9c5L-i3fLg7MdFlKSpJPskUNkmWmkUVSV9mqKb3JI68M&sig=Cg0ArKJSzF1KgC7RGvYKEAE&uach_m=[UACH]&adurl=
Frame ID: B4A78D942910AEA37005B2E9F2C693C0
Requests: 8 HTTP requests in this frame

Frame: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8736F701CD4A5ECC1AFD7B750C4ADDDE
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: 64849EE5AD61547F5B3C93138868334A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: C4A13D3E9BE6A6293232DF298279ADCF
Requests: 14 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1602D756FE0753402C4802F4CCAE49C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Frame ID: E9E1C2986C4F848F9EB126E05FBECF25
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Frame ID: 82BD8020EF7B85289762C45C426797B0
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37211BF5B9B948D3B50834F5833EC943
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
Frame ID: 4013AD23591E4D0E827A3772103A26C1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A622198CDDF5183F41A18D4895B1246
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 85C0C478E7859575DBF974D492BB560D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ganhar dinheiro na internet é uma realidade acessível – Gui S2

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

158
Requests

95 %
HTTPS

57 %
IPv6

32
Domains

47
Subdomains

43
IPs

6
Countries

2691 kB
Transfer

6660 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&rid=esp&cc=1
Request Chain 66
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=guis2.com&sn=ChromeSyncframe&so=0&topUrl=guis2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=plc2uHxGMW5weWE0UzdWTjRRalBLeUhvd1NGYlh0Q0M4MGRnZXQ0NVBpYXhoSC9uNkdmenBQUTBIbzNacW51NE4wNHdEbk42U2ttTTVsaGtoRWc0ZzNZeVZYVXBsTHhRTEZHK0ZyQk5HZXNQU3dqaVhqN2llQ2I5RTdvbmRFTjM0dkl2bTQ2MzBlM3I4VG0wQTBKdnlzUDNEM0VXcmVhdXk3TFloZ044bTBZZ3pnWXkvTjZJTW8rejl1b1lWSzhKcXhTbzJmSlhONHM1WnBlM2V2T1MxaXpOSE1HUGQ0WElwY3g3RzhYZzhnR1BOMTZDUndUWHRaT2FuOU5wUjVZOVRzUHIrbnF0aUpJcnI4dkt0ZU83MlBuNDdRUT09fA&cppv=2
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
Request Chain 110
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQgz0Hwm6MArgKCa67X0BAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
Request Chain 111
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsBXnYsT6S1qGtBATvWN4&google_cver=1
Request Chain 112
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5ODg0OTczNDEzNDI2MjgxMQ%3D%3D
Request Chain 113
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

158 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
guis2.com/dinheiro/ 		80 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/8.1.18
Resource Hash
4f88129013a9a574e1532fc6081c6c2874b567451cb48bf33fb80b776e513b80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
public, max-age=0
content-encoding
br
content-length
26506
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 11:26:06 GMT
expires
Mon, 18 Sep 2023 11:26:06 GMT
link
<https://guis2.com/wp-json/>; rel="https://api.w.org/" <https://guis2.com/wp-json/wp/v2/pages/37382>; rel="alternate"; type="application/json" <https://guis2.com/?p=37382>; rel=shortlink
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
x-powered-by
PHP/8.1.18
ed71e754d70b4e4cdb3d1cffd0041ed4.js
scripts.cleverwebserver.com/ 		131 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/ed71e754d70b4e4cdb3d1cffd0041ed4.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a1d7e3858fc2235cf4c00e3b4fd284a1d6ee2f8107605ee9e61b1ea2fff3ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
x-amz-version-id
_XTGTqw2Q6FRryL10RO1TBOMmF_F.cSh
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 Aug 2023 19:07:53 GMT
server
cloudflare
x-amz-request-id
DQ22BNDXG56Y3BMM
etag
W/"2e0f4cdcbe388e582802dffb2083c862"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
80893b6a5dbc9262-FRA
x-amz-id-2
GLsU2JG7pygff3y1O52BFpDO5czV08FYArkAYGVY6HHDkd/ePF6+PNggUVCnT9pXbqIW5ikE7KA=
expires
Mon, 18 Sep 2023 11:56:06 GMT
/
ui.cleverwebserver.com/ 		159 B
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30dc55affa6316858c0705b309f2864142b202a267bb47168e8dcb5f9c658f02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80893b6b1e889262-FRA
content-type
application/javascript
style.min.css
guis2.com/wp-includes/css/dist/block-library/ 		102 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 03 Sep 2023 12:31:54 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
12669
expires
Tue, 17 Sep 2024 11:26:06 GMT
blocks.style.build.css
guis2.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 		184 B
253 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.76
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Sep 2023 01:00:41 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
184
expires
Tue, 17 Sep 2024 11:26:06 GMT
style.css
guis2.com/wp-content/themes/smart-mag/ 		174 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/style.css?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
73effa23427c9d6d8f111d90eaab82e7b032d1ccd78f81758240322744d0f679
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
30788
expires
Tue, 17 Sep 2024 11:26:06 GMT
css
fonts.googleapis.com/ 		6 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Public+Sans%3A400%2C400i%2C500%2C600%2C700
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cedb9580462366ff95ef9d55bd7d9f5aab2ccc632f62cc6c1cd40a6274f868fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:23:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Sep 2023 11:26:06 GMT
lightbox.css
guis2.com/wp-content/themes/smart-mag/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/css/lightbox.css?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
955dbd7ee5d3d015eb874d58c0849dbed751200cdc2bbc1cfc93cf32967491b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
1862
expires
Tue, 17 Sep 2024 11:26:06 GMT
icons.css
guis2.com/wp-content/themes/smart-mag/css/icons/ 		4 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/css/icons/icons.css?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f4fc037cbef05f950aa57ff70bb17411d2cca7eda91779a4777cf28faeaa59e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
885
expires
Tue, 17 Sep 2024 11:26:06 GMT
jquery.min.js
guis2.com/wp-includes/js/jquery/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 03 Sep 2023 12:31:54 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
29502
expires
Mon, 25 Sep 2023 11:26:06 GMT
jquery-migrate.min.js
guis2.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:06 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 03 Sep 2023 12:31:54 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
4671
expires
Mon, 25 Sep 2023 11:26:06 GMT
618790c92c3ab_4756.js
cdn.sendwebpush.com/adsendwebpush/client_services/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/client_services/618790c92c3ab_4756.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4be5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4385030691969218
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f9e28ed0d797f9e7f7fa6d67ed308077b76569471a855b34ca55376eae82eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50663
x-xss-protection
0
server
cafe
etag
8166390764286217874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:07 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4BXXGYZX9F
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e2105a412edff5e8d3e8fe3997593b0be4f806e10ad0e9d89d6a04ebd9ffbe8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92441
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 11:26:07 GMT
DE_IMAGE-removebg-preview-1.png
guis2.com/wp-content/uploads/2023/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guis2.com/wp-content/uploads/2023/07/DE_IMAGE-removebg-preview-1.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
afbd6f486c155c5c519dc2e98ec2a2e1a605354d75be6e5ce8841abcc644cae1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Jul 2023 06:59:55 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
platform
hostinger
content-length
38015
expires
Tue, 16 Jan 2024 11:26:07 GMT
DE_IMAGE-removebg-preview.png
guis2.com/wp-content/uploads/2023/07/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guis2.com/wp-content/uploads/2023/07/DE_IMAGE-removebg-preview.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
afbd6f486c155c5c519dc2e98ec2a2e1a605354d75be6e5ce8841abcc644cae1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Jul 2023 06:59:44 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=10368000,public
accept-ranges
bytes
platform
hostinger
content-length
38015
expires
Tue, 16 Jan 2024 11:26:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f38e26cf4d4af10dfa9ee79bcc584c2b8fbdfa7f91edc75d6dcbc7d1be8f46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29277
x-xss-protection
0
server
cafe
etag
1 / 19618 / m202309120101 / config-hash: 2630279067652917074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 14:19:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Sep 2024 14:19:14 GMT
PicsArt_06-09-02.13.05.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLT_A9OmSuJZ3kc8JV0SGBzegSzyQOccOTlENr3qzyZ0-1cmTGHWt529X57zcbhBL6x7Ow8y05XuY9O66efK4e0-RgwS6qOrwYlKJm_DVWrc_GZg3cjPdORRGlweYgCoba8gWVCDMx7uBjw0Cz... 		301 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLT_A9OmSuJZ3kc8JV0SGBzegSzyQOccOTlENr3qzyZ0-1cmTGHWt529X57zcbhBL6x7Ow8y05XuY9O66efK4e0-RgwS6qOrwYlKJm_DVWrc_GZg3cjPdORRGlweYgCoba8gWVCDMx7uBjw0CzxEEze_QbF7vRhU8stlu1orIBUskOYKhXbVFLihVTZA/s320/PicsArt_06-09-02.13.05.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6189ed1fd15d77e5770c280b5667b4165ffff966a5abac720d9d89d830123d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
x-content-type-options
nosniff
server
fife
etag
"v3c09"
vary
Origin
content-type
image/png
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="PicsArt_06-09-02.13.05.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Tue, 19 Sep 2023 11:26:07 GMT
22379
tags.orquideassp.com/tag/ 		568 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/22379
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a200:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
81ea431fd269243f5a22b529b878855bf614e84614956c0f0ee1cf78f3ce7cf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:39:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2787
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
content-length
568
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"238-nmFDyIqTQIRrtAKHvrjNrTbuOxE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
p6b77vWXsEk7XrEd3nWHXYqdTp466qnFiW6gPlI1hUHj7KRivzF2zQ==
22384
tags.orquideassp.com/tag/ 		822 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/22384
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a200:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6a898a86059494180930f45bce270f403be2664307f87604d146103176736d32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Mon, 18 Sep 2023 10:39:40 GMT
x-content-type-options
nosniff
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2787
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
content-length
822
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"336-M037gqcVI2rWjaEh+Vk7f/ReGfs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
KCPCxVcskDpvvkYjaTtcHABeEK2DGvXmgPzsJ5hwNBLtf57bMivq6w==
dashicons.min.css
guis2.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-includes/css/dashicons.min.css?ver=6.3.1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 05 Jul 2023 04:19:46 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
35099
expires
Tue, 17 Sep 2024 11:26:07 GMT
gdpr-cookie-consent-public.min.css
guis2.com/wp-content/plugins/gdpr-cookie-consent/public/css/ 		44 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.3.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
413e65d923c92fda5b92c967605da6f9c02b63eebc9afef5f0667d69fa01f04d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Sep 2023 01:00:44 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000,public
accept-ranges
bytes
platform
hostinger
content-length
5169
expires
Tue, 17 Sep 2024 11:26:07 GMT
lazyload.js
guis2.com/wp-content/themes/smart-mag/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/js/lazyload.js?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4bf24be4975792598bed643d56794a401a45280c2b5340f5293a9c05cf2ae290
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
3843
expires
Mon, 25 Sep 2023 11:26:07 GMT
jquery.mfp-lightbox.js
guis2.com/wp-content/themes/smart-mag/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/js/jquery.mfp-lightbox.js?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
7031
expires
Mon, 25 Sep 2023 11:26:07 GMT
theme.js
guis2.com/wp-content/themes/smart-mag/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/js/theme.js?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e8ee263476b337762816c1e2111ab292ded26a6558130eb0589f3884b5a30524
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
14207
expires
Mon, 25 Sep 2023 11:26:07 GMT
jquery.sticky-sidebar.js
guis2.com/wp-content/themes/smart-mag/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/js/jquery.sticky-sidebar.js?ver=5.0.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
81cf3ad2057078f401528e8a7fd4b5483a28680d7866e7aa773d3a90501ed302
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
3288
expires
Mon, 25 Sep 2023 11:26:07 GMT
ads.js
guis2.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 		562 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.76
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Sep 2023 01:00:41 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
235
expires
Mon, 25 Sep 2023 11:26:07 GMT
bootstrap.bundle.js
guis2.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/ 		223 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.3.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Sep 2023 01:00:44 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
45444
expires
Mon, 25 Sep 2023 11:26:07 GMT
gdpr-cookie-consent-public.min.js
guis2.com/wp-content/plugins/gdpr-cookie-consent/public/js/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.3.0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
badb7071cf5de1f45a6ccc948f175ff4f824a4357c284700cce366d9898a8ec2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 14 Sep 2023 01:00:44 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
6233
expires
Mon, 25 Sep 2023 11:26:07 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
132571
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-etou8220062-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1695036367.057426,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
1, 26848
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/3.0.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/3.0.1/js.cookie.min.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8964308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
714
last-modified
Fri, 04 Feb 2022 14:14:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61fd34d9-2ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PY8%2FHT0rOwQsRec3uUvKOzjppHS%2FFlenCo7Lu0NXDBTJde%2BDfA5sb4rHjHSJeVygbskAPcIWyM9Y%2BsbBUdoSq4g%2BaxvsTL6s%2FQEbMjosPXvFoDUveCD2T8ZpZSAxDy9dgW5iQYMGwgz41Xf6gP5tAknJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80893b6dfccf92ba-FRA
expires
Sat, 07 Sep 2024 11:26:07 GMT
6e588fe9-6e70-49fd-a151-2454c4e79ff7
https://guis2.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://guis2.com/6e588fe9-6e70-49fd-a151-2454c4e79ff7
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
call.cleverwebserver.com/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=71338&c=DE&r=HE&l=54&b=Chrome&os=Win10&mob=0&v=1.48.5&ref=aHR0cHM6Ly9ndWlzMi5jb20vZGluaGVpcm8vP3VybD1odHRwczovL2luZm8uZmFicmljYWRlbWVudGVtaWxpb25hcmlhLmNvbS9mZXJyYW1lbnRhLXBvZGVyb3NhLz91cmw9aHR0cHM6Ly9hcnF1aXZvc3RlYy5jb20vZGluaGVpcm8tcmFwaWRvLz91cmw9aHR0cHMlM0ElMkYlMkZ3d3cubWVkaWFmaXJlLmNvbSUyRmZpbGUlMkZxdmVpcGRjM2puYnZkOHElMkZIUyUyQlBFSVRPJTJCVjMwJTJCJTJCJTJCRVNQJTJCTkFNRSUyQk5PJTJCRlJFRSUyQkZJUkUlMkJHTE9CQUwlMkJBTlRJQkxBQ0tMSVNUJTJCQVRVQUxJWkFETyUyQiUzRiUzRiUzRiUzRi56aXAlMkZmaWxlJTI2ZGtleSUzRHhldWx5NDJicm10JTI2ciUzRDkwMA%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80893b6e39cb9262-FRA
content-length
43
content-type
image/gif
06cfc3fda26765608364aadf9c3c02d8.js
scripts.cleverwebserver.com/ 		132 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/06cfc3fda26765608364aadf9c3c02d8.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4bc7846a89a5b6ccf36ced6632bb6bad180929b6720e7365482a2e7a95d1dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
x-amz-version-id
A_J3MtWj.E7qrWpXHDbztMuWQWppx.CA
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 14 Sep 2023 16:32:17 GMT
server
cloudflare
x-amz-request-id
7A6KMWK7EZER1ZEH
etag
W/"6e144f8bcbfac303a2afebca87157fdd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
80893b6de9779262-FRA
x-amz-id-2
uKzr92L2/byi5EM7kL6O5NHpFna7rj4z8N+0+NMcuwnOCOa0OhB70LWQ9y6TQKSSn4UTusSPhrw=
expires
Mon, 18 Sep 2023 11:56:07 GMT
ts-icons.woff2
guis2.com/wp-content/themes/smart-mag/css/icons/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-content/themes/smart-mag/css/icons/fonts/ts-icons.woff2?v2
Requested by
Host: guis2.com
URL: https://guis2.com/wp-content/themes/smart-mag/css/icons/icons.css?ver=5.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4b8a602cb7d75c953393ca68892b2a2e55482fe612dd6ce2b2d5c230cb7c05
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://guis2.com/wp-content/themes/smart-mag/css/icons/icons.css?ver=5.0.0
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 06 Jul 2023 19:04:32 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=10368000
accept-ranges
bytes
platform
hostinger
content-length
9488
expires
Tue, 16 Jan 2024 11:26:07 GMT
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Public+Sans%3A400%2C400i%2C500%2C600%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:18:27 GMT
x-content-type-options
nosniff
age
320860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:18:27 GMT
outbrain.js
widgets.outbrain.com/ 		231 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/22379
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5e0f74173aaff367c7ea6339cf1051190631824f6c9bbb47f2912ced13b64de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 11:27:59 GMT
etag
"23-dJhXlQSV2EBq11bW8vtO+YJK34g"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
4847bc0b0560bb75e5e748b38e6816c8
timing-allow-origin
*, *
content-length
85444
access-control-request-headers
X-OB-STG,X-OB-PRD
icon.svg
supertruco.com/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.218 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 30 Aug 2022 14:43:20 GMT
server
nginx
x-ac
2.hhn _atomic_ams HIT
etag
W/"630e2208-102b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Fri, 12 May 2023 16:49:12 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4BXXGYZX9F&gtm=45je39d0&_p=1340584431&cid=179490129.1695036367&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695036367&sct=1&seg=0&dl=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&dt=Ganhar%20dinheiro%20na%20internet%20%C3%A9%20uma%20realidade%20acess%C3%ADvel%20%E2%80%93%20Gui%20S2&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4BXXGYZX9F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://guis2.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4385030691969218&plah=guis2.com&bust=31077910
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4385030691969218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d18956ca16982b1bb352825ee78e46cb97f2f07004b9ecfffec72884c3f6ad7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131561
x-xss-protection
0
server
cafe
etag
8399359122940492675
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame A64B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4385030691969218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11370
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 08:16:37 GMT
etag
8554266389219770021
expires
Mon, 02 Oct 2023 08:16:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 		408 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 09:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
6611
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131633
x-xss-protection
0
server
cafe
etag
12671944107613252425
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 17 Sep 2024 09:35:56 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
327092
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
80893b7099f46934-FRA
expires
Thu, 21 Sep 2023 11:26:07 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:33:05 GMT
content-encoding
gzip
age
2044382
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 19:33:05 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Sep 2023 11:26:07 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
b7807dfe25d17aa262e3323934f7cf52
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-33.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 02:44:07 GMT
content-encoding
gzip
via
1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
31320
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
r-9DJuVc3Km1fqmu-WtbV1qUTH1hQvYkATHaAwwIBeTxMnLvKB-xbw==
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4195486384555686&correlator=717675170164647&eid=31077099%2C31077941%2C31075591&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&iu_parts=22106840220%3A22674341007%2Cguis2.com%2Cguis2.com_mw_content1_24112021&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=250x250%7C336x280%7C300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695036367387&lmt=1695029167&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYl8SpwKoxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiXxKnAqjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yl8SpwKoxSABSAghkEhcKCHJ0YmhvdXNlGJfEqcCqMUgAUgIIZBIUCgVvcGVueBiXxKnAqjFIAFICCGQ.&dlt=1695036366390&idt=941&adks=2249802039&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d2c1c4697f011b6415ea64a16b4b044fe0ca0ade94a1a4f246d2e82ee8f1483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9821
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://guis2.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4195486384555686&correlator=717675170164647&eid=31077099%2C31077941%2C31075591&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&iu_parts=22893903952%3A22932502784%2Cguis2.com300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695036367399&lmt=1695029167&adxs=444&adys=338&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&vis=1&psz=788x600&msz=788x600&fws=4&ohw=1600&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=true&dlt=1695036366390&idt=941&adks=2853887022&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7b3208ff10cb9b6f2510a29c8f683201f0e98efa88f9b00586030861c5333de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11987
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://guis2.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4195486384555686&correlator=717675170164647&hxva=1&scor=1669533839915799&eid=31077099%2C31077941%2C31075591&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&iu_parts=22685332817%2Cca-pub-9274953302254487-tag%2C22890180776&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695036367403&lmt=1695029167&adxs=444&adys=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&vis=1&psz=788x250&msz=788x250&fws=4&ohw=1600&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=true&dlt=1695036366390&idt=941&adks=1698777256&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
171913b6877cc1d0d68d061890485073754c916372e6c17578f9d1e53780cc98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://guis2.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4195486384555686&correlator=717675170164647&hxva=1&scor=1669533839915799&eid=31077099%2C31077941%2C31075591&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&iu_parts=22893903952%3A22932502784%2Cguis2.com250x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695036367406&lmt=1695029167&adxs=469&adys=3916&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&vis=1&psz=788x250&msz=788x250&fws=4&ohw=1600&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=true&dlt=1695036366390&idt=941&adks=4085025983&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66583f0b3e0ff40dea8f2cd30ae56e730f1368a1b2c59a252b55c728080159d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14193
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://guis2.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5DD0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:07 GMT
expires
Tue, 17 Sep 2024 11:26:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4195486384555686&correlator=717675170164647&hxva=1&scor=1669533839915799&eid=31077099%2C31077941%2C31075591&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fif&iu_parts=211182487%3A22679444409%2Cwww.guis2.com_Display480x320&enc_prev_ius=%2F0%2F1&prev_iu_szs=480x320&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695036367450&lmt=1695029167&adxs=521&adys=864&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&vis=1&psz=480x-1&msz=480x-1&fws=516&ohw=1600&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=true&dlt=1695036366390&idt=941&adks=846327061&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cdda6631bc0094ef77554f90523caf1e7e329ded0b4e6afa9676b28e6962a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24064
x-xss-protection
0
google-lineitem-id
5786376946
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138392486987
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://guis2.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		385 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=guis2.com&callback=_gfp_s_&client=ca-pub-4385030691969218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4385030691969218&plah=guis2.com&bust=31077910
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b1be410fa5730a185327cbe76ab2b1313004d61dd29d108cecef799c3cca554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 54CC 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4385030691969218&output=html&adk=1812271804&adf=3025194257&lmt=1695029167&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695036367152&bpp=3&bdt=761&idt=306&shv=r20230913&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1568341524838&frm=20&pv=2&ga_vid=179490129.1695036367&ga_sid=1695036367&ga_hid=1340584431&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077327%2C31077774%2C44798934%2C31077910&oid=2&pvsid=4195486384555686&tmod=1868945075&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4385030691969218&plah=guis2.com&bust=31077910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:07 GMT
expires
Mon, 18 Sep 2023 11:26:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=block-page-2&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=block-page-2&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Z3VpczIuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/Z3VpczIuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-178.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 11:26:07 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=17091
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
4d66e0ff612bada6e0074f9753705c90
Content-Length
15
Expires
Mon, 18 Sep 2023 16:10:58 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires
Wed, 18 Oct 2023 11:26:07 GMT
date
Mon, 18 Sep 2023 11:26:07 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheir...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheir...
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&rid=esp&cc=1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1b60481d43875c37843c56e3275caefc7d63701b6bbefe2368c2f353ce67e4e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-a5cz+NwLytDQmKzbfEgCfutxfzo"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://guis2.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Mon, 18 Sep 2023 11:26:07 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://guis2.com
location
/esp?url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 8516 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=guis2.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:07 GMT
server
Kestrel
server-processing-duration-in-ticks
299150
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
map
bcp.crwdcntrl.net/6/ 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.175.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-175-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f80fd948fbaf5ecce3ef315475c959e8908205818d1ed9550b99218a554f5f77

Request headers

Referer
https://guis2.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:07 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://guis2.com
cache-control
no-cache
x-server
10.45.13.51
access-control-allow-credentials
true
content-length
60
expires
0
placement_invocation
rock.defybrick.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:3800:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Caddy /
Resource Hash
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 07:57:02 GMT
content-encoding
gzip
via
1.1 644a5a573cbbd5ac03f5c40fa8642914.cloudfront.net (CloudFront)
server
Caddy
x-amz-cf-pop
AMS58-P3
age
12545
etag
"bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=43200
content-length
18460
x-amz-cf-id
CqxVD0etqQsQAeMURO7w97C4shm1kN0grrD2BoHnX1B1INvNxul-bg==
expires
Mon, 18 Sep 2023 19:57:02 GMT
wp-emoji-release.min.js
guis2.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guis2.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:13:1050:0:2fb8:ffe9:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 05 Jul 2023 04:19:46 GMT
server
LiteSpeed
vary
Accept-Encoding,Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
cache-control
public, max-age=604800,public
accept-ranges
bytes
platform
hostinger
content-length
4605
expires
Mon, 25 Sep 2023 11:26:07 GMT
ijwAs572Xtc6ZYQws9YVwnNDZpDyNjGolS673tpRgDcqd1s.woff2
fonts.gstatic.com/s/publicsans/v15/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwAs572Xtc6ZYQws9YVwnNDZpDyNjGolS673tpRgDcqd1s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Public+Sans%3A400%2C400i%2C500%2C600%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f585cd66b1f88cde8353141e2fd3026bcccfada2c9a4d09a67426273b406a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:21:19 GMT
x-content-type-options
nosniff
age
320688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15708
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:08:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:21:19 GMT
sid
mug.criteo.com/ Frame 8516
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=guis2.com&sn=ChromeSyncframe&so=0&topUrl=guis2.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=plc2uHxGMW5weWE0UzdWTjRRalBLeUhvd1NGYlh0Q0M4MGRnZXQ0NVBpYXhoSC9uNkdmenBQUTBIbzNacW51NE4wNHdEbk42U2ttTTVsaGtoRWc0ZzNZeVZYVXBsTHhRTEZHK0ZyQk5HZXNQU3dqaVhqN2llQ2I5RTdvbm...
417 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=plc2uHxGMW5weWE0UzdWTjRRalBLeUhvd1NGYlh0Q0M4MGRnZXQ0NVBpYXhoSC9uNkdmenBQUTBIbzNacW51NE4wNHdEbk42U2ttTTVsaGtoRWc0ZzNZeVZYVXBsTHhRTEZHK0ZyQk5HZXNQU3dqaVhqN2llQ2I5RTdvbmRFTjM0dkl2bTQ2MzBlM3I4VG0wQTBKdnlzUDNEM0VXcmVhdXk3TFloZ044bTBZZ3pnWXkvTjZJTW8rejl1b1lWSzhKcXhTbzJmSlhONHM1WnBlM2V2T1MxaXpOSE1HUGQ0WElwY3g3RzhYZzhnR1BOMTZDUndUWHRaT2FuOU5wUjVZOVRzUHIrbnF0aUpJcnI4dkt0ZU83MlBuNDdRUT09fA&cppv=2
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3fd1eb0de6a2971527b6cf400d656eaf9702fe819170e2aa9434d72d2f59695d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1426340
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=plc2uHxGMW5weWE0UzdWTjRRalBLeUhvd1NGYlh0Q0M4MGRnZXQ0NVBpYXhoSC9uNkdmenBQUTBIbzNacW51NE4wNHdEbk42U2ttTTVsaGtoRWc0ZzNZeVZYVXBsTHhRTEZHK0ZyQk5HZXNQU3dqaVhqN2llQ2I5RTdvbmRFTjM0dkl2bTQ2MzBlM3I4VG0wQTBKdnlzUDNEM0VXcmVhdXk3TFloZ044bTBZZ3pnWXkvTjZJTW8rejl1b1lWSzhKcXhTbzJmSlhONHM1WnBlM2V2T1MxaXpOSE1HUGQ0WElwY3g3RzhYZzhnR1BOMTZDUndUWHRaT2FuOU5wUjVZOVRzUHIrbnF0aUpJcnI4dkt0ZU83MlBuNDdRUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
255839
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame B4A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7XbX_1GvsAoTAzP49bZQ66Zkl7GptRTQ6U8x-MiY57jRvBvPEBohx8XDV8u4RLMZBt8qFpAwrbu7vdcogrY4bs5gu8MxXUnWh3pe9NhEgKySpIvO3dMPsPfpDuw0b3oLioxy8wMp9ySgLG2Pa-1xk2N1sHnlBTriGSvFu3ur93Sp-smOdeWGZW3gAiVJL6rpGHtqD3s01wqdbhTeHC5txZ2qmqCXUGM6od6u1aETLIC6w9isKqrFWjPpzVY95uhZsl7R1Udjl4Nn6i1FIHl01ig1oH8QR9yEZ3IdcSnhyo-Q2RZHf0iypAQBhDsN9zpAxuE33d_zwVMeDmzBd1A&sai=AMfl-YTPJ_e7H8YZ30XHgSP-uKHGHDG02J1juoXrwSP6iVZRa6D_ELGMBTlLyyruZd4jJ-73FuDRJVrheP5cTlzeDxuEXh2XF5LMkieSzFU9c5L-i3fLg7MdFlKSpJPskUNkmWmkUVSV9mqKb3JI68M&sig=Cg0ArKJSzF1KgC7RGvYKEAE&uach_m=[UACH]&adurl=
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 11:26:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame B4A7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 06:37:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
17340
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 06:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame B4A7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 11:03:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4A7 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:07 GMT
3397393718824588569
tpc.googlesyndication.com/simgad/ Frame B4A7 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3397393718824588569
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75c8e005dfde33d8d3eb5f5b654ec66c76ffc16be7e4653e66e58aa2f7f2aed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 20:26:30 GMT
x-content-type-options
nosniff
age
572377
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
310900
x-xss-protection
0
last-modified
Sat, 21 May 2022 00:23:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Sep 2024 20:26:30 GMT
truncated
/ Frame B4A7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a31c6605723b7db6394ecb759c91b298f0d78f7a68e95869351b74d1f47f291

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
show_pla
flint.defybrick.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=24802207002097815222710612210027236227412206172499566577892213220111&nc=0&tsf=0&tsfmi=&pv=0&cb=1695036367940&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1921362949&at=&bid=e30%3D&di=W1siZWYiLDMzODJdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NDUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxMjg0%0D%0AMzE4NTIxLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVl%0D%0AKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAg%0D%0AICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAg%0D%0AICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAg%0D%0AICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFi%0D%0AbGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAg%0D%0AIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAg%0D%0AIH1dIl0sWy0xLCItIl0sWy0yLCI3LGVjWEdYMTlubnJ2Vk8ySmRsTmh4QktRa0x2U0ZkQVFCQ2xo%0D%0AMTRWVVZGQWxGNytDQUlxWFJCRkNFMTZGWWtvVlVwQVdoQVNJRDJrWjVOdFUrNjliLzErNTg3Y3pX%0D%0AUkpBUGxHbDkiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQs%0D%0AIntcIm9cIjowLjAwNzE0Mjg1NzE0Mjg1NzE0M30iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcs%0D%0AIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwx%0D%0ANjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1c%0D%0AIl0iXSxbLTIwLCIxNzk0OTAxMjkuMTY5NTAzNjM2NyJdLFstMjEsInROQUxnV0VmIl0sWy0yMiwi%0D%0AW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0%0D%0AamhzXCI6Mjk0MDAwMDAsXCJ1amhzXCI6MjE3MDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxb%0D%0ALTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwi%0D%0AOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIs%0D%0AMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsx%0D%0ANjk1MDM2MzY3OTEyLC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02%0D%0ANi0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsMSwwLDY1LDQwNCw1MzIsMTA2NiwwLDE0NTkuMywx%0D%0ANDU5LjMsMjMzMCwyMzMwIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vja29cIixcIk5ldHNj%0D%0AYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDNdIl0sWy00MCwi%0D%0AMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEw%0D%0AMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXVy%0D%0Ab3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJi%0D%0AbmNoIiwxMThdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A650%2C%22y%22%3A332%2C%22w%22%3A300%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=jBhfM5ia6p&sdd=%7B%7D&pto=2358
Requested by
Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
53974f152ec8a1b42b1668a44dceee837b3ade3941fddcb625bf99480d60e2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1615
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8736 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:07 GMT
expires
Tue, 17 Sep 2024 11:26:07 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame 6484 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 6484 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 6484 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 6484 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 6484 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
truncated
/ Frame 6484 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ff95ffbab418671c6335ad4f94137f958e5de4c814463961e45e2fd8f3c1725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
11983293184972496393
tpc.googlesyndication.com/simgad/ Frame 6484 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11983293184972496393?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk4f_AHJnSSqyH71k9YNx_ONYmd0w
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8adc2a8f70645cf11871ea6c1c6fa119061eb9191155103db733fc208d6bccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 17:52:33 GMT
x-content-type-options
nosniff
age
236015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34995
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:46:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 14 Sep 2024 17:52:33 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6484 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 21:21:30 GMT
x-content-type-options
nosniff
server
cafe
age
50678
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Mon, 18 Sep 2023 21:21:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6484 		344 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
81416
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 18 Sep 2023 12:49:12 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame C4A1 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame C4A1 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame C4A1 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame C4A1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame C4A1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
css
fonts.googleapis.com/ Frame C4A1 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 11:01:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Sep 2023 11:26:08 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C4A1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 21:21:30 GMT
x-content-type-options
nosniff
server
cafe
age
50678
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Mon, 18 Sep 2023 21:21:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C4A1 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
81416
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 18 Sep 2023 12:49:12 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/12892270568274628067/ Frame C4A1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12892270568274628067/2076313506083323656
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0537c2c80869265c07df2335b0c4120c476d9cb57a7567d2be9915acc9a9c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 22:08:32 GMT
x-content-type-options
nosniff
age
307056
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28713
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 14:27:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Sep 2024 22:08:32 GMT
truncated
/ Frame C4A1 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a29b1c851e6677be5e09cb278640da7708403f6f2b4909569dcb195e6f02b578

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C4A1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40abd35fc0f8be85c474996180c9295d5749b7d7ed077c2a82cfd5ccf97f06f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B4A7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvupaiZQ-VjHN1Ji6MbyK3hOx3UaMBwImN16HawBaYp0vfklosLjs-3QUdo7HGXWnZX96dKuXQrKECMpdAZ98TSi48K3MeviP10B0Vw6mRFAkPOI9SLjvAu75MBWkS7GW8NBUotJEUM5o2PRjolYV4ZWiLI_BZCJYS2KZCdJYayD2kb6aBsehuMk1Lc5hJDjwiKeGSVWWt-oXjoqW4sSx3n6fOKU63VevPyLDL7Ev1DGjoUSL-8nmXdvHvtBZ9BTgDD6Gn9-u4OJvFixttlJqnXybJ5xb-AxqW6xhJGfi9Badfh4lSyUPuXv1zJZw0yPVfV0h2P5GbtdLBKm8SAloyZ&sai=AMfl-YThC-ulPmbuyBVPgmDmsS-FxwpuvBK3r2o2lgmFtDekL7BAEhEjBrL3-MuEkhCQdAwS--fF1tgyx3sgRJbXamuMLbdycZGxlDrwUIeiJvdsFBfpqwdVPb2W_SAZqCQb9ChPGKxdDQkm9F5TxHY&sig=Cg0ArKJSzGEZEP5JAUOGEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 11:26:08 GMT
1f53d.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		231 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/1f53d.svg
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
f9e7b049fd0d0d3a63aa46cafad28f017823760bbfceeafc9add2aaa20f8d163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:53:43 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
231
expires
Thu, 31 Dec 2037 23:55:55 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 1602 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 18 Sep 2023 11:26:08 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
googleads.g.doubleclick.net/xbbe/ Frame E9E1 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:08 GMT
expires
Mon, 18 Sep 2023 11:26:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8736 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsnsYftgyzhXng6271xKZ31RlF1Qae6JXKhuqereOWpXLSbVRXB18gVbbA4sBgJ6endUQG7WVyx51rwr6tv_gqP-5DY8NsNYrw42Jey3k4-L0qBec
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11481008477944424747&x=1&ct=76
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8736 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
1368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 02 Oct 2023 11:03:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8736 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:46:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
56359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 19:46:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8736 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:08 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4A1 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
164929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4A1 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
244993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 15:22:55 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1695036368190&sessionId=21e31a92-4016-def2-dee6-2c65d2caf894&url=guis2.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 11:26:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
ad40ea5264dfdfb9f86f3bf15a6c3852
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=guis2.com&srcUrl=https%3A%2F%2Fguis2.com%2Ffeed%2F&idx=0&rand=38548&widgetJSId=AR_40&va=true&et=true&format=html&clid=21e31a92-4016-def2-dee6-2c65d2caf894&fdu=guis2.com&px=650&py=332&vpd=0&cw=300&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010452&sig=tNALgWEf&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fguis2.com%2Fdinheiro%2F%3Furl%3Dhttps%3A%2F%2Finfo.fabricadementemilionaria.com%2Fferramenta-poderosa%2F%3Furl%3Dhttps%3A%2F%2Farquivostec.com%2Fdinheiro-rapido%2F%3Furl%3Dhttps%253A%252F%252Fwww.mediafire.com%252Ffile%252Fqveipdc3jnbvd8q%252FHS%252BPEITO%252BV30%252B%252B%252BESP%252BNAME%252BNO%252BFREE%252BFIRE%252BGLOBAL%252BANTIBLACKLIST%252BATUALIZADO%252B%253F%253F%253F%253F.zip%252Ffile%2526dkey%253Dxeuly42brmt%2526r%253D900
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d98dbb885361e694d9261a19c39ab832e5456abbe8a424db291c662e79db378

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1695036368.233788,VS0,VE433
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21978-LGA, cache-fra-eddf8230124-FRA
x-traceid
2ac56600df41d56a4771717e8506dc95
accept-ranges
bytes
content-length
2131
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E9E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L73Tg2l8ZIOoBu7BielZ0Yp2EO93DBlH9D1t6rTGJNJBtx0zs%2FGYuR%2BJ0LOGkXypwixau3iVHT%2FgRy8yAKA214WDIRyDXONTjJnqnyywO%2FD4iI%2BvdBG%2B15MtRSu2kVDRAHEcl1VbYsb%2F4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80893b764d5d18b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E9E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQgz0Hwm6MArgKCa67X0BAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4%2B%2B9vYNOA8zMrStd8tDyOnXQPUln8olxdFzzCO4RAVhBqEcMPc4GrjurdOU10ZRmTj9KCZtZfP8rSdf9r0p6D4xHZL145NAgcuvte8Fh0w4nkVE0ieeAi6MBq3iyvChnPipE1lqYeMruw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80893b76ebfb2be4-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPwLiZMDUoPsBGnph2efxqQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E9E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsBXnYsT6S1qGtBATvWN4&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsBXnYsT6S1qGtBATvWN4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Protocol
H2
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
an-x-request-uuid
405d7e8b-89e9-4884-b1cb-04bcb6022ffe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsBXnYsT6S1qGtBATvWN4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E9E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5ODg0OTczNDEzNDI2MjgxMQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5ODg0OTczNDEzNDI2MjgxMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGJHzk_MBMAE&v=APEucNXnKvgSw1-BfHdIsvX-QOWVA4ObjVrNFmWX8pvfGOWZ7VDGFUeMw8t_u6pOncEjAcV5cx4DivL_BuzJQdnCoLMt9nJ9T6L1_KJ3dWYZ8f06kXQ-ZCquHLrMPR877idnNKuO9Ky9PQ27KsnCkbQBN_HpIfUGiVqJaMNf-R7qXpcA_YXXcuA
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
an-x-request-uuid
dbb3519b-e8e5-4869-87da-2daa80e8198e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg5ODg0OTczNDEzNDI2MjgxMQ%3D%3D
x-proxy-origin
138.199.38.132; 138.199.38.132; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6484
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012308011702000/ Frame 82BD 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62025
x-xss-protection
0
server
sffe
etag
"2e9edf8f2a89282d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 82BD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:32 GMT
age
482436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5208
x-xss-protection
0
server
sffe
etag
"166738ad32285252"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:32 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 82BD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28952
x-xss-protection
0
server
sffe
etag
"cfd252d60a6db402"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 82BD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1920
x-xss-protection
0
server
sffe
etag
"a86a0dd8f4aab9b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012308011702000/v0/ Frame 82BD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012308011702000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 12 Sep 2023 21:25:33 GMT
age
482435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12942
x-xss-protection
0
server
sffe
etag
"02797982c4ca8b38"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Sep 2024 21:25:33 GMT
css
fonts.googleapis.com/ Frame 82BD 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 10:26:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 Sep 2023 11:26:08 GMT
pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 82BD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 21:21:30 GMT
x-content-type-options
nosniff
server
cafe
age
50678
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Mon, 18 Sep 2023 21:21:30 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 82BD 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
81416
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Mon, 18 Sep 2023 12:49:12 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/16238267317436520457/ Frame 82BD 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16238267317436520457/2076313506083323656
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b155fe7a98deca7c06707c331a7bd541f1f5d2b07089411975f37a6da4863e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23879
x-xss-protection
0
last-modified
Wed, 23 Sep 2020 12:05:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Sep 2024 11:26:08 GMT
truncated
/ Frame 82BD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
403f1a1d1bbebcab8946f31c58e8595929842e41f350b3fd0b0f7cf4955da469

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 82BD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f691e899612795f09dac1f3b943ce94a5bb66b445c54e0320a2faf7985eec4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5776087955620&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5776087955620&version=m202309120101&ct=76&x=1&cor=11481008477944424000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8736 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cist1nU0eC1hOU2szVN2kP8YaK7e0trP2H5LVS4z5DBGQry5UchJ49podAotNRK1yZEWSjO7hRCNGgjqnXSYiVkdFkQQ&cry=1&dbm_d=AKAmf-C4KqsNToYtfvMMNA6wDiBFqrXhQqNas2_kgi3EEwmtUmhysT32ye_raOHUBlX6rOW5SE65_pskkGYPQiI8EgEO7-65FgTmRzcs3hd7U85mkhBU8OVlL6jgfkxLH-qekDwE-7Ra829_9AKaciV6zRtA8IKP815IBpNNqQ3n2DccvS5k62psv8GGDGrA50VdRipyq6CQmZLJml81LIhUK9fUml8kWb5aGoAaAG2ZQaYLCKfuLT73-w7wkcGv0KS62lkBu6ck-wUaRmZ3K5FSxKgtUphaXerbS0S5L81KTWiAzHZdPg9vFoWPZQSWLYrcCAFWREsu7giN0KVKWqsPMrVkCx591QWHVD0NgeXNt0nQ-YkuE90xhVHgAGd3AC233HSPuxeZZ6qioxZBD5fKtegWp_qm-TErvN1esH5vnce82QlnlzWiss-RoGapnNyxIA2usKtenzLJe7i5ZZz4T-MaSbFguuThymQfoi6fjNXAqB8eHxFBA02DqFODU5v3I7GxTz7mrgKM64FWVmEduxjPUETGloZEgDQrrCXEcWtlinTmmlMO4aq7_kflfWrlmxuueT-RFbsLeeLBDit9NXHSdr_KV95UPM0sT-umLpk8KaT77ugszCcJqqvtwzHxWfQ0mSdpJa9s2szGie2skLxWZc0zBlMrnl5zvSeG5P6IIeKWRctrj4qJ2EkE3OlzOLepejlQN2REckMGQMefprFwB5IGGCPAuZ-Su5C8R6P7J7h5aKYxhrQDehGxv0OV2VwXyKaDgZB8Cd3SYYFUyKHC9sZeM3mK_UXz5gS1v4GE0m4xLqeDDQe87xtvLf8EaQWjsIqcg_9Xw-R-A1ZdpZRmHmG3WUG1l-PTGufgXCyFHNAX9vW9xjfXn19qTvuyH5aODenTvl0kuYVMthDE1xmfz-UGaQX0wMbOfk6ruy_6mTk3aHzDHtPDD-RibMXyb5i4WtymQDlHk26GAiR5tcn9mNJsr2lUEBguMlLUgYRBmx7pQVeYHD1vStkcUq5SFcMF8KTk7IB-UwmHZCmHf-mPKyWJcYoq86WRXfTOAPB3wAvSHvzvtUWqe3agpFWqcCfL-5xR0bIyJbmD_QR6FqZeOsc7EROSVgJAeJ9Y4pNnmQcas03_yz45lgzGurzhkZpSMHYu4Q2VSbQSnfz1QSDii12foxQYeFO3LIZLebtYof75MftPFiBIP3OuHbMHw4XPVwEr8hiQ88eWuiVapC5j3zxqeq2A5DfQvt86w1xSYG-8chZos4GakVug7GcxSSv7xiKuYSjXcnUVkgQ1DymfQ3ndo9AQJsGRmb30paqxPlLmG9wxTHsn_n9wCrRQePy7OTb_XCAEliS0zqLTpkuT8XMEn4Dh9Xxf_kKgLQ0zAJpo7YXwITmppBpWmup2EgkpAxBJQ7eAhCSJ8eL-RNfqibHKIK9bZCz-0dnzLurApDBACG7Pa3F1145yKoMmu0av2ckZHi8sOfb9dOCVOtB9_boiNVWrU_OY_JSBAREUxuWA7pVWZqaMFEux_XPmx9Ob95uJPB1hkuS5bR9gHfjWAPPWZRPtQXZmmSBkU9S3opFLFyDwc3G84Fa7nloWqWCXFfxR9PRnkiZ2ZmWNEfL4XwVk7AAaGpkEIabS8Tanr7Rdt8VwG9H_X0O8DFssYEGtSBw3sNshawgxDf1mvvFclwPAVjOKiUMiHESk6V2l9lwmBuZ7GvMZLQdhOlWRkHL67uV__bsLNp0XCAwZp6-4b4f64NuA4t_Ehxa3hrIyoRmmsqVCaHKzvVW6GB8oE7X27WzUGfCUa2hVNbjN0fb95DCt87ntDYIf9raL9J_tDoCnVzhyxTqQ3QEnfTl8NRmBiP2rlUgr5oC8WkIE_FXgwPbh78FNJ1Uz_WnAtCUJhP0C_xJMPCAdFFMKLvo-WrFPtN7g_O6b4bUlN9Bz9M8e0GU3rjBSK7w6f32qa9K9ZAKxjUiQO8MYg-Z82cW1MdD32JZ3ThiNCI4lOLQIfmFiQe5I5EgqGvn0qDQ2l_wr9G2UMNPsqdQNthNwZsWSr2BRYqePN2uLSnrEF_xjRqblJ851QUmPnpmYE-opVWA91qybnevioakE0PCNnuYyv1MRf1kHU4WHzUaZC5Eq927RbqLQQxYrsP1QxspzN-ilMZiYaw3cNrjKOJpQ4Mmj_zDYegNtJsgWDlvMgzCxlHwJ7-9gN--R968RLNX7SelUj5aMCyQHAo0Am2JKNXB7XFDjMojTeezHeqMQDWDsEW9kYCF0JftU9M1QTwg40w6slI2pS4z63UEOHnvJOV0LoG5zIxRkCI9H4TRE5PNdRoJ0jw2PF2W3WFkdcj95gatiC9QQ29fiPQnWEuEYqqZ8wafJAuApCTGX9ZeMgw2SCtt5J3fkDMtcL9UzXWHGm7ToDFgSAlI59JJjdJ_UN6qNb1mTGRfjizZyFUyZWg0lpWW5kqbUmBlIjGxT6kLfUu9aRPgWAGAJqb2ggVa-IHfVD14Fpf8pjQ-ceNL4JBk8qAWnM165wqClEIEfK-8zVdxJnRONPHhL_pd4q1bYKle5qg-9x-MjOhc5OjTNcivAFDOizISX3u_aXfumwueiPAtfe3GU6Q9HWFiIt_X80amfjn0-g0jI5zWJmROsBXguDQhI59Xz_JDlxlV_odE7XoJtx0HfJn9ghj-XWM3yMMZQvItrvoz4UMNqT6Gqqdkl7UKvd0r7X29eFcyhfP5aHNyh8ANtbEiYtNYd0puYkO6v9KNqvsECr6vBshUhuswf2mQJMneCdsWhJQ_-bQQ_c9zmuE0M_CcHGCQPDMJRDzeiXYlA0i2p9sZMwXsQOjl9SrLUdyHbOMUQuBLtuo6Me_l4745SZnE5mGg5LCL5BnvRFBblOi0fr6jMqvYuddXdGgz_lggccYmogWDpB1ZT3SxhoNdS-qH3RkvU3Yw3ZHFCAtXReLfY6Mi9ALGUBNGRRqYGAwu4G1vG_KPQxIXGarIzgpCGFydxGoopoxWTHQfqi08_x1iwfby_5epOhahk1IpUN3I_jK1O-EKpJdVJcT2pc5liJ9qjPMPb5e1kqKdvsi5hOBGa-iCTYC9RapiwuaHd829LgJs07pcFuLbDR3_rpVvOxyDAnqFk9TCfTRl6HXrmY4lKzyczXmd47o1vnF66Qxhdt9ndA9FJgnDNbSGCp9_X8EDgpGCDr5_ueS1k_20QNGCTpsCqafcOiOIFVVUl_RksQmc1_O-R4jZRcopcTlVuH3ZIzxvLyzY3rRNDeAnekrUYkvgpRtGC4albB6L998Zo4U77qIF0n_gkI8OSpHANT8aH0M68nX-e2P8X8CNpiN1S26vn7dNNASjSG3QOdZs1cwHK4u-KyktTyFU7myzunC4eYMtkcPWP-LawTAdE3dQON6u6DwT3kRTvsAF1sWIR3NEyisoi-rKb8aYqEwGJuf19dawHWkTQrzhkmTxIBmAnkhY1DG2VZNlq7lP9yHnp6GZWTLOQU7B29ZdhIltAp1aKA08Yv77xOBszj8-jCGubv2cAZKg8xOL3HKyDeUtXI1vMwacVPWd1RSfdYbOAZz4rX5xUCTcN7teDUI8o92A2AaPSiXJ4siOlO_R7wwzih1NuX2-5yeMEKF579gVnezGIbttH1kBvCQq40cJV2JRxTQ-OwwB5qEzpkzTZ8WYtsUMvMuyIc18uz9cu-Wrb8_pWfaDr_K5QFhXAk-OOh1T285t_xfy-19jYtZbxNHvgh4OlsCiKk_H6j3iiT31NELzuDg9I9vCI-vORNfyniPMSxpgbbja1RnCI-Jaw1JiyVcntUS7ibfAmoIiE_ddEDfmEa-3xU-Imj9t8F839Z9xwW0NtYipJ8c7oe2mjdlpc83aeBQm8_7gjh65ciAzuv2gMw7S3Ld00iWuX1Mca9TvQRZy2QH-ikkkHWmeLwdQ1qWwxjpgz1qgITguGmQD17hIFwoPRpl4LE5H7InSRELVnHc0hM5mc1keHqwflsNzYoQ&cid=CAQSTABpAlJWVA3zufEnfnRf4zgeQ2rU-bIhqljFwaC7sTwHaEumv4wJxsw4U3Y0wSrnR7sgSYqwFdsU_H3YPubZwFnyg5YwKEU6ob6CFAIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fguis2.com%2F&ds=l&xdt=1&iif=1&cor=11481008477944424000&adk=2228999115&idt=141&cac=0&dtd=22
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07079cf5feef40a0e75a58dabae8ac9fb43621a4a82a9c70b5177bde67c3edc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38738
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 82BD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
164929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 82BD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://guis2.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
244993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Sep 2024 15:22:55 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6484 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNjVmzzMIZcy3G8efgAek_7voCOnqx-pyjtiS24sRruWGpfI5EAEgtorSmgFgleKmgrAHoAHv4rW_AsgBAqkCCO0qBCbhsT7gAgCoAwHIAwiqBJECT9De-yUmezGfc3aRXlnlG3zX4fNaNQeXC-EsT9Ax1dE-LOxZw5htg340QByQp2VJCOxaKNdFF1HV4q4go4ehrdTdK-5J38RU1Gfy4u9POkihJfdP1ItLNBMSxvyGGOA75P67vr6qt6tO-ADvRo6B_omqiN6cRNX4_syM0xhhGVRmM4nghI-_ytj0DC3mTBJG1Z3h9rs0bRLQ5OEazbgkynlWumseAitWIZdO2DEL7o51sRyc9qwGQ2VvxZDLSzNKw99g9S4MxwlwsvuTGl8SqV3fX8dWTtoOujbL5Z8qy9S8kLnPVRbWc1D_nlQn8ueUrj5y3Y-9bDJnwiacAXZtYye9678SMXAuzhk5RA5uJEHMwATq-46iowTgBAGIBZLYnoZKkgUECAQYAZIFBAgFGASgBgKAB_mcysABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQhOY70ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJHmh0dHBzOi8vemllbGdydXBwZW5nZXJlY2h0LmRlL4AKA8gLAdgTCtAVAYAXAbIXHwodCAASFHB1Yi03NDMzMzUzNzQ5NDk3MzIyGM68kgE&sigh=Cz551ugM3ZI&uach_m=[]&ase=2&cid=CAQSSwBpAlJWLK62qQflGb7qqngXWhy3NKucBGTsFrJ_zImHV4UNL1K86RvCeER1Y1iAX17S_-ltOGrMNaXsG9mrl4bFcg070YO3IYDXnRgB&cbvp=2
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C4A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2n5bzzMIZcTEG9nbgQeBiqjgB_Cp7P9yzK_6oewRqtu_oNQBEAEg4pm_nQFgleKmgrAHoAHXyJHUAsgBCakCkEg6BEHnsT7gAgCoAwHIAwqqBKsCT9A0LHVrhK8teXFVQ2WOdu0eMAb0-FOlscrL9fwjAvr5KAvH7dZhVwZHyGwgCPqYSX_OFiNsjKqFWNiQhX5ue-dfzcQ6dv7yrktv9PQJNs3o635w149uacFQFNbk8ZI1L7G6PR2f-RKncfOWKB_spxbH2v_-8ieiFhG_1L7dJHpfVhHTdeWwTCWvixceYigGCw_511XvmkKGjCS1rdRiY_6upQZJPnobphRPxZKdLsha4otAm2W8Rm26K7MlKeLVJcXkVcrtqGFzFfXq4sCbEt5EIznails8PiiVliZTxNFsLzAZ9WM6gBWFn4IzE45Id3MrSeP1ATcCwGUZGNwF6dsTz1wCukWrgbLIAsAGeKB6GrT2NwpBdtgaiJIbcEEhoSvwl184OdHI7CDABKPglLy6BOAEAYgFu6-jykySBQQIBBgBkgUECAUYBKAGLoAHkbfuqwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDQ6hLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgmwAWh0dHBzOi8vd3d3Lm1lZGlhbWFya3QuZGUvZGUvcHJvbW8tbGlzdC90dmFfbG9hX2phYnJhX3NlcHRlbWJlcl9wcm9tbz91dG1fc291cmNlPWRpc3BsYXklMjBjb29wZXJhdGlvbnMmdXRtX21lZGl1bT1zb2Mtc3VwcGxpZXIlMjBwb3N0JnV0bV9jYW1wYWlnbj1qYWJyYS9lbGl0ZV84X3Byb21vLzIwMjMxMDE1gAoDyAsBuBPkA9gTCogUAdAVAYAXAbIXHwodCAASFHB1Yi05MjY2MDc0NTYyNzY0NTkyGJerhQE&sigh=9xAlGceeSEw&uach_m=[]&ase=2&cid=CAQSSwBpAlJW8mvKrPRXch2OZogdC9ROGAHXhP7np6LHkPyd18VbZ-L4v0qT3LBU4IR0HKqdm5OZNFvfGNV0cFOm4rEBXMBLJ6umly6UDRgB&template_id=484&cbvp=2
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1695036368446&sessionId=21e31a92-4016-def2-dee6-2c65d2caf894&url=guis2.com&cheqSource=1&cheqEvent=2&responseTime=796
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 11:26:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
15992f6d0990bc6b80d748039ebc8084
Content-Length
4
Expires
0
imp.gif
flint.defybrick.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e001363ebc736ec448c959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714693d05735f578fce1d7b1474fbd498fbd38e820db61cc06d6542aa92a04ad1e17562ac25b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1f08f77f6aa1931c7ae6d0eb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f8280e8f68bbee34d2df47ae4e9a87c5535b5d23298b54ae0424709d55e0c86d7d8888fbc9227c32c90c6f5ae53df5f5b1aa35e64c1cfc61d7c84bf70fa00b3921c972cfe2e1510509f36e4568993ff2eed8038925ca9cfcbcb69ce010468ea550503324873c8e165bf49decb8c34a8d325b3d02addc2b1ad33cfa0e05c777384a9061595f7195442acd5b37ab93b98ed40f2e326b160a333934fd717deb421c11a26f8b394663b237d002c0b400aace18e70cf03b7454e4335e5b54fdf981b10e3b9dfbabc6adef0e5fc86f8a8ed564e3cfb478eaa446f8343661bcb7e5c716cf57ab36b18c2ebc261967dd6258baf2ad1a50c997b0b263c1f7d139cc5e4b6206906881257e1a6cba7a298410f9facaf38c7dd797fc4c051692bbfc49b257ef279c106c14df135df509e9d0feaf972f091889f&cb=1695036368446&cri=jBhfM5ia6p
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8736 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
Origin
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 18:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 18:19:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 8736 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cist1nU0eC1hOU2szVN2kP8YaK7e0trP2H5LVS4z5DBGQry5UchJ49podAotNRK1yZEWSjO7hRCNGgjqnXSYiVkdFkQQ&cry=1&dbm_d=AKAmf-C4KqsNToYtfvMMNA6wDiBFqrXhQqNas2_kgi3EEwmtUmhysT32ye_raOHUBlX6rOW5SE65_pskkGYPQiI8EgEO7-65FgTmRzcs3hd7U85mkhBU8OVlL6jgfkxLH-qekDwE-7Ra829_9AKaciV6zRtA8IKP815IBpNNqQ3n2DccvS5k62psv8GGDGrA50VdRipyq6CQmZLJml81LIhUK9fUml8kWb5aGoAaAG2ZQaYLCKfuLT73-w7wkcGv0KS62lkBu6ck-wUaRmZ3K5FSxKgtUphaXerbS0S5L81KTWiAzHZdPg9vFoWPZQSWLYrcCAFWREsu7giN0KVKWqsPMrVkCx591QWHVD0NgeXNt0nQ-YkuE90xhVHgAGd3AC233HSPuxeZZ6qioxZBD5fKtegWp_qm-TErvN1esH5vnce82QlnlzWiss-RoGapnNyxIA2usKtenzLJe7i5ZZz4T-MaSbFguuThymQfoi6fjNXAqB8eHxFBA02DqFODU5v3I7GxTz7mrgKM64FWVmEduxjPUETGloZEgDQrrCXEcWtlinTmmlMO4aq7_kflfWrlmxuueT-RFbsLeeLBDit9NXHSdr_KV95UPM0sT-umLpk8KaT77ugszCcJqqvtwzHxWfQ0mSdpJa9s2szGie2skLxWZc0zBlMrnl5zvSeG5P6IIeKWRctrj4qJ2EkE3OlzOLepejlQN2REckMGQMefprFwB5IGGCPAuZ-Su5C8R6P7J7h5aKYxhrQDehGxv0OV2VwXyKaDgZB8Cd3SYYFUyKHC9sZeM3mK_UXz5gS1v4GE0m4xLqeDDQe87xtvLf8EaQWjsIqcg_9Xw-R-A1ZdpZRmHmG3WUG1l-PTGufgXCyFHNAX9vW9xjfXn19qTvuyH5aODenTvl0kuYVMthDE1xmfz-UGaQX0wMbOfk6ruy_6mTk3aHzDHtPDD-RibMXyb5i4WtymQDlHk26GAiR5tcn9mNJsr2lUEBguMlLUgYRBmx7pQVeYHD1vStkcUq5SFcMF8KTk7IB-UwmHZCmHf-mPKyWJcYoq86WRXfTOAPB3wAvSHvzvtUWqe3agpFWqcCfL-5xR0bIyJbmD_QR6FqZeOsc7EROSVgJAeJ9Y4pNnmQcas03_yz45lgzGurzhkZpSMHYu4Q2VSbQSnfz1QSDii12foxQYeFO3LIZLebtYof75MftPFiBIP3OuHbMHw4XPVwEr8hiQ88eWuiVapC5j3zxqeq2A5DfQvt86w1xSYG-8chZos4GakVug7GcxSSv7xiKuYSjXcnUVkgQ1DymfQ3ndo9AQJsGRmb30paqxPlLmG9wxTHsn_n9wCrRQePy7OTb_XCAEliS0zqLTpkuT8XMEn4Dh9Xxf_kKgLQ0zAJpo7YXwITmppBpWmup2EgkpAxBJQ7eAhCSJ8eL-RNfqibHKIK9bZCz-0dnzLurApDBACG7Pa3F1145yKoMmu0av2ckZHi8sOfb9dOCVOtB9_boiNVWrU_OY_JSBAREUxuWA7pVWZqaMFEux_XPmx9Ob95uJPB1hkuS5bR9gHfjWAPPWZRPtQXZmmSBkU9S3opFLFyDwc3G84Fa7nloWqWCXFfxR9PRnkiZ2ZmWNEfL4XwVk7AAaGpkEIabS8Tanr7Rdt8VwG9H_X0O8DFssYEGtSBw3sNshawgxDf1mvvFclwPAVjOKiUMiHESk6V2l9lwmBuZ7GvMZLQdhOlWRkHL67uV__bsLNp0XCAwZp6-4b4f64NuA4t_Ehxa3hrIyoRmmsqVCaHKzvVW6GB8oE7X27WzUGfCUa2hVNbjN0fb95DCt87ntDYIf9raL9J_tDoCnVzhyxTqQ3QEnfTl8NRmBiP2rlUgr5oC8WkIE_FXgwPbh78FNJ1Uz_WnAtCUJhP0C_xJMPCAdFFMKLvo-WrFPtN7g_O6b4bUlN9Bz9M8e0GU3rjBSK7w6f32qa9K9ZAKxjUiQO8MYg-Z82cW1MdD32JZ3ThiNCI4lOLQIfmFiQe5I5EgqGvn0qDQ2l_wr9G2UMNPsqdQNthNwZsWSr2BRYqePN2uLSnrEF_xjRqblJ851QUmPnpmYE-opVWA91qybnevioakE0PCNnuYyv1MRf1kHU4WHzUaZC5Eq927RbqLQQxYrsP1QxspzN-ilMZiYaw3cNrjKOJpQ4Mmj_zDYegNtJsgWDlvMgzCxlHwJ7-9gN--R968RLNX7SelUj5aMCyQHAo0Am2JKNXB7XFDjMojTeezHeqMQDWDsEW9kYCF0JftU9M1QTwg40w6slI2pS4z63UEOHnvJOV0LoG5zIxRkCI9H4TRE5PNdRoJ0jw2PF2W3WFkdcj95gatiC9QQ29fiPQnWEuEYqqZ8wafJAuApCTGX9ZeMgw2SCtt5J3fkDMtcL9UzXWHGm7ToDFgSAlI59JJjdJ_UN6qNb1mTGRfjizZyFUyZWg0lpWW5kqbUmBlIjGxT6kLfUu9aRPgWAGAJqb2ggVa-IHfVD14Fpf8pjQ-ceNL4JBk8qAWnM165wqClEIEfK-8zVdxJnRONPHhL_pd4q1bYKle5qg-9x-MjOhc5OjTNcivAFDOizISX3u_aXfumwueiPAtfe3GU6Q9HWFiIt_X80amfjn0-g0jI5zWJmROsBXguDQhI59Xz_JDlxlV_odE7XoJtx0HfJn9ghj-XWM3yMMZQvItrvoz4UMNqT6Gqqdkl7UKvd0r7X29eFcyhfP5aHNyh8ANtbEiYtNYd0puYkO6v9KNqvsECr6vBshUhuswf2mQJMneCdsWhJQ_-bQQ_c9zmuE0M_CcHGCQPDMJRDzeiXYlA0i2p9sZMwXsQOjl9SrLUdyHbOMUQuBLtuo6Me_l4745SZnE5mGg5LCL5BnvRFBblOi0fr6jMqvYuddXdGgz_lggccYmogWDpB1ZT3SxhoNdS-qH3RkvU3Yw3ZHFCAtXReLfY6Mi9ALGUBNGRRqYGAwu4G1vG_KPQxIXGarIzgpCGFydxGoopoxWTHQfqi08_x1iwfby_5epOhahk1IpUN3I_jK1O-EKpJdVJcT2pc5liJ9qjPMPb5e1kqKdvsi5hOBGa-iCTYC9RapiwuaHd829LgJs07pcFuLbDR3_rpVvOxyDAnqFk9TCfTRl6HXrmY4lKzyczXmd47o1vnF66Qxhdt9ndA9FJgnDNbSGCp9_X8EDgpGCDr5_ueS1k_20QNGCTpsCqafcOiOIFVVUl_RksQmc1_O-R4jZRcopcTlVuH3ZIzxvLyzY3rRNDeAnekrUYkvgpRtGC4albB6L998Zo4U77qIF0n_gkI8OSpHANT8aH0M68nX-e2P8X8CNpiN1S26vn7dNNASjSG3QOdZs1cwHK4u-KyktTyFU7myzunC4eYMtkcPWP-LawTAdE3dQON6u6DwT3kRTvsAF1sWIR3NEyisoi-rKb8aYqEwGJuf19dawHWkTQrzhkmTxIBmAnkhY1DG2VZNlq7lP9yHnp6GZWTLOQU7B29ZdhIltAp1aKA08Yv77xOBszj8-jCGubv2cAZKg8xOL3HKyDeUtXI1vMwacVPWd1RSfdYbOAZz4rX5xUCTcN7teDUI8o92A2AaPSiXJ4siOlO_R7wwzih1NuX2-5yeMEKF579gVnezGIbttH1kBvCQq40cJV2JRxTQ-OwwB5qEzpkzTZ8WYtsUMvMuyIc18uz9cu-Wrb8_pWfaDr_K5QFhXAk-OOh1T285t_xfy-19jYtZbxNHvgh4OlsCiKk_H6j3iiT31NELzuDg9I9vCI-vORNfyniPMSxpgbbja1RnCI-Jaw1JiyVcntUS7ibfAmoIiE_ddEDfmEa-3xU-Imj9t8F839Z9xwW0NtYipJ8c7oe2mjdlpc83aeBQm8_7gjh65ciAzuv2gMw7S3Ld00iWuX1Mca9TvQRZy2QH-ikkkHWmeLwdQ1qWwxjpgz1qgITguGmQD17hIFwoPRpl4LE5H7InSRELVnHc0hM5mc1keHqwflsNzYoQ&cid=CAQSTABpAlJWVA3zufEnfnRf4zgeQ2rU-bIhqljFwaC7sTwHaEumv4wJxsw4U3Y0wSrnR7sgSYqwFdsU_H3YPubZwFnyg5YwKEU6ob6CFAIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fguis2.com%2F&ds=l&xdt=1&iif=1&cor=11481008477944424000&adk=2228999115&idt=141&cac=0&dtd=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 20:57:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
52106
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 20:57:42 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 8736 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cist1nU0eC1hOU2szVN2kP8YaK7e0trP2H5LVS4z5DBGQry5UchJ49podAotNRK1yZEWSjO7hRCNGgjqnXSYiVkdFkQQ&cry=1&dbm_d=AKAmf-C4KqsNToYtfvMMNA6wDiBFqrXhQqNas2_kgi3EEwmtUmhysT32ye_raOHUBlX6rOW5SE65_pskkGYPQiI8EgEO7-65FgTmRzcs3hd7U85mkhBU8OVlL6jgfkxLH-qekDwE-7Ra829_9AKaciV6zRtA8IKP815IBpNNqQ3n2DccvS5k62psv8GGDGrA50VdRipyq6CQmZLJml81LIhUK9fUml8kWb5aGoAaAG2ZQaYLCKfuLT73-w7wkcGv0KS62lkBu6ck-wUaRmZ3K5FSxKgtUphaXerbS0S5L81KTWiAzHZdPg9vFoWPZQSWLYrcCAFWREsu7giN0KVKWqsPMrVkCx591QWHVD0NgeXNt0nQ-YkuE90xhVHgAGd3AC233HSPuxeZZ6qioxZBD5fKtegWp_qm-TErvN1esH5vnce82QlnlzWiss-RoGapnNyxIA2usKtenzLJe7i5ZZz4T-MaSbFguuThymQfoi6fjNXAqB8eHxFBA02DqFODU5v3I7GxTz7mrgKM64FWVmEduxjPUETGloZEgDQrrCXEcWtlinTmmlMO4aq7_kflfWrlmxuueT-RFbsLeeLBDit9NXHSdr_KV95UPM0sT-umLpk8KaT77ugszCcJqqvtwzHxWfQ0mSdpJa9s2szGie2skLxWZc0zBlMrnl5zvSeG5P6IIeKWRctrj4qJ2EkE3OlzOLepejlQN2REckMGQMefprFwB5IGGCPAuZ-Su5C8R6P7J7h5aKYxhrQDehGxv0OV2VwXyKaDgZB8Cd3SYYFUyKHC9sZeM3mK_UXz5gS1v4GE0m4xLqeDDQe87xtvLf8EaQWjsIqcg_9Xw-R-A1ZdpZRmHmG3WUG1l-PTGufgXCyFHNAX9vW9xjfXn19qTvuyH5aODenTvl0kuYVMthDE1xmfz-UGaQX0wMbOfk6ruy_6mTk3aHzDHtPDD-RibMXyb5i4WtymQDlHk26GAiR5tcn9mNJsr2lUEBguMlLUgYRBmx7pQVeYHD1vStkcUq5SFcMF8KTk7IB-UwmHZCmHf-mPKyWJcYoq86WRXfTOAPB3wAvSHvzvtUWqe3agpFWqcCfL-5xR0bIyJbmD_QR6FqZeOsc7EROSVgJAeJ9Y4pNnmQcas03_yz45lgzGurzhkZpSMHYu4Q2VSbQSnfz1QSDii12foxQYeFO3LIZLebtYof75MftPFiBIP3OuHbMHw4XPVwEr8hiQ88eWuiVapC5j3zxqeq2A5DfQvt86w1xSYG-8chZos4GakVug7GcxSSv7xiKuYSjXcnUVkgQ1DymfQ3ndo9AQJsGRmb30paqxPlLmG9wxTHsn_n9wCrRQePy7OTb_XCAEliS0zqLTpkuT8XMEn4Dh9Xxf_kKgLQ0zAJpo7YXwITmppBpWmup2EgkpAxBJQ7eAhCSJ8eL-RNfqibHKIK9bZCz-0dnzLurApDBACG7Pa3F1145yKoMmu0av2ckZHi8sOfb9dOCVOtB9_boiNVWrU_OY_JSBAREUxuWA7pVWZqaMFEux_XPmx9Ob95uJPB1hkuS5bR9gHfjWAPPWZRPtQXZmmSBkU9S3opFLFyDwc3G84Fa7nloWqWCXFfxR9PRnkiZ2ZmWNEfL4XwVk7AAaGpkEIabS8Tanr7Rdt8VwG9H_X0O8DFssYEGtSBw3sNshawgxDf1mvvFclwPAVjOKiUMiHESk6V2l9lwmBuZ7GvMZLQdhOlWRkHL67uV__bsLNp0XCAwZp6-4b4f64NuA4t_Ehxa3hrIyoRmmsqVCaHKzvVW6GB8oE7X27WzUGfCUa2hVNbjN0fb95DCt87ntDYIf9raL9J_tDoCnVzhyxTqQ3QEnfTl8NRmBiP2rlUgr5oC8WkIE_FXgwPbh78FNJ1Uz_WnAtCUJhP0C_xJMPCAdFFMKLvo-WrFPtN7g_O6b4bUlN9Bz9M8e0GU3rjBSK7w6f32qa9K9ZAKxjUiQO8MYg-Z82cW1MdD32JZ3ThiNCI4lOLQIfmFiQe5I5EgqGvn0qDQ2l_wr9G2UMNPsqdQNthNwZsWSr2BRYqePN2uLSnrEF_xjRqblJ851QUmPnpmYE-opVWA91qybnevioakE0PCNnuYyv1MRf1kHU4WHzUaZC5Eq927RbqLQQxYrsP1QxspzN-ilMZiYaw3cNrjKOJpQ4Mmj_zDYegNtJsgWDlvMgzCxlHwJ7-9gN--R968RLNX7SelUj5aMCyQHAo0Am2JKNXB7XFDjMojTeezHeqMQDWDsEW9kYCF0JftU9M1QTwg40w6slI2pS4z63UEOHnvJOV0LoG5zIxRkCI9H4TRE5PNdRoJ0jw2PF2W3WFkdcj95gatiC9QQ29fiPQnWEuEYqqZ8wafJAuApCTGX9ZeMgw2SCtt5J3fkDMtcL9UzXWHGm7ToDFgSAlI59JJjdJ_UN6qNb1mTGRfjizZyFUyZWg0lpWW5kqbUmBlIjGxT6kLfUu9aRPgWAGAJqb2ggVa-IHfVD14Fpf8pjQ-ceNL4JBk8qAWnM165wqClEIEfK-8zVdxJnRONPHhL_pd4q1bYKle5qg-9x-MjOhc5OjTNcivAFDOizISX3u_aXfumwueiPAtfe3GU6Q9HWFiIt_X80amfjn0-g0jI5zWJmROsBXguDQhI59Xz_JDlxlV_odE7XoJtx0HfJn9ghj-XWM3yMMZQvItrvoz4UMNqT6Gqqdkl7UKvd0r7X29eFcyhfP5aHNyh8ANtbEiYtNYd0puYkO6v9KNqvsECr6vBshUhuswf2mQJMneCdsWhJQ_-bQQ_c9zmuE0M_CcHGCQPDMJRDzeiXYlA0i2p9sZMwXsQOjl9SrLUdyHbOMUQuBLtuo6Me_l4745SZnE5mGg5LCL5BnvRFBblOi0fr6jMqvYuddXdGgz_lggccYmogWDpB1ZT3SxhoNdS-qH3RkvU3Yw3ZHFCAtXReLfY6Mi9ALGUBNGRRqYGAwu4G1vG_KPQxIXGarIzgpCGFydxGoopoxWTHQfqi08_x1iwfby_5epOhahk1IpUN3I_jK1O-EKpJdVJcT2pc5liJ9qjPMPb5e1kqKdvsi5hOBGa-iCTYC9RapiwuaHd829LgJs07pcFuLbDR3_rpVvOxyDAnqFk9TCfTRl6HXrmY4lKzyczXmd47o1vnF66Qxhdt9ndA9FJgnDNbSGCp9_X8EDgpGCDr5_ueS1k_20QNGCTpsCqafcOiOIFVVUl_RksQmc1_O-R4jZRcopcTlVuH3ZIzxvLyzY3rRNDeAnekrUYkvgpRtGC4albB6L998Zo4U77qIF0n_gkI8OSpHANT8aH0M68nX-e2P8X8CNpiN1S26vn7dNNASjSG3QOdZs1cwHK4u-KyktTyFU7myzunC4eYMtkcPWP-LawTAdE3dQON6u6DwT3kRTvsAF1sWIR3NEyisoi-rKb8aYqEwGJuf19dawHWkTQrzhkmTxIBmAnkhY1DG2VZNlq7lP9yHnp6GZWTLOQU7B29ZdhIltAp1aKA08Yv77xOBszj8-jCGubv2cAZKg8xOL3HKyDeUtXI1vMwacVPWd1RSfdYbOAZz4rX5xUCTcN7teDUI8o92A2AaPSiXJ4siOlO_R7wwzih1NuX2-5yeMEKF579gVnezGIbttH1kBvCQq40cJV2JRxTQ-OwwB5qEzpkzTZ8WYtsUMvMuyIc18uz9cu-Wrb8_pWfaDr_K5QFhXAk-OOh1T285t_xfy-19jYtZbxNHvgh4OlsCiKk_H6j3iiT31NELzuDg9I9vCI-vORNfyniPMSxpgbbja1RnCI-Jaw1JiyVcntUS7ibfAmoIiE_ddEDfmEa-3xU-Imj9t8F839Z9xwW0NtYipJ8c7oe2mjdlpc83aeBQm8_7gjh65ciAzuv2gMw7S3Ld00iWuX1Mca9TvQRZy2QH-ikkkHWmeLwdQ1qWwxjpgz1qgITguGmQD17hIFwoPRpl4LE5H7InSRELVnHc0hM5mc1keHqwflsNzYoQ&cid=CAQSTABpAlJWVA3zufEnfnRf4zgeQ2rU-bIhqljFwaC7sTwHaEumv4wJxsw4U3Y0wSrnR7sgSYqwFdsU_H3YPubZwFnyg5YwKEU6ob6CFAIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fguis2.com%2F&ds=l&xdt=1&iif=1&cor=11481008477944424000&adk=2228999115&idt=141&cac=0&dtd=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 21:04:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
51716
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 01 Oct 2023 21:04:12 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8736 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:19:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
320813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:19:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3721 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
394113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Sep 2023 21:57:35 GMT
expires
Thu, 12 Sep 2024 21:57:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/6386066371845905408/ Frame 4013 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4ecca72644b3b1463d2940b3c514f7c80862813c2a50cbff4a5a5e825d3902a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
582811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2500
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Sep 2023 17:32:37 GMT
expires
Tue, 10 Sep 2024 17:32:37 GMT
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8736 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7p7QW1MNyTCsuMo7OZS32YvIeFlhzT_h0ymSrQSXiukFB-txgxXSTcv5sPvCJo6Fa7EbM5RCvH3YYYdxTKAXyVPKpo8lXTDx7BgTnvriCapLA3n_0PteDWQi8UwbyAao26rNJE2CZd_f-kWmA_ojdjV8QNbiUsyGECDquthHbx9PDZRbBNZqgjWhuKbj1PGcfCPtrp1eRsAq4i35lRjMBuDQLrWVJYsdJEnzmF3w6TuNfYXgHGHVMjxbq186u63ZMMRPYvsQt0AulR_eNlnfeO0nIAlR4W18AdDhZmfwcbPHzSaqk8m4kYJgLCYn0ARlW6IsK1m5tuz2vB62JYrE63NpmxfjeoWdMuC3BcJrNu9ecSZBobjN-vrqHN8peD9TV3OUxXjWHdgbClGscP-ASXEysVha4XxrwC58Vj48Im30BWgvy8WfRfP4xumltRe09gEmf4X9pGqVtx6hXElfvj_aBR7jSQfrM0NzkKmi2d5OIOd4R-0kmy5WzxbpHtJXKjEkBc1fkgl6X1uoQuUzKWaM5wC1fuefwqYy_ebBLIMpS8rMxkxF1uIyqc0hrsiX_PkNzO2n2juw62BF-9XtaTGhsBzKb6fTt8wZbm1zTuE2oINGAN1BDAoQQ-GAlB6RVgX_Hm5cpPnxoCRx5Nnx0wWx9HWZzqUkmeuXtHsEZ35M6od2uLvOfmjsEDVPoychQyvK0sRBnnk5qeO0taRM7GwIgZLhVmYi8tas7zXQbxh7JGA5THBv5hUaFu9PwybccMzKsNBothSzxVBl0Dus40lh40LE_WF2QiEN6s3S1pEmdoAiE8pCs_le5kIS3klI3IXgRav2EcxK71aI2vGvyNC8ge8ZeCCHl1G-rulao_ZAH-YgLz2hNc1rKA5yAxSUsccl9y1oWuy265eYVBM4MLuExDhKVFad2N8Ex4A776JdbchJNq8We5eOddfR5UFeuIzjlQZE6uCwhyEehPhdw7u8mtZ7NP4jPFjfLcBY6eZtxjmYBS4yG14d8p4QVsecrXD5CwuT6Xcex-75I6OBM0S0zwMlbG_9bAbWvZQ42she3PvuStMp5UsFiUfvMxTb4BsEROr2CUj5-FsMssLasACW0pAH2fDUzvEg0AU_XYpqrOjbTdUlzyaphh-i3M1YWGt7pBDWWsdAIh1_IYjmJpHu70YM2IEoL0DtQ_8WAGwZHO27xjHbcBlebw_glGVJIOi87Lnbw9AwkYDxiM4HWEfJtIHN1aZmyrqSKlF0uYa4XfKEHkv7bBMMBHp8yRU1WB3d1LgRy2FICKSQJv3MlQ2Lhob6KVXDZmm8&sai=AMfl-YQmDgAZRbjahkdCRS0Z8mh6JbFlq2e1ZO-hrkELH5iL7PB--tlKRzCE-si1-Ij5-4X-hTTH0cbizp6vkY6M_dg0E0RGT7tcgoH1uw0VZLEN0a5_GrpmN9yIJJ0MzEazzo71rlvOh0UL3it8IOjQDaRvVa2qJ3v8Ybf23339ae4WbGZgtJXDs0_eBn828i67QSusYLPyq-oD8J7IZT63aZUneSPuOecqArSFCkYXZJCCIF6QHdRcfUOiLfwc_Oxgs-8MWvw0FAieQr57spFBFIBgZfzVUokUOGv2&sig=Cg0ArKJSzDNV7njs0VlNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=88&cisv=r20230913.98852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 18 Sep 2023 11:26:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 82BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ9_3zzMIZa35MZCux_AP8cWS6AO138i4bcTzkfntDMCNtwEQASC2itKaAWCV6qyCtAegAf316P4DyAEJqQKQSDoEQeexPuACAKgDAcgDCqoElQJP0G0-nyVCCDqHY_CVeSft7y0eM0YOJF3viPiMwCmo8zu4LExv3GJLiCC1hRzId836t4uFD_cbgKoUOurnL-EvSTxIJKBZZiCz69O1hBCYdbzYFddhWyjZh70IcCNPAu_7S_joo32cXV3qv8J5i4w4URPrVDox-A8FCPTmKPvvFEFz4NSEGS_jFh8Zypbl08vIh1El0TGC4enLYZF6yHhrM2eSNpF4gMvEeJAArMgLnBAuN6mN1W8P6EGsfMh1xwdSXvLbpo0dlVdt_9mKvJGhDUIOIzzoWbTROl6yf5RUDs6hNN3neBGCI_43bd89Kr3yTvLC6cPZyXd39la3V2W0uUNYAidfHVT5esYviRMc5V2kp7pYwATplK-JwAHgBAGIBcz9geQDkgUECAQYAZIFBAgFGASgBi6AB-uJlwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCOqG7SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgldaHR0cHM6Ly93d3cudmlzdW5leHQuZGUvZGUvYmVhbWVyL2JlYW1lci1uYWNoLWFud2VuZHVuZ3NnZWJpZXQvaGQtYmVhbWVyLWhlaW1raW5vLWJlYW1lci5odG1sgAoDyAsBuBPkA9gTAogUA9AVAZgWAYAXAbIXHwodCAASFHB1Yi03NDMzMzUzNzQ5NDk3MzIyGM68kgE&sigh=-ZvjtusaRHI&uach_m=[]&ase=2&cid=CAQSTABpAlJW70nR38tLyyGHV6nPzljaQ367hGLNoFyxGw_WxvrTrpqQJdUIp0S5RojWEhXMawHiD5Un1WG1ujQddgx1PtUKntecTfVaQTcYAQ&template_id=484&cbvp=2
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js
pagead2.googlesyndication.com/bg/ Frame 3721 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 02:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
32783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14685
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 02:19:45 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4013 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 11:26:08 GMT
index.js
s0.2mdn.net/sadbundle/6386066371845905408/ Frame 4013 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39fc783e71c749bfb75f3d83b7f4edcfd0fa55014ea42323339b7c5431ef28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 06:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11599
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Sep 2024 06:52:12 GMT
im01.jpg
s0.2mdn.net/sadbundle/6386066371845905408/images/ Frame 4013 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/images/im01.jpg
Requested by
Host: e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
URL: https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fd4606e0595e9f2cf6659f7243257309b0f3f0689904ebd6ddef9576ccd1124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 06:52:12 GMT
x-content-type-options
nosniff
age
362036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131606
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Sep 2024 06:52:12 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8736 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7p7QW1MNyTCsuMo7OZS32YvIeFlhzT_h0ymSrQSXiukFB-txgxXSTcv5sPvCJo6Fa7EbM5RCvH3YYYdxTKAXyVPKpo8lXTDx7BgTnvriCapLA3n_0PteDWQi8UwbyAao26rNJE2CZd_f-kWmA_ojdjV8QNbiUsyGECDquthHbx9PDZRbBNZqgjWhuKbj1PGcfCPtrp1eRsAq4i35lRjMBuDQLrWVJYsdJEnzmF3w6TuNfYXgHGHVMjxbq186u63ZMMRPYvsQt0AulR_eNlnfeO0nIAlR4W18AdDhZmfwcbPHzSaqk8m4kYJgLCYn0ARlW6IsK1m5tuz2vB62JYrE63NpmxfjeoWdMuC3BcJrNu9ecSZBobjN-vrqHN8peD9TV3OUxXjWHdgbClGscP-ASXEysVha4XxrwC58Vj48Im30BWgvy8WfRfP4xumltRe09gEmf4X9pGqVtx6hXElfvj_aBR7jSQfrM0NzkKmi2d5OIOd4R-0kmy5WzxbpHtJXKjEkBc1fkgl6X1uoQuUzKWaM5wC1fuefwqYy_ebBLIMpS8rMxkxF1uIyqc0hrsiX_PkNzO2n2juw62BF-9XtaTGhsBzKb6fTt8wZbm1zTuE2oINGAN1BDAoQQ-GAlB6RVgX_Hm5cpPnxoCRx5Nnx0wWx9HWZzqUkmeuXtHsEZ35M6od2uLvOfmjsEDVPoychQyvK0sRBnnk5qeO0taRM7GwIgZLhVmYi8tas7zXQbxh7JGA5THBv5hUaFu9PwybccMzKsNBothSzxVBl0Dus40lh40LE_WF2QiEN6s3S1pEmdoAiE8pCs_le5kIS3klI3IXgRav2EcxK71aI2vGvyNC8ge8ZeCCHl1G-rulao_ZAH-YgLz2hNc1rKA5yAxSUsccl9y1oWuy265eYVBM4MLuExDhKVFad2N8Ex4A776JdbchJNq8We5eOddfR5UFeuIzjlQZE6uCwhyEehPhdw7u8mtZ7NP4jPFjfLcBY6eZtxjmYBS4yG14d8p4QVsecrXD5CwuT6Xcex-75I6OBM0S0zwMlbG_9bAbWvZQ42she3PvuStMp5UsFiUfvMxTb4BsEROr2CUj5-FsMssLasACW0pAH2fDUzvEg0AU_XYpqrOjbTdUlzyaphh-i3M1YWGt7pBDWWsdAIh1_IYjmJpHu70YM2IEoL0DtQ_8WAGwZHO27xjHbcBlebw_glGVJIOi87Lnbw9AwkYDxiM4HWEfJtIHN1aZmyrqSKlF0uYa4XfKEHkv7bBMMBHp8yRU1WB3d1LgRy2FICKSQJv3MlQ2Lhob6KVXDZmm8&sai=AMfl-YQmDgAZRbjahkdCRS0Z8mh6JbFlq2e1ZO-hrkELH5iL7PB--tlKRzCE-si1-Ij5-4X-hTTH0cbizp6vkY6M_dg0E0RGT7tcgoH1uw0VZLEN0a5_GrpmN9yIJJ0MzEazzo71rlvOh0UL3it8IOjQDaRvVa2qJ3v8Ybf23339ae4WbGZgtJXDs0_eBn828i67QSusYLPyq-oD8J7IZT63aZUneSPuOecqArSFCkYXZJCCIF6QHdRcfUOiLfwc_Oxgs-8MWvw0FAieQr57spFBFIBgZfzVUokUOGv2&sig=Cg0ArKJSzDNV7njs0VlNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&vt=11&dtpt=88&dett=3&cstd=88&cisv=r20230913.98852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 18 Sep 2023 11:26:08 GMT
im02.jpg
s0.2mdn.net/sadbundle/6386066371845905408/images/ Frame 4013 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/images/im02.jpg
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54674828f9eb570369105538f366a386cf4e361612fecbd682b1ff0226794f9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 06:52:12 GMT
x-content-type-options
nosniff
age
362036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100223
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Sep 2024 06:52:12 GMT
legal.png
s0.2mdn.net/sadbundle/6386066371845905408/images/ Frame 4013 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/images/legal.png
Requested by
Host: guis2.com
URL: https://guis2.com/dinheiro/?url=https://info.fabricadementemilionaria.com/ferramenta-poderosa/?url=https://arquivostec.com/dinheiro-rapido/?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fqveipdc3jnbvd8q%2FHS%2BPEITO%2BV30%2B%2B%2BESP%2BNAME%2BNO%2BFREE%2BFIRE%2BGLOBAL%2BANTIBLACKLIST%2BATUALIZADO%2B%3F%3F%3F%3F.zip%2Ffile%26dkey%3Dxeuly42brmt%26r%3D900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da86b0d429e1249d844ca40e357364acd23639c3100e04b4e710b612d9efbc8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 06:52:12 GMT
x-content-type-options
nosniff
age
362036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36217
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Sep 2024 06:52:12 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d5ff2c2610afe17134cb0b0bce0f120a&pvId=769210bc5c70b43aad13155ed3323c1c&sid=10105910&pid=40318&idx=0&wId=242&pad=0&org=0&tm=1110&eT=0&cnsnt=no_consent&widgetWidth=300&widgetHeight=0&widgetX=650&widgetY=332&wRV=2010452&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=499&oo=true&lo=1767&obreq=1724&mvreq=2609&mvres=3106&cet=4g&to=1695036365584.8&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 11:26:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
12fc50d271bb5528ab527830cd9bbe2b
Content-Length
4
Expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9af9fe3fc166809d3107df93b3bc8316476c0e33acc12141cf2dd2a27fb713ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12058
x-xss-protection
0
logo.png
s0.2mdn.net/sadbundle/6386066371845905408/images/ Frame 4013 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6386066371845905408/images/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6712089206b5241b4f3d932069b02da04631a9fff325bd1cd32b078af9ca8c56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6386066371845905408/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 06:52:12 GMT
x-content-type-options
nosniff
age
362036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6316
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:22:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 13 Sep 2024 06:52:12 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=d5ff2c2610afe17134cb0b0bce0f120a&pvId=769210bc5c70b43aad13155ed3323c1c&sid=10105910&pid=40318&idx=0&wId=242&pad=0&org=0&tm=1126&eT=3&cnsnt=no_consent&wRV=2010452&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 11:26:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
content-range
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
e4ad0b7f402d4b91eb3db2bac47ef535
Content-Length
4
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3721 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BY3zW0DMIZY7qFpyWx_AP6Yi_8AgAAAAAOAHgBAI&bg=!9vWl9brNAAZQjyUVcI87ADQBe5WfOH49ChX0PqPDfL5VNUnnjvdedReGOvEVxc_jhQ5Tze2IogasbqvHwbSp0GfzkdP1AgAAAGpSAAAABmgBB5kDUGeedG_796jpkCBVGsbXmY6JT1t5u5g5pjDSRhqMPe5pEYT8z3-91M69gFKG0FG0O2CFIqROhzmSfKhdqH1o4KeSjHHbvUOlEFvUX_UqGRbrgWTMmwgZOUiBu3UbkASeKqQCMlUrvetJ-YOPIWM2NExAAEgcwRAP3tu1plVLcViz_cW_qWDGrtrDq214cABW95qwF5-lAZrPNnX_tW-W6A-H_eHmhYA72NfOphyW-85_6dZorIlPCNRJS9v8YrneiTTMt-O3uJ1Q-K0lZKrc_fPxeVABVnKwG1mb3JuLcqG2tw7Qm7sEGrI-y6kULTNVoSxwOba5BcHWumJ7IEXJvMuaScCCcmU2ztAmGTvJ9KJkx4fDoxZTo1spESTg0csIMV_eedJ0f8hKYozT5Cm7M0yJofddgZz_as-E2uI5DhG2iB85rNv_n4WfGj75Xsi9ZZFpiB2888p-wR7LlkPulrKoLPf5I0YuwkMgViNFKEwN9NT_WhqAXOQUcyQtQy65RkkUPjkZjodvo_xIdnoEoDE3ztjNBnB-lmhG5pjdGXITKilpQkhRLN0aEedppZ26iBvIKLLFTR0jDSaS-cdQqNtJAFOD0I5Uwx0kaqKDLX4BRNQwTWxKQs1oiUnxB8PtexjSVa43fTOhAhynVfnJrhflTUgCiyPoj3kedNzhz3u30dUD2XwcHETeQ6NqC0s0hD0lYvLjyW8Aba85xIQmeVMdjI8js2cOD8FcapllUAHVCFzxb2MxPwJGE97bKcEA1Ze21y5mLOLSQXGVsr0lLj6dxLMfkxQ6udLHeqND7f4iAwWf5igcNXFHkTWryfs_gFdzPgfxmwDtVBnZkyPupMfNlbjh68Ey5trhNYenT27P8Qh9Ut12gmTy2l1W6KbN7zUrH9wFjnegqX3K5tfjvITUjX2HXi5YadLisn-fvq5-XHvCggi186Bxjfbn2Kga3QsMa7e3agpst2cpkyBRvmovKxDRaQcS3GBlipU6I8-dYQc7VJFJsgrjvKLLhhpybfCkPBOX-8U4TAAN6y3kx6t8ARd3kBWIDsN6q1ru3ysyX_nzpHgFokzXNhykx1lVzpmd1v7GqLz5TdCp1ZZAfqGz1kCEClLMiWtW7rDyZpnC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 11:26:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A62 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:03:20 GMT
expires
Tue, 17 Sep 2024 11:03:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 85C0 		829 B
991 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
227e0a30f2ad02b8bd82b90fb0035e9a3dc522ae81688506eb0bd1b9b2ccb7dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sAR4yfTslByMEAoGFnd1nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://guis2.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-sAR4yfTslByMEAoGFnd1nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 11:26:08 GMT
expires
Mon, 18 Sep 2023 11:26:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 6A62 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Sep 2024 11:02:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 85C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=4195486384555686&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6A62 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1Kj6BQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 11:26:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B4A7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstDT5YQqj5SRWXULV6V25EMUoX8vrC5zNi4mDEIzSv7NPGDDCVJdLedNX8yFepXfpVO5JVL_mi89bvOLYhpqzGT93yTgcSfpkaBOWXmyZFt5gOc6q8ggg12QIfNO8g&sig=Cg0ArKJSzIoA0AM7z4ulEAE&id=lidar2&mcvt=1004&p=863,520,1183,1000&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=846327061&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695036367764&rpt=310&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6484 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7QDK2HVKod-_46RK2YEV3xEoztFgofktzY3yzQ-mebL77kBLMsY9QXWfogXQEVB76jPZs6XPDPm6gf7mroOdxHGLtB5X87_aiE3MzkXehLsU31mP-gmZ5IR6RlgHtL0R4K0GO_b4ick6plIr6pAI14xEE7dP_8DFdq8YKd2I&sai=AMfl-YQhpIo_YHTF518TA_Drg_i69RE66FI4Bl_Ugwix-oBEACAAq7Jhd7cjFyfsWCA-ziukXTUhSENXrMmks4YOVL2T2EORju9GxY8-nQBiVCyPBxzkeXqImh9rY-fdsskEA576S-oQ1gnzkDDo&sig=Cg0ArKJSzMN-Inyi69oAEAE&cid=CAQSSwBpAlJWLK62qQflGb7qqngXWhy3NKucBGTsFrJ_zImHV4UNL1K86RvCeER1Y1iAX17S_-ltOGrMNaXsG9mrl4bFcg070YO3IYDXnRgB&id=ampim&o=444,338&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=381&tls=1381&g=100&h=100&tt=1381&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=4195486384555686&bg=!2tml2ZbNAAbP3fMH7907ADQBe5WfOFrNJejUAC9nw6z4BVJnkyrappODVr6N1OMn-GYlwa0K_D154LP1KKHEAyI6kOOgAgAAAEdSAAAACGgBBwoAZVr606ZCAtQ7XuxX59apfNJAQeBm45YSUKCLjMxeVlcYAKZbxiVudpC9rsbt59CVN3FxVAzaKtxzqNRA_AThZvCtAp-bQSRUHvqj23e8N8CQ3BJEZ2u66RCd1VPpj8XaSqMavtaJmQMFI5KmrWTapBh-m-QRfsGdZeCWcTbV0h-8F4p4hI5BuDcOjOELTdOGSc98foOtDBWpz06jmALoIQGy_u0Bfu69PAnizym_n3WoFpiSi7roiQKaYENGBgu3q60TlDxdkvrejSeNFmBJ14mGRTohcA9fPg6vLtYgSiHxS0SRjCFWhsYqY3jWfFmFsu2ao4KGQe0Myq91hjNgWGvI6_gNWIBVQmIHCBVPxGzeAvrfJuck_Tolf7f4WsHLFtXOdctjFhWC0Ngtr3S4lLqOW9w92u5lCdPc_LCDjBAh3GTPRicS8Tn7vMYac6fW0pEpJSDpbIz371U_NNRAyupO5juH5rRjaPFqwDMF2sF3w8JShGZb4ko10I4XM6llfVYy7nnLin11JaUOPzGloJrpVC-rD5PmKgyyOW3NZ1f70pBxgxNSXwessZOTi_tb37RTjKSfwPNV-WHDDEaMfMaNnx11B1Vc4DSzyUnZza-yJ0A2yBshVJDKsI5JFrsEwz5o77Z6eg97AWJykgklaxzublpeex9B13gYtgTjK04-39SBXGy0XWDrR8l_lS64z2TCi0IlXQtfp3Wu75VI2PgJyBEuMeEADrngtjE11MJNEiH9OoqL7biaGy4ODV6Jkk-CkfhPLojcYsia8-4Yeyi9HVris2lohrXUBV9TmX-sQuvvYyThlw2mJq53gU7xcka2b9Rtf7DJ_-BnjUqCIurfBBHtffCiKXo7H12o7l_hb3voxL8tMh-7hrzHIEuUlF6ssiTDCFM1MoKxn06tYvkpRGJO2lKw9y-bdocYwX6E6njRjlwBJ5mOivVI93hP4l6zJ7Iuz-Z7kUIF7XCPjoLTnkWbCfr5j2yH25a4-xB048m1XO7XBOjwduagOkJF7BS6SGINsyNpeDfLndrPs5lcXkDmulrzaI5wRDonwGq0DSrgXi7XnGUk8tCom6h0gcNJfn-qigavvFlZyqfjlgvGpzoCvmOOd7oYGZ8A-pADI5aNSvkn1KF1Jei24MSffyezGzJwgAtJX98aaro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guis2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8736 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5776087955620&version=m202309120101&ct=76&x=1&cor=11481008477944424000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 11:26:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| CleverCore boolean| CleverCoreLoaded object| _wpemojiSettings function| advanced_ads_ready object| advanced_ads_ready_queue function| $ function| jQuery function| gtag object| dataLayer string| BunyadSchemeKey object| googletag object| Encurtador function| desbloquearButton function| closeModalLock function| lockInit function| NcjpclearData function| cldata function| NcjpstopPrntScr function| NcjpAccessClipboardData object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| OBR string| OB_releaseVer object| OBREvents function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| BunyadLazy object| lazySizes object| Bunyad boolean| wpquads_adblocker_check boolean| wpquads_adblocker_check_2 object| bootstrap object| log_obj object| background_obj object| gdpr_cookies_obj object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo object| Criteo_identitytag_141 string| GDPR_ACCEPT_COOKIE_NAME string| GDPR_CCPA_COOKIE_NAME string| US_PRIVACY_COOKIE_NAME string| GDPR_ACCEPT_COOKIE_EXPIRE number| GDPR_CCPA_COOKIE_EXPIRE object| Cookies function| verify object| COISAX number| count function| check function| liberarAUTO object| _33across object| __ctcg_65349_0_exec object| twemoji object| wp object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms

18 Cookies

Domain/Path Name / Value
guis2.com/dinheiro Name: quads_browser_width
Value: 1600
.guis2.com/ Name: _ga_4BXXGYZX9F
Value: GS1.1.1695036367.1.0.1695036367.0.0.0
.guis2.com/ Name: _ga
Value: GA1.1.179490129.1695036367
.criteo.com/ Name: uid
Value: eaea27bc-d0fe-49df-934b-9b01c28b47e4
guis2.com/ Name: wpl_user_preference
Value: %7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22no%22%2C%22analytics%22%3A%22no%22%2C%22preferences%22%3A%22no%22%2C%22unclassified%22%3A%22no%22%7D
.openx.net/ Name: i
Value: c1e92b95-7fa7-4a81-af47-ded4c4634930|1695036367
.doubleclick.net/ Name: IDE
Value: AHWqTUlsqJd3D-bNpNzxSwEpecpYiFNGWM_P_Gu0JPDJ3lyVqj8mXA6jlECNhpfM59M
.guis2.com/ Name: cto_bundle
Value: rXx_-l9IU3F6QVE1WUtobW9sc3N5TGFodml5NGRaVnJUU3dvWm93V2RHN0Q5ZEZiYTFXaUxTZlE3U3pBZUY0M2cwcUZNNHZsTVM4VWtIdVNvblNFeVlGNWl4M2lwb0pnU1M3Q1cxNCUyQlJyWFhudHBIQW1CZjBmNGtqMkdFODN2OEpMZWxCa1hWTkt3U1V5WnMxWk90ZmhadnhUdyUzRCUzRA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMID
Value: ZQgz0Hwm6MArgKCa67X0BAAA
.casalemedia.com/ Name: CMPS
Value: 2132
.casalemedia.com/ Name: CMPRO
Value: 2132
.guis2.com/ Name: __gads
Value: ID=894c76abbf0a91d5:T=1695036367:RT=1695036367:S=ALNI_MY9CrM8EodFzagkHnDH3cAFYzzowg
.guis2.com/ Name: __gpi
Value: UID=00000c782d36ed43:T=1695036367:RT=1695036367:S=ALNI_Mb5bxZz9KJ6wS2tPmPRkrJzAj3F_w
.adnxs.com/ Name: uuid2
Value: 6898849734134262811
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVGw7wg)!]tbPl1M>e)ZlrFUfJ+tGXxp.GY%k.CAa(6Al5B1Larvw<9RLuQ<7n1%[fO)3If)y3KL9D3I?+Dh8)A^
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi5IN7fN2BHmLPs8keHPjsfvJnmf5i_EuGNKdeOCn04WuUVHVw

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.sendwebpush.com/adsendwebpush/client_services/618790c92c3ab_4756.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bcp.crwdcntrl.net
blogger.googleusercontent.com
call.cleverwebserver.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.sendwebpush.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
e6efb0f7894de93be4d08bdea34bda4a.safeframe.googlesyndication.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
guis2.com
gum.criteo.com
ib.adnxs.com
invstatic101.creativecdn.com
log.outbrainimg.com
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
rock.defybrick.com
s.w.org
s0.2mdn.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
static.criteo.net
supertruco.com
tags.crwdcntrl.net
tags.orquideassp.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
ui.cleverwebserver.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.26.193
146.75.118.132
172.217.23.98
172.64.152.89
178.250.1.11
18.239.18.33
185.89.210.180
192.0.77.48
192.0.78.218
2.18.161.178
2001:4860:4802:32::36
216.58.212.162
23.32.185.60
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:20ab:3800:1a:ba5c:3900:93a1
2600:9000:2491:a200:2:e529:700:93a1
2606:4700:10::6816:4be5
2606:4700:4400::6812:2a64
2606:4700::6811:190e
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a02:2638:3::c
2a02:2638:d::2
2a02:4780:13:1050:0:2fb8:ffe9:4
2a04:4e42::649
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
52.31.175.73
70.42.32.191
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
07079cf5feef40a0e75a58dabae8ac9fb43621a4a82a9c70b5177bde67c3edc1
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b1be410fa5730a185327cbe76ab2b1313004d61dd29d108cecef799c3cca554
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eff075f18d818d17aaf3413fcf421a5124edab32b3e9fabdc4587af846ec8d6
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
171913b6877cc1d0d68d061890485073754c916372e6c17578f9d1e53780cc98
1b60481d43875c37843c56e3275caefc7d63701b6bbefe2368c2f353ce67e4e5
1d4bc7846a89a5b6ccf36ced6632bb6bad180929b6720e7365482a2e7a95d1dd
227e0a30f2ad02b8bd82b90fb0035e9a3dc522ae81688506eb0bd1b9b2ccb7dc
30dc55affa6316858c0705b309f2864142b202a267bb47168e8dcb5f9c658f02
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3f585cd66b1f88cde8353141e2fd3026bcccfada2c9a4d09a67426273b406a70
3fd1eb0de6a2971527b6cf400d656eaf9702fe819170e2aa9434d72d2f59695d
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
403f1a1d1bbebcab8946f31c58e8595929842e41f350b3fd0b0f7cf4955da469
40abd35fc0f8be85c474996180c9295d5749b7d7ed077c2a82cfd5ccf97f06f8
413e65d923c92fda5b92c967605da6f9c02b63eebc9afef5f0667d69fa01f04d
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4a31c6605723b7db6394ecb759c91b298f0d78f7a68e95869351b74d1f47f291
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf24be4975792598bed643d56794a401a45280c2b5340f5293a9c05cf2ae290
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f88129013a9a574e1532fc6081c6c2874b567451cb48bf33fb80b776e513b80
4fd4606e0595e9f2cf6659f7243257309b0f3f0689904ebd6ddef9576ccd1124
4ff95ffbab418671c6335ad4f94137f958e5de4c814463961e45e2fd8f3c1725
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7
53974f152ec8a1b42b1668a44dceee837b3ade3941fddcb625bf99480d60e2c3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54674828f9eb570369105538f366a386cf4e361612fecbd682b1ff0226794f9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a
6189ed1fd15d77e5770c280b5667b4165ffff966a5abac720d9d89d830123d28
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
66583f0b3e0ff40dea8f2cd30ae56e730f1368a1b2c59a252b55c728080159d6
6712089206b5241b4f3d932069b02da04631a9fff325bd1cd32b078af9ca8c56
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6a898a86059494180930f45bce270f403be2664307f87604d146103176736d32
6cdda6631bc0094ef77554f90523caf1e7e329ded0b4e6afa9676b28e6962a6b
6e2105a412edff5e8d3e8fe3997593b0be4f806e10ad0e9d89d6a04ebd9ffbe8
704ceaa366b38bc3dff34e3ec3ac40e43d8260afd9074a96e4aa64a59650425c
7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f
737a526bfb1e28ebf4b03d4167a42b641bec080f3f74c44ba5c66868d468da67
73effa23427c9d6d8f111d90eaab82e7b032d1ccd78f81758240322744d0f679
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
75c8e005dfde33d8d3eb5f5b654ec66c76ffc16be7e4653e66e58aa2f7f2aed9
81cf3ad2057078f401528e8a7fd4b5483a28680d7866e7aa773d3a90501ed302
81ea431fd269243f5a22b529b878855bf614e84614956c0f0ee1cf78f3ce7cf3
8d2c1c4697f011b6415ea64a16b4b044fe0ca0ade94a1a4f246d2e82ee8f1483
955dbd7ee5d3d015eb874d58c0849dbed751200cdc2bbc1cfc93cf32967491b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99f677b776f38e190187a81ecd19deee8304efff910ad00ceec3c861c1afe7fa
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9af9fe3fc166809d3107df93b3bc8316476c0e33acc12141cf2dd2a27fb713ca
9d98dbb885361e694d9261a19c39ab832e5456abbe8a424db291c662e79db378
9f9e28ed0d797f9e7f7fa6d67ed308077b76569471a855b34ca55376eae82eda
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a29b1c851e6677be5e09cb278640da7708403f6f2b4909569dcb195e6f02b578
a5e0f74173aaff367c7ea6339cf1051190631824f6c9bbb47f2912ced13b64de
a5f4f2899258a38bfb2237a94f809df89a03e111bf6069ef6e70206fef5971e3
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
afbd6f486c155c5c519dc2e98ec2a2e1a605354d75be6e5ce8841abcc644cae1
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b155fe7a98deca7c06707c331a7bd541f1f5d2b07089411975f37a6da4863e0f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b7b3208ff10cb9b6f2510a29c8f683201f0e98efa88f9b00586030861c5333de
b8adc2a8f70645cf11871ea6c1c6fa119061eb9191155103db733fc208d6bccb
badb7071cf5de1f45a6ccc948f175ff4f824a4357c284700cce366d9898a8ec2
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4b8a602cb7d75c953393ca68892b2a2e55482fe612dd6ce2b2d5c230cb7c05
c0537c2c80869265c07df2335b0c4120c476d9cb57a7567d2be9915acc9a9c70
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cedb9580462366ff95ef9d55bd7d9f5aab2ccc632f62cc6c1cd40a6274f868fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d18956ca16982b1bb352825ee78e46cb97f2f07004b9ecfffec72884c3f6ad7a
d39fc783e71c749bfb75f3d83b7f4edcfd0fa55014ea42323339b7c5431ef28b
d5f38e26cf4d4af10dfa9ee79bcc584c2b8fbdfa7f91edc75d6dcbc7d1be8f46
da86b0d429e1249d844ca40e357364acd23639c3100e04b4e710b612d9efbc8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ecca72644b3b1463d2940b3c514f7c80862813c2a50cbff4a5a5e825d3902a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8ee263476b337762816c1e2111ab292ded26a6558130eb0589f3884b5a30524
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a1d7e3858fc2235cf4c00e3b4fd284a1d6ee2f8107605ee9e61b1ea2fff3ba
f4fc037cbef05f950aa57ff70bb17411d2cca7eda91779a4777cf28faeaa59e7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f691e899612795f09dac1f3b943ce94a5bb66b445c54e0320a2faf7985eec4aa
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f80fd948fbaf5ecce3ef315475c959e8908205818d1ed9550b99218a554f5f77
f9e7b049fd0d0d3a63aa46cafad28f017823760bbfceeafc9add2aaa20f8d163
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e