gta.nafaixa.com.br Open in urlscan Pro
192.185.215.135 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gta.nafaixa.com.br/
Effective URL:
https://gta.nafaixa.com.br/
Submission: On January 30 via api (January 30th 2024, 3:01:20 am UTC) from US — Scanned from DE

Summary HTTP 317 Redirects Links 98 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 42 domains to perform 317 HTTP transactions. The main IP is 192.185.215.135, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is gta.nafaixa.com.br.
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.

This is the only time gta.nafaixa.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	192.185.215.135 192.185.215.135	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
61	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3036::ac43:8295	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:8e01	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2016	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
10 15	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
38	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
3 3	34.192.234.205 34.192.234.205	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:238... 2600:9000:238d:a400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.158.172.152 35.158.172.152	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
3 6	34.241.81.135 34.241.81.135	16509 (AMAZON-02) (AMAZON-02)
3	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
317	42

20 192.185.215.135 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv22-ip23.prodns.com.br

gta.nafaixa.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.omural.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3036::ac43:8295 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nafaixa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8e01 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sopapeldeparede.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.211.84 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.192.234.205 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-234-205.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.172.152 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-172-152.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.241.81.135 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-81-135.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	961 KB
45	doubleclick.net 11 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 ad.doubleclick.net — Cisco Umbrella Rank: 163	256 KB
38	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	4 MB
33	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	2 MB
20	nafaixa.com.br 1 redirects gta.nafaixa.com.br	237 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 955 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 480	180 KB
9	omural.net www.omural.net	13 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	1003 KB
8	nafaixa.net www.nafaixa.net	44 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
6	demdex.net 3 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 84818	4 KB
6	adsafeprotected.com 3 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 851 static.adsafeprotected.com — Cisco Umbrella Rank: 721	2 KB
6	blogspot.com 3.bp.blogspot.com — Cisco Umbrella Rank: 14261 2.bp.blogspot.com — Cisco Umbrella Rank: 15271 1.bp.blogspot.com — Cisco Umbrella Rank: 11960	252 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220	130 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	54 KB
4	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	652 B
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 524	608 B
4	amung.us widgets.amung.us — Cisco Umbrella Rank: 30312 whos.amung.us — Cisco Umbrella Rank: 16645	7 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998	67 KB
3	exactag.com m.exactag.com — Cisco Umbrella Rank: 13028	1 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570	34 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	22 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	125 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1872	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	611 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	24 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	44 KB
1	sopapeldeparede.com.br www.sopapeldeparede.com.br	36 KB
1	google.com.br 1 redirects www.google.com.br — Cisco Umbrella Rank: 25485	227 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	papeldeparede.gratis Failed papeldeparede.gratis Failed
317	42

	Domain	Requested by
59	pagead2.googlesyndication.com	gta.nafaixa.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
38	s0.2mdn.net	gta.nafaixa.com.br s0.2mdn.net googleads.g.doubleclick.net
33	lh3.googleusercontent.com	gta.nafaixa.com.br
24	tpc.googlesyndication.com	googleads.g.doubleclick.net gta.nafaixa.com.br tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
20	gta.nafaixa.com.br	1 redirects gta.nafaixa.com.br
19	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net gta.nafaixa.com.br
15	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
9	www.omural.net	gta.nafaixa.com.br www.omural.net
8	googleads4.g.doubleclick.net	gta.nafaixa.com.br
8	www.youtube.com	gta.nafaixa.com.br www.youtube.com
8	www.nafaixa.net	gta.nafaixa.com.br www.nafaixa.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	skydeutschland.demdex.net	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	sync.teads.tv	googleads.g.doubleclick.net
4	us-u.openx.net	googleads.g.doubleclick.net
4	jnn-pa.googleapis.com	www.youtube.com
3	m.exactag.com	googleads.g.doubleclick.net
3	static.adsafeprotected.com	googleads.g.doubleclick.net
3	pixel.adsafeprotected.com	3 redirects
3	ssl.google-analytics.com	gta.nafaixa.com.br www.omural.net
3	www.google.com	gta.nafaixa.com.br www.youtube.com tpc.googlesyndication.com
3	3.bp.blogspot.com	gta.nafaixa.com.br
3	www.gstatic.com	gta.nafaixa.com.br www.youtube.com www.gstatic.com
2	ade.googlesyndication.com	gta.nafaixa.com.br
2	pm.w55c.net	2 redirects
2	ad.doubleclick.net	gta.nafaixa.com.br
2	www.googletagservices.com	googleads.g.doubleclick.net
2	stackpath.bootstrapcdn.com	www.omural.net
2	scontent.xx.fbcdn.net	www.facebook.com
2	whos.amung.us	widgets.amung.us
2	fonts.gstatic.com	www.youtube.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	gta.nafaixa.com.br connect.facebook.net
2	widgets.amung.us	gta.nafaixa.com.br www.omural.net
2	2.bp.blogspot.com	gta.nafaixa.com.br
2	ajax.googleapis.com	gta.nafaixa.com.br
2	maxcdn.bootstrapcdn.com	gta.nafaixa.com.br
1	ups.analytics.yahoo.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	www.omural.net
1	code.jquery.com	www.omural.net
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.sopapeldeparede.com.br	gta.nafaixa.com.br
1	1.bp.blogspot.com	gta.nafaixa.com.br
1	www.google.com.br	1 redirects
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	papeldeparede.gratis Failed	gta.nafaixa.com.br
317	56

This site contains links to these domains. Also see Links.

Domain
gta.nafaixa.net
www.sopapeldeparede.com.br
www.mixmods.com.br
adf.ly
www.nexusmods.com
lh3.googleusercontent.com
2nibble.com
2.bp.blogspot.com
www.google.com.br
forum.mixmods.com.br
drive.google.com
3.bp.blogspot.com
mixmods.com.br
gta-down.nafaixa.com.br
www.omural.net
www.nafaixa.net
top.vlog.br
www.dicas10.net
www.showmoto.com.br
www.ottomods-gtasa.blogspot.com
www.jhonatan3dconverts.com

Subject Issuer	Validity	Valid
www.gta.nafaixa.com.br R3	`2023-12-17` - `2024-03-16`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
omural.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
nafaixa.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
sopapeldeparede.com.br GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-11` - `2024-06-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2023-08-22` - `2024-09-15`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://gta.nafaixa.com.br/
Frame ID: 9141694008893EE217948BFBAF3DBA2D
Requests: 82 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ipR0bMOmF2o
Frame ID: A476679F6DF95F390A4B5508FEE1B78A
Requests: 20 HTTP requests in this frame

Frame: https://gta.nafaixa.com.br/vip/status.php
Frame ID: 702D8CF23D3457777B0A9F9896674F93
Requests: 1 HTTP requests in this frame

Frame: https://www.omural.net/mural/Mural.php?Mural=9406
Frame ID: E82FE4B6A15083BCE4D004A3A71BAB19
Requests: 14 HTTP requests in this frame

Frame: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Frame ID: 4C9643288538677EAF005E63D2E7372F
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=288191814570051&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbdc52e84b756f229%26domain%3Dgta.nafaixa.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgta.nafaixa.com.br%252Ff6b19d235f47fdc9f%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FGtaNaFaixa&locale=pt_BR&sdk=joey&show_faces=true&stream=false&width=260
Frame ID: 6061DED0151B8A067690952A4D885CAD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 38D283FE907BB8AD24295193CA56B06F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&slotname=1625915130&adk=3143226822&adf=1795251393&pi=t.ma~as.1625915130&w=1168&fwrn=4&fwrnh=100&lmt=1706583672&rafmt=1&format=1168x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672599&bpp=2&bdt=604&idt=253&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&correlator=8783238358289&frm=20&pv=2&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=262
Frame ID: A67C48A454E25446F4C8A2C172623315
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=200&slotname=1930719933&adk=3456574893&adf=3772124647&pi=t.ma~as.1930719933&w=200&lmt=1706583672&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672387&bpp=215&bdt=392&idt=585&shv=r20240122&mjsv=m202401240101&ptt=5&saldr=sd&abxe=1&prev_fmts=1168x280&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=846&ady=670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=588
Frame ID: 78C22E42E076322EAB481697B67E9DB3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&adk=1812271804&adf=3025194257&lmt=1706583673&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672623&bpp=4&bdt=628&idt=376&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=1168x280&prev_slotnames=1930719933&nras=1&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=393
Frame ID: B2C9952D2FB403AB6EBF0EB6EFA875B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNWsDP2KRgzPRnoxi1JMAG5sJK_Y-rpmlConiTvkCK8j2G_XMREQSMkRpA9aet3xWzkhfyngGIDZQ8Z4VAhrulCiffronNzmR7BcpDKaWC9d-F7OyA2odurwyb-_ydIkZzv9FcIe5Us6I2-jrBl_LPE91cstv1yM9xZ38Hn4rTBCrAfzqtU
Frame ID: 96723A0C8198F19253ACD898524B38C7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13
Frame ID: F67E0CCB369613EBA70604BAD9BF666F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9B69C85828438E35559D300333EA9A66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9CD7D399E384BF94DE9DA36944BF3371
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C86FAC59D80785E15FD6A44CD465B8B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNV80x8Vz71Z2kXLPsFsbhEHESUh0YtTisof0TRJDYRL3cryFAJcNKsRhAEdS2L4Jooax8_0_LJWXyb4m9Fmv7ov7y0rVxhruSmiy35JLtX85VWdNyt9ob-9baaVjX7QHXvybe-F5E5TTo6LA_4RaMV6SZ0AV8Lkedd68v7wBc_iliV4cKc
Frame ID: 77F168137FC19B98A46DC7F9FA5EC9EE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 90F6B31790F7EC625560F84DF806B801
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4
Frame ID: 55C49B4DD09B81F084FE9EEBB33E4C08
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7B21C475BCEDD88E04298CE250798162
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I
Frame ID: 5D87FD56375B01EAA849C695D3759123
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 82A93459BE2CE3F058C4B875ED93075D
Requests: 20 HTTP requests in this frame

Frame: https://www.omural.net/online/?site=mural.omural.net
Frame ID: FF82B5AAF92A010ED83E143407943DF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BF06D6F0E0776F17164D282D28076E3D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Frame ID: 55CB75FC79AA5544CD513EDAE4DB71AA
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRink82DAjAB&v=APEucNUeztflnZK5JpsrUEMYmKVNyp9qFWgzwOctJj-eWM2dkjOewu7zbvzvI8P4N-xH-_yBrXnXLSZIXPMfkD83H51SpcEyZXAHZZdXNsldguBq7FB-tqNpnhIBXhxPWIbbJTvOy0q8_1U43sHcOi1OLNcfJU9D1fUaGFMHRPeHt-eJbvYrSx8
Frame ID: A1D2C13BF1E8F61E8F0ED1E5135B676E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Frame ID: BFB5E48521A4DC292152D0DBF2EE890A
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F843D90470D060B0FB8DD87C7159F44
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 393FD868268780F79774268D89940CA4
Requests: 3 HTTP requests in this frame

Frame: https://www.omural.net/online/?site=mural.omural.net
Frame ID: F2F3F11CCA3AF77B0155FB3E59F8EC6F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
Frame ID: 85D3313A74D17E0A573A95DB2DF63E2A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 19CD3D2C38E2C3BA3D0629A8D54C86F6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250
Frame ID: 884C6A6955F98FE62914944CDD65C51F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DD509ADB959BDBDB4CFFE436B3B8C63D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
Frame ID: EFB7A74A28926A7778B00AA2D3FBC393
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 51BCDD2523C39BE12F118A25E8235486
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 6DBF166249FF512948F5B61DEB88F2E6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7B242A83548FB639101894684022727
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5F31B42B8AE72DB592363E90E71BEC49
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GTA Na Faixa - Downloads, GTA III, GTA IV, GTA San Andreas, GTA Vice City, GTA V

Page URL History Show full URLs

http://gta.nafaixa.com.br/ HTTP 302
https://gta.nafaixa.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

317
Requests

92 %
HTTPS

60 %
IPv6

42
Domains

56
Subdomains

42
IPs

4
Countries

9336 kB
Transfer

16665 kB
Size

32
Cookies

98 Outgoing links

These are links going to different origins than the main page.

URL: http://gta.nafaixa.net/
Title: GTA Na Faixa

Search URL Search Domain Scan URL

URL: http://www.sopapeldeparede.com.br/tag/gta/
Title: Papel de Parede

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/11/gta-trilogy-fixed-garage-door-sound.html

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f316e73346f6e68763077717a2f4754415f5472696c6f67795f2d5f46697865645f4761726167655f446f6f725f536f756e642e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/11/gta-trilogy-menu-sounds-fix-corrigir.html
Title: [GTA Trilogy] Menu Sounds Fix (corrigir sons de menu)

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/11/classic-colored-radio-icons-icones.html
Title: [SA:DE] Classic Colored Radio Icons (ícones coloridos)

Search URL Search Domain Scan URL

URL: https://www.nexusmods.com/grandtheftautothetrilogy/mods/170
Title: Origem

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/
Title: Mix Mods

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/11/gta-trilogy-faithful-characters-tommy.html

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-NHjd_itbRoU/YZ7usb3BW8I/AAAAAAAAdAQ/T5afsmsxemQWY0UIx-JBBmLpRmNdLQDtQCLcBGAsYHQ/s16000/gta-iii-3-definitive-edition-new-claude-mod-fixed.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-F3ccyfooa_A/YZ7vB_IYNzI/AAAAAAAAdAY/6Hf7Rsz0grEduAi_FR1wm6oIkWHIhSEigCLcBGAsYHQ/s16000/gta-vc-definitive-edition-trilogy-tommy-fixed-new-mod.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-L9qc43PtWRs/YZ7uaWIr7KI/AAAAAAAAdAI/fC8c5nSnNU8VmyJLTEk9Jtw-ZOw1g9lbACLcBGAsYHQ/s16000/gta-trilogy-definitive-edition-mod-claude-tommy-new-mod-fixed.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-fkN5MQL4t0E/YZ7swvvgH_I/AAAAAAAAdAA/-bBK6-0OQfYf2wf-eBOds4GTzqgnCcvJwCLcBGAsYHQ/s16000/gta-vc-definitive-edition-trilogy-new-tommy-fixed-mod.jpg

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f6935366669756931656b61672f4754415f5472696c6f67795f2d5f466169746866756c5f436861726163746572735f62795f446f63746f724d696b652e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/10/proper-player-retex-cj-com-texturas.html
Title: [SA/SA:DE] Proper Player Retex v1.1 (CJ remasterizado em HD)

Search URL Search Domain Scan URL

URL: https://www.nexusmods.com/grandtheftautothetrilogy/mods/64/
Title: Origem

Search URL Search Domain Scan URL

URL: https://www.nexusmods.com/grandtheftautothetrilogy/mods/99
Title: Origem

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/11/gta-trilogy-no-marker-light-remover-luz.html

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-6J2DClNEGT4/YZBaldhqCaI/AAAAAAAAc5I/oCP9QUAax8oEE6ZwT78KtP0cwfAqL-6IACLcBGAsYHQ/s16000/gta-sa-definitive-edition-mod-red-marker-light-fix-remove.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-vlN5Bdoi79g/YZ1nJr2-NQI/AAAAAAAAc_g/e_o7203rkqIiOiMp9o6RD4is2gPlrjXFgCLcBGAsYHQ/s16000/gta-trilogy-marker-light-fix-remove.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-L3N7GnB7HCA/YZ1n3L-lo8I/AAAAAAAAc_o/oRhqAW-BN1IfcTwpX_WNhKgs41VHTL2EwCLcBGAsYHQ/s16000/gta-trilogy-marker-light-fix-remove-iii.jpg

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f6278737630376939636376352f4754415f5472696c6f67795f2d5f4669785f4d61726b65725f4c696768742e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/11/gta-trilogy-no-target-outline-desativar.html
Title: [GTA Trilogy] No Target Outline (desativar contornos)

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/11/gta-trilogy-rain-fix-chuva-corrigida.html
Title: [GTA Trilogy] Rain Fix v1.2 (chuva corrigida)

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-I-NpLUa6scc/YZ2OMJ5Wt2I/AAAAAAAAc_w/xPKCrC5pdEYZhgBtugOcKATPMRE-IcAJwCLcBGAsYHQ/s16000/gta-sa-definitive-edition-classic-colored-radio-icons-mod.jpeg

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f643477726b753468766672692f534144455f2d5f436c61737369635f436f6c6f7265645f526164696f5f53746174696f6e732e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/11/gta-trilogy-classic-fonts-letras-da.html
Title: [GTA Trilogy] Classic Fonts (letras da versão clássica)

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2021/11/gta-trilogy-classic-old-icons-icones.html
Title: [GTA Trilogy] Classic Old Icons (ícones clássicos HD)

Search URL Search Domain Scan URL

URL: https://www.nexusmods.com/grandtheftautothetrilogy/mods/63?tab=description
Title: Origem

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f676633797130727261746a382f4754415f5472696c6f67795f2d5f4669785f4d61726b65725f4c696768742e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2020/04/hd-tags-made-with-fat-cap.html

Search URL Search Domain Scan URL

URL: https://2nibble.com/equipe/trok/
Title: Trok

Search URL Search Domain Scan URL

URL: http://2.bp.blogspot.com/-vds_EBin6Gw/Xogv8o7NCjI/AAAAAAAAX4M/ufCdk3X24L0sqyS2bb5BYe0lUf99EFeqACK4BGAYYCw/s1600/gta-sa-mod-graffiti-tags-hd-fatcap.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-U--F1xFoO4c/YZwmHvuXfeI/AAAAAAAAc_Y/-6ej-Ayk0F4ge2TgNTvFFI7pjfTYzoYxACLcBGAsYHQ/s16000/gta-sa-definitive-edition-fat-tags-hd-texture-grove.jpg

Search URL Search Domain Scan URL

URL: https://www.google.com.br/search?q=tag+fat+cap&tbm=isch
Title: veja

Search URL Search Domain Scan URL

URL: https://forum.mixmods.com.br/f6-mapas-objetos/t3984-sa-tags-made-with-fatcap-tags-feitas-com-fatcap
Title: no nosso fórum

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f736565376277303333356f782f546167735f6d6164655f776974685f6661745f6361702e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f7138626b6b6f7371627631382f534144455f2d5f48445f546167735f4661745f4361702e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2020/01/graffiti-anywhere.html
Title: Graffiti Anywhere (pichar em qualquer lugar)

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/10/proper-player-retex-cj-com-texturas.html

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2020/10/cj-esrgan-upscale.html
Title: mod CJ Upscale HD

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-LNPvye4iOKo/YWgLejux7ZI/AAAAAAAAcrw/JpU8onr6nXgTVLl7LMcrh-8hLmlcYwjJwCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture.jpg

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2016/01/insanity-cj.html
Title: CJ Remastered do Ezekiel

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-hMXnHy_U8qU/YLrplpZG_1I/AAAAAAAAbvM/foEa6nC1SyAcCfDmmyKYzmuyRLA6IjxKgCLcBGAsYHQ/s16000/gta-sa-san-mod-cj-upscale-ai-remaster-remini-hd-texture.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-sW0KjKCchVA/YWgOJt4TpxI/AAAAAAAAcr4/48k4JlGnog0EMsXCKmdXJI2V-DdQf_VAwCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-2.jpg

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2020/03/tattoos-reworked-tatuagens-hd.html
Title: mod Tattoos Reworked (tatuagens originais em HD) by damiann69

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-yRfH55AZ4og/YWgSElzbTjI/AAAAAAAAcsA/3VZ9IICwIQQ0K1tE_x1cmrbFsP1nhu3owCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-3.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-kjhFp-sSMIk/YWgW5wvpAbI/AAAAAAAAcsI/mUZDEUNX6ysnWVXyI5endITyHs1svtDZwCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-4.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-W2Q7DOh0Kfo/YXcI4ZURL0I/AAAAAAAAcxY/zh9NRXG5cOEddnRIYDAHDspXEbQ1DjokQCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-retex-remaster-cj-clothes.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-CNxMJKq-DiU/YY67EknVdbI/AAAAAAAAc34/UJLoPxONUpQTd_wqXrfaEpGTp8u3OQuvgCLcBGAsYHQ/s16000/gta-sa-definitive-edition-mod-jeans-pants-clothes-hd-texture.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/--jJ2fJJwatw/YY63nWdZthI/AAAAAAAAc3w/q4wzMZsSYRQdGGjuET1vk9KyZfrC5CKDACLcBGAsYHQ/s16000/gta-sa-definitive-edition-mod-jeans-pants-clothes-hd.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-sxlK7rxqINA/YZwkIBlEeEI/AAAAAAAAc_Q/UDBEWHn460oplJjv8cpXAhUtfMCY-q6dgCLcBGAsYHQ/s16000/gta-sa-definitive-edition-trilogy-proper-player-cj-texture-fix-mod.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-OjUNGUQsysQ/YZwgU5lF5WI/AAAAAAAAc_I/iwn7bg4S8CoNN62DITAoS64ZyLDbIY1fgCLcBGAsYHQ/s16000/gta-sa-definitive-edition-trilogy-proper-player-cj-texture-hd-mod.jpg

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2019/01/mobile-hands-maos-mobile-dedos-separados.html
Title: mãos do mobile (dedos separados)

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f3572776d316d7a69666e37622f50726f7065725f506c617965725f52657465782e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f3336766d73787831677578362f534144455f2d5f50726f7065725f506c617965725f52657465782e377a2e68746d6c

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2020/11/cj-insanity-upscale-complete-todas-as.html
Title: CJ Insanity + Upscale COMPLETE (todas as roupas em HD)

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/?q=Proper
Title: (mais mods "Proper")

Search URL Search Domain Scan URL

URL: https://drive.google.com/file/d/1pdsoHEBgm-qiR1jjfsvvfOMqh3DlQ8IW/view?usp=sharing
Title: aqui

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2017/04/populacao-realista-novo-popcycledat.html

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2019/08/mod-mixsets.html
Title: MixSets

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-U96kRfDEBio/WOWqZR2egsI/AAAAAAAANyM/oFzVxYxq7ZE20Lmnc7O-oJ395r87UtdXQCK4B/s1600/gta-sa-popcycle-noite-night-real-population.jpg

Search URL Search Domain Scan URL

URL: http://3.bp.blogspot.com/-RIkGM1sfRQs/WOWtB0JcquI/AAAAAAAANyU/0FeFkOdHY-oqwrMjZYIFHHpE9lZtdstXwCK4B/s1600/gta-sa-popcycle-beach-real-population.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-8wU6_vrXWXE/YZrFGGlVDnI/AAAAAAAAc-U/zZR2xc1v5_sU2e_VW93hFZVCtniwCR4XACLcBGAsYHQ/s16000/gta-sa-definitive-edition-popcycle-population-more-peds-cars-mod.jpg

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2020/05/GTA-Brasil.html
Title: GTA Brasil

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f346a70613468347675316e662f5265616c69737469635f506f70756c6174696f6e2e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f35336831303772773569366c2f534144455f2d5f5265616c69737469635f506f70756c6174696f6e2e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2011/03/praia-realista-atualizada.html
Title: Praia Realista

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/02/proper-vehicles-retex-texturas-hd-para.html

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-10JT8ECF5M0/YCSzzh3AHPI/AAAAAAAAaw4/YEcdTNNUspMG3oAZIYJtYRyhsYjrZMxtwCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-j5m5X9HY8U4/YCSz2Htln8I/AAAAAAAAaxA/1NcKmFql6iQrM2G3E7CrNDoedJRk8fW_gCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-fp67o2y2nSY/YCaJOP50-2I/AAAAAAAAayM/VeoTV9EkLNkjtSOoh5rAbGiQpSF8J0znQCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-GV71tUtWX5w/YCSz7JSicaI/AAAAAAAAaxI/g0zGo7I7G7Ye2wo9tXeP9jr2dZO29hKjgCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://mixmods.com.br/2015/06/ecg-enhanced-classic-graphics-vehicletxd.html
Title: ECG VehicleTXD

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-ZPH6UuOPnDM/YCSzgV-6pyI/AAAAAAAAawg/na4Iul710Y0TqSCtUR3c_f0KptGoM_3IgCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-8HgIGfIEmwM/YCSzpzYbLXI/AAAAAAAAawo/Ax7f1f2XpFk_4zpIITqC4BhbGLV6XPFogCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-fiTpb8y10oY/YCSzw1cmLnI/AAAAAAAAaw0/zn5QG_urpbcef3gjxqqPFvRRezE_SxTTwCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-F8MIreOnJLM/YCSzsw4da0I/AAAAAAAAaws/FnTEZlJRQAgn-jy0SDgVKKovppn_Zx0nACLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-r6kCFcM5W0E/YKete1dIe-I/AAAAAAAAbkI/nWua28wI1K02jhXgmS3IpmjC7cDRJjQcwCLcBGAsYHQ/s16000/gta-sa-mod-proper-textures-cutscenes-hd-fix.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-tzpaKx0HDRE/YCS0ocUBQOI/AAAAAAAAaxY/q9ufDQQYGgY1DcWzSmQf4oF8dJtRKfPwQCLcBGAsYHQ/s16000/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-NXtusw4J2eM/YKemUzSMXcI/AAAAAAAAbkA/ipIeN8gBogUQlr9r-LMkfkYMozWTBKRhgCLcBGAsYHQ/s16000/gta-sa-mod-camper-the-truth-mothership-hd-remaster.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-TLgZvlbI4G8/YZrjFdEjqJI/AAAAAAAAc-c/bGaTY3HXcoQ0dj3jQIMmoDkRiQFrpBiAACLcBGAsYHQ/s16000/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-VG5SI6clDUI/YZrrN5RWutI/AAAAAAAAc-s/doB6eNYhth4Sdj2Rw0wiSPPM0ffejgEhwCLcBGAsYHQ/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-paint.jpg

Search URL Search Domain Scan URL

URL: https://lh3.googleusercontent.com/-dFAhi2KeLVc/YZrkTMB1iuI/AAAAAAAAc-k/wic5ODbqR3UxUWsilHZQuwe8TSEtT4YRgCLcBGAsYHQ/s16000/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-cop.jpg

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f7533346c7a6e773566356d342f50726f7065725f56656869636c65735f52657465782e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://adf.ly/3193374/http://gta.nafaixa.com.br/link-download/pd/aHR0cDovL/68747470733a2f2f73686172656d6f64732e636f6d2f6374756d363179667a74797a2f534144455f2d5f50726f7065725f56656869636c65735f52657465782e377a2e68746d6c

Search URL Search Domain Scan URL

URL: http://www.mixmods.com.br/2021/10/upgraded-vehicles-pack-carros-originais.html
Title: Upgraded Vehicles Pack (corrigir carros originais)

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2019/01/rikintoshs-small-details-mod-carros-texturas-hd.html
Title: Rikintosh's Small Details Mod (carros com texturas HD)

Search URL Search Domain Scan URL

URL: https://www.mixmods.com.br/2015/08/improved-sa-default-cars-carros-originais-melhorados.html
Title: Improved SA Default Cars (carros originais melhorados)

Search URL Search Domain Scan URL

URL: http://gta-down.nafaixa.com.br/
Title: Enviar Mods

Search URL Search Domain Scan URL

URL: http://www.omural.net/

Search URL Search Domain Scan URL

URL: http://www.nafaixa.net/

Search URL Search Domain Scan URL

URL: http://www.sopapeldeparede.com.br/

Search URL Search Domain Scan URL

URL: http://top.vlog.br/
Title: Top Vlog Brasil

Search URL Search Domain Scan URL

URL: http://www.dicas10.net/
Title: Dicas 10

Search URL Search Domain Scan URL

URL: http://www.showmoto.com.br/
Title: Show Moto

Search URL Search Domain Scan URL

URL: http://www.ottomods-gtasa.blogspot.com/
Title: Otto Mods GTA SA

Search URL Search Domain Scan URL

URL: http://www.jhonatan3dconverts.com/
Title: Jhonatan 3D Converts

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gta.nafaixa.com.br/ HTTP 302
https://gta.nafaixa.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google.com.br/cse/brand?form=cse-search-box&lang=pt HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 87

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

Request Chain 137

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbhmeZyr7swY1V1722FAawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

Request Chain 139

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

Request Chain 155

https://pixel.adsafeprotected.com/rfw/st/1878143/77875697/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015808167&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_placementId=20952930895&bidurl=https://gta.nafaixa.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gS9ggTrXScrtEvmzNCg4Ip HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 162

https://pixel.adsafeprotected.com/rfw/st/1878143/77875697/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015808167&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_placementId=20952930895&bidurl=https://gta.nafaixa.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0imWOBInwcsAoFkUm4bt_Tp HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 169

https://pixel.adsafeprotected.com/rfw/st/1878143/77840789/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015465496&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_placementId=20942784948&bidurl=https://gta.nafaixa.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iZChiKDTNJCtuvL0DBuMBD HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 190

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

Request Chain 191

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbhmeZyr7swY1V1722FAawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

Request Chain 193

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1

Request Chain 209

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKiM1cyaxF4FqyOwcJRi1-TIXlcgfur8q53G1juuhOxZL4lfUd01xupDxTsv HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKiM1cyaxF4FqyOwcJRi1-TIXlcgfur8q53G1juuhOxZL4lfUd01xupDxTsv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2lXam1qcm0xUnVFbjc1&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKiM1cyaxF4FqyOwcJRi1-TIXlcgfur8q53G1juuhOxZL4lfUd01xupDxTsv

Request Chain 211

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL_YFkDFt82a4sMbZ5pWYuM&google_cver=1&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD__Y1MPHDZvd6V7IcIxHPu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD__Y1MPHDZvd6V7IcIxHPu&google_hm=yus2Y5RASsmGl5c_pXjFGoM

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHAl-YZbi-y4KuUN6oxAsoA&google_cver=1

Request Chain 242

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdpr_consent=

Request Chain 260

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdpr_consent=

Request Chain 265

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2971903421&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2971903421&gdpr=&gdpr_consent=

317 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gta.nafaixa.com.br/
Redirect Chain

http://gta.nafaixa.com.br/
https://gta.nafaixa.com.br/

89 KB
30 KB

565ms
283ms

Document
text/html

192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: nginx/1.23.4 /
Resource Hash: fb893435e56c37059d9ec34dad184006bfeb5ac694099fcd2f4c7149cb70bbaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 30 Jan 2024 03:01:11 GMT
server: nginx/1.23.4
vary: Accept-Encoding
x-server-cache: false

Redirect headers

Content-Length: 211
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 30 Jan 2024 03:01:11 GMT
Location: https://gta.nafaixa.com.br/
Server: nginx/1.23.4
X-Server-Cache: false

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/ 120 KB
20 KB 95ms
37ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1076
age: 5342959
cdn-cachedat: 07/07/2023 01:09:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"5d5357cb3704e1f43a1f5bfed2aebf42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0ad4fc24207cad41168348671d66aef9
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84d6780e79ef4db4-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 09:28:39 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
10 KB 96ms
39ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 5267408
cdn-cachedat: 09/20/2023 03:55:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4becdc9104623e891fbb9d38bba01be4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 185c788f79e12bd6c42492d7ec314b03
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84d6780e79f14db4-FRA
cdn-requestpullsuccess: True

GET
H2 200 b-style.css
gta.nafaixa.com.br/ 1 KB
669 B 157ms
149ms Stylesheet
text/css 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/b-style.css
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 0fcf23457b16ada64daf508a336c84c03f7ab793bb0b239a8e2b54ba49846524

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 573

GET
H2 200 menu_style.css
gta.nafaixa.com.br/ 751 B
430 B 158ms
149ms Stylesheet
text/css 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/menu_style.css
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: c2406e350ae14cae80c7c56dcbabfd407697574ea9ac44aea5dc8c4a3d44103b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 18:00:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 375

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
56 KB 107ms
47ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:30:59 GMT
x-content-type-options: nosniff
age: 1813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57254
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 02:30:59 GMT

GET
H2 200 jquery.easing.1.3.js Show response
gta.nafaixa.com.br/sexy-lightbox/ 8 KB
3 KB 167ms
158ms Script
application/javascript 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/sexy-lightbox/jquery.easing.1.3.js
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2763

GET
H2 200 sexylightbox.v2.3.jquery.min.js Show response
gta.nafaixa.com.br/sexy-lightbox/ 10 KB
5 KB 162ms
154ms Script
application/javascript 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/sexy-lightbox/sexylightbox.v2.3.jquery.min.js
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: ea4188db75d76610fba765f87d9b5044c2f6188f8abd633209360dd8c5337a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4813

GET
H2 200 sexylightbox.css
gta.nafaixa.com.br/sexy-lightbox/ 2 KB
696 B 159ms
151ms Stylesheet
text/css 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/sexy-lightbox/sexylightbox.css
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: f7ac07b5c532b28a45e8245ab333330a3013c72192b38b6a385f9cb2ba1d6c0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 664

GET
H2 200 protect.js.php Show response
gta.nafaixa.com.br/link-download/ 7 KB
3 KB 164ms
156ms Script
text/javascript 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/link-download/protect.js.php
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 99c0e47ca0215c84055f3a78ab99daf9ce339eab2b2786edb0c47d08b50d9da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
server: Apache
content-length: 2691
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 370ms
224ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b671f18bcdb434e67bd89c4b57b669fb715f8364c942ac53e5a586453d88e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51461
x-xss-protection: 0
server: cafe
etag: 11720181644719056669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 30 Jan 2024 03:01:12 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.br/cse/brand?form=cse-search-box&lang=pt
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

76ms
22ms

Script
text/javascript

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 30 Jan 2024 10:42:57 GMT

Redirect headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:31:12 GMT

GET
H2 200 new-page.gif
gta.nafaixa.com.br/ 74 B
111 B 159ms
152ms Image
image/gif 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/new-page.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 4590052c090e5cb760a4dd120c376536f2b4242470407aa12dcc487f3e9920dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 74
content-type: image/gif

GET
H2 200 download-baixar.png
3.bp.blogspot.com/-T5_f2oYA24c/XM8gOQEYeGI/AAAAAAAAVaY/LKn4j_yKP288jT8fEfdC0VDxjydTZSDkgCK4BGAYYCw/s400/ 1 KB
2 KB 189ms
44ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-T5_f2oYA24c/XM8gOQEYeGI/AAAAAAAAVaY/LKn4j_yKP288jT8fEfdC0VDxjydTZSDkgCK4BGAYYCw/s400/download-baixar.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0252a974157571f5f2df443ee25cb56a5361026fe0b1e6b90c540e56240b98c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="download-baixar.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
server: fife
etag: "v55a7"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-iii-3-definitive-edition-new-claude-mod-fixed.jpg
lh3.googleusercontent.com/-NHjd_itbRoU/YZ7usb3BW8I/AAAAAAAAdAQ/T5afsmsxemQWY0UIx-JBBmLpRmNdLQDtQCLcBGAsYHQ/w479-h270/ 35 KB
35 KB 538ms
464ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-NHjd_itbRoU/YZ7usb3BW8I/AAAAAAAAdAQ/T5afsmsxemQWY0UIx-JBBmLpRmNdLQDtQCLcBGAsYHQ/w479-h270/gta-iii-3-definitive-edition-new-claude-mod-fixed.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5086540d1b34dd5765a5e28165f26deff7424e8b5fe83d0989c11553ccf7eaf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7405"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-iii-3-definitive-edition-new-claude-mod-fixed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35438
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-vc-definitive-edition-trilogy-tommy-fixed-new-mod.jpg
lh3.googleusercontent.com/-F3ccyfooa_A/YZ7vB_IYNzI/AAAAAAAAdAY/6Hf7Rsz0grEduAi_FR1wm6oIkWHIhSEigCLcBGAsYHQ/w479-h269/ 35 KB
35 KB 460ms
447ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-F3ccyfooa_A/YZ7vB_IYNzI/AAAAAAAAdAY/6Hf7Rsz0grEduAi_FR1wm6oIkWHIhSEigCLcBGAsYHQ/w479-h269/gta-vc-definitive-edition-trilogy-tommy-fixed-new-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

84ef43aa10e77b1f341a176cbe0eac005f06b46fdc5624ce489bd50bb9494bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7407"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-vc-definitive-edition-trilogy-tommy-fixed-new-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35880
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-trilogy-definitive-edition-mod-claude-tommy-new-mod-fixed.jpg
lh3.googleusercontent.com/-L9qc43PtWRs/YZ7uaWIr7KI/AAAAAAAAdAI/fC8c5nSnNU8VmyJLTEk9Jtw-ZOw1g9lbACLcBGAsYHQ/w479-h668/ 77 KB
78 KB 348ms
340ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-L9qc43PtWRs/YZ7uaWIr7KI/AAAAAAAAdAI/fC8c5nSnNU8VmyJLTEk9Jtw-ZOw1g9lbACLcBGAsYHQ/w479-h668/gta-trilogy-definitive-edition-mod-claude-tommy-new-mod-fixed.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c34e7b3dc4d43d22cd535f7410039db2b814879d4dda93be6fd00aa7e2efd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7403"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-trilogy-definitive-edition-mod-claude-tommy-new-mod-fixed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79263
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-vc-definitive-edition-trilogy-new-tommy-fixed-mod.jpg
lh3.googleusercontent.com/-fkN5MQL4t0E/YZ7swvvgH_I/AAAAAAAAdAA/-bBK6-0OQfYf2wf-eBOds4GTzqgnCcvJwCLcBGAsYHQ/w480-h311/ 55 KB
56 KB 514ms
507ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-fkN5MQL4t0E/YZ7swvvgH_I/AAAAAAAAdAA/-bBK6-0OQfYf2wf-eBOds4GTzqgnCcvJwCLcBGAsYHQ/w480-h311/gta-vc-definitive-edition-trilogy-new-tommy-fixed-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

176eb92da2823929c613b3e4a575bd0ba020e17204bcaeb4633baee026766461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7401"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-vc-definitive-edition-trilogy-new-tommy-fixed-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56801
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-mod-red-marker-light-fix-remove.jpg
lh3.googleusercontent.com/-6J2DClNEGT4/YZBaldhqCaI/AAAAAAAAc5I/oCP9QUAax8oEE6ZwT78KtP0cwfAqL-6IACLcBGAsYHQ/w452-h609/ 112 KB
112 KB 437ms
430ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-6J2DClNEGT4/YZBaldhqCaI/AAAAAAAAc5I/oCP9QUAax8oEE6ZwT78KtP0cwfAqL-6IACLcBGAsYHQ/w452-h609/gta-sa-definitive-edition-mod-red-marker-light-fix-remove.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5ac10327a3e74f4ba69fcb71d359cf84cf71fb13bbf27b14a3a10d257d450fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7393"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-mod-red-marker-light-fix-remove.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114676
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-trilogy-marker-light-fix-remove.jpg
lh3.googleusercontent.com/-vlN5Bdoi79g/YZ1nJr2-NQI/AAAAAAAAc_g/e_o7203rkqIiOiMp9o6RD4is2gPlrjXFgCLcBGAsYHQ/w450-h614/ 73 KB
73 KB 413ms
406ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-vlN5Bdoi79g/YZ1nJr2-NQI/AAAAAAAAc_g/e_o7203rkqIiOiMp9o6RD4is2gPlrjXFgCLcBGAsYHQ/w450-h614/gta-trilogy-marker-light-fix-remove.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f70489e29f511ef3bcda52713636f6c870381b628b59c0db78eb9d62d84a56ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73f9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-trilogy-marker-light-fix-remove.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75075
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-trilogy-marker-light-fix-remove-iii.jpg
lh3.googleusercontent.com/-L3N7GnB7HCA/YZ1n3L-lo8I/AAAAAAAAc_o/oRhqAW-BN1IfcTwpX_WNhKgs41VHTL2EwCLcBGAsYHQ/w450-h658/ 56 KB
56 KB 445ms
438ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-L3N7GnB7HCA/YZ1n3L-lo8I/AAAAAAAAc_o/oRhqAW-BN1IfcTwpX_WNhKgs41VHTL2EwCLcBGAsYHQ/w450-h658/gta-trilogy-marker-light-fix-remove-iii.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cca4f820059d5f2f7e9e36fa536915de1f94b00e7e5872ce6cf5cd9d1f8cda5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73fb"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-trilogy-marker-light-fix-remove-iii.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56998
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-classic-colored-radio-icons-mod.jpeg
lh3.googleusercontent.com/-I-NpLUa6scc/YZ2OMJ5Wt2I/AAAAAAAAc_w/xPKCrC5pdEYZhgBtugOcKATPMRE-IcAJwCLcBGAsYHQ/w441-h250/ 26 KB
26 KB 495ms
488ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-I-NpLUa6scc/YZ2OMJ5Wt2I/AAAAAAAAc_w/xPKCrC5pdEYZhgBtugOcKATPMRE-IcAJwCLcBGAsYHQ/w441-h250/gta-sa-definitive-edition-classic-colored-radio-icons-mod.jpeg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d268b67074247d5ba23883e661f46e7c19d63a72d5548e5364a6cadc556ac50a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73fd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-classic-colored-radio-icons-mod.jpeg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26880
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-graffiti-tags-hd-fatcap.jpg
2.bp.blogspot.com/-vds_EBin6Gw/Xogv8o7NCjI/AAAAAAAAX4M/ufCdk3X24L0sqyS2bb5BYe0lUf99EFeqACK4BGAYYCw/s1125/ 153 KB
153 KB 510ms
366ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-vds_EBin6Gw/Xogv8o7NCjI/AAAAAAAAX4M/ufCdk3X24L0sqyS2bb5BYe0lUf99EFeqACK4BGAYYCw/s1125/gta-sa-mod-graffiti-tags-hd-fatcap.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f547cd28c1eadf884987c75c11890f44bddaafe491f80b6032b26458b188ce2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v5f84"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-graffiti-tags-hd-fatcap.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156269
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-fat-tags-hd-texture-grove.jpg
lh3.googleusercontent.com/-U--F1xFoO4c/YZwmHvuXfeI/AAAAAAAAc_Y/-6ej-Ayk0F4ge2TgNTvFFI7pjfTYzoYxACLcBGAsYHQ/w451-h350/ 43 KB
44 KB 434ms
428ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-U--F1xFoO4c/YZwmHvuXfeI/AAAAAAAAc_Y/-6ej-Ayk0F4ge2TgNTvFFI7pjfTYzoYxACLcBGAsYHQ/w451-h350/gta-sa-definitive-edition-fat-tags-hd-texture-grove.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7c7ed004966c555c89686fbbb5282c204b7b14da3ee1ea81977e939e08a997af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73f7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-fat-tags-hd-texture-grove.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44466
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-player-cj-retex-remaster-hd-texture.jpg
lh3.googleusercontent.com/-LNPvye4iOKo/YWgLejux7ZI/AAAAAAAAcrw/JpU8onr6nXgTVLl7LMcrh-8hLmlcYwjJwCLcBGAsYHQ/w490-h319/ 46 KB
46 KB 545ms
539ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-LNPvye4iOKo/YWgLejux7ZI/AAAAAAAAcrw/JpU8onr6nXgTVLl7LMcrh-8hLmlcYwjJwCLcBGAsYHQ/w490-h319/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d718215ae7e8b69f3776b645c4882df30e5029f3efabc73ed159ce10a607a805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v72bd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-player-cj-retex-remaster-hd-texture.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47005
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-san-mod-cj-upscale-ai-remaster-remini-hd-texture.jpg
1.bp.blogspot.com/-hMXnHy_U8qU/YLrplpZG_1I/AAAAAAAAbvM/foEa6nC1SyAcCfDmmyKYzmuyRLA6IjxKgCLcBGAsYHQ/w491-h246/ 19 KB
20 KB 640ms
496ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-hMXnHy_U8qU/YLrplpZG_1I/AAAAAAAAbvM/foEa6nC1SyAcCfDmmyKYzmuyRLA6IjxKgCLcBGAsYHQ/w491-h246/gta-sa-san-mod-cj-upscale-ai-remaster-remini-hd-texture.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1eaecf5b2eb677b6603c6d3ab23264368b274a4809625692f18916d56fd2217b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6ef4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-san-mod-cj-upscale-ai-remaster-remini-hd-texture.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-2.jpg
lh3.googleusercontent.com/-sW0KjKCchVA/YWgOJt4TpxI/AAAAAAAAcr4/48k4JlGnog0EMsXCKmdXJI2V-DdQf_VAwCLcBGAsYHQ/w490-h667/ 98 KB
98 KB 546ms
539ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-sW0KjKCchVA/YWgOJt4TpxI/AAAAAAAAcr4/48k4JlGnog0EMsXCKmdXJI2V-DdQf_VAwCLcBGAsYHQ/w490-h667/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-2.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1bb13c81d4b001306c5a51a2e99f79146583f8e06f1e7431e3d19be3b4c9aef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v72bf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-2.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100524
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-3.jpg
lh3.googleusercontent.com/-yRfH55AZ4og/YWgSElzbTjI/AAAAAAAAcsA/3VZ9IICwIQQ0K1tE_x1cmrbFsP1nhu3owCLcBGAsYHQ/w490-h317/ 46 KB
46 KB 440ms
434ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-yRfH55AZ4og/YWgSElzbTjI/AAAAAAAAcsA/3VZ9IICwIQQ0K1tE_x1cmrbFsP1nhu3owCLcBGAsYHQ/w490-h317/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-3.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

39094fb21bddb795d6f9a42f85b399738d92439bfb8e0bae9fb1bb9657f19afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v72c1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-3.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47384
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-4.jpg
lh3.googleusercontent.com/-kjhFp-sSMIk/YWgW5wvpAbI/AAAAAAAAcsI/mUZDEUNX6ysnWVXyI5endITyHs1svtDZwCLcBGAsYHQ/w490-h785/ 132 KB
132 KB 481ms
475ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-kjhFp-sSMIk/YWgW5wvpAbI/AAAAAAAAcsI/mUZDEUNX6ysnWVXyI5endITyHs1svtDZwCLcBGAsYHQ/w490-h785/gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-4.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02a17e9cda73867dc8f97f8f1838da1f121fb536a1c4dd17e81f264728972436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v72c3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-player-cj-retex-remaster-hd-texture-4.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135017
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-player-retex-remaster-cj-clothes.jpg
lh3.googleusercontent.com/-W2Q7DOh0Kfo/YXcI4ZURL0I/AAAAAAAAcxY/zh9NRXG5cOEddnRIYDAHDspXEbQ1DjokQCLcBGAsYHQ/s16000/ 52 KB
52 KB 238ms
232ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-W2Q7DOh0Kfo/YXcI4ZURL0I/AAAAAAAAcxY/zh9NRXG5cOEddnRIYDAHDspXEbQ1DjokQCLcBGAsYHQ/s16000/gta-sa-mod-proper-player-retex-remaster-cj-clothes.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6c7a099ba81b11434bc82d72609d2951c6ce46141a96a042a02bc1b5ca500f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v7317"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-player-retex-remaster-cj-clothes.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52806
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-mod-jeans-pants-clothes-hd-texture.jpg
lh3.googleusercontent.com/-CNxMJKq-DiU/YY67EknVdbI/AAAAAAAAc34/UJLoPxONUpQTd_wqXrfaEpGTp8u3OQuvgCLcBGAsYHQ/s16000/ 114 KB
115 KB 417ms
411ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-CNxMJKq-DiU/YY67EknVdbI/AAAAAAAAc34/UJLoPxONUpQTd_wqXrfaEpGTp8u3OQuvgCLcBGAsYHQ/s16000/gta-sa-definitive-edition-mod-jeans-pants-clothes-hd-texture.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

382e6848add219885bfe21f4b41d565c06449e5a2ff4420c439b3485ca4b4b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v737f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-mod-jeans-pants-clothes-hd-texture.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117057
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-mod-jeans-pants-clothes-hd.jpg
lh3.googleusercontent.com/--jJ2fJJwatw/YY63nWdZthI/AAAAAAAAc3w/q4wzMZsSYRQdGGjuET1vk9KyZfrC5CKDACLcBGAsYHQ/w500-h272/ 31 KB
32 KB 542ms
537ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/--jJ2fJJwatw/YY63nWdZthI/AAAAAAAAc3w/q4wzMZsSYRQdGGjuET1vk9KyZfrC5CKDACLcBGAsYHQ/w500-h272/gta-sa-definitive-edition-mod-jeans-pants-clothes-hd.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

98bbe3733f5a1b8a3c2efdf5682f88ab35fa79b967ad46b1a089666fa8371ef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v737d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-mod-jeans-pants-clothes-hd.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32183
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-trilogy-proper-player-cj-texture-fix-mod.jpg
lh3.googleusercontent.com/-sxlK7rxqINA/YZwkIBlEeEI/AAAAAAAAc_Q/UDBEWHn460oplJjv8cpXAhUtfMCY-q6dgCLcBGAsYHQ/w500-h384/ 68 KB
69 KB 554ms
549ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-sxlK7rxqINA/YZwkIBlEeEI/AAAAAAAAc_Q/UDBEWHn460oplJjv8cpXAhUtfMCY-q6dgCLcBGAsYHQ/w500-h384/gta-sa-definitive-edition-trilogy-proper-player-cj-texture-fix-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b7a83d0e1767ce99fca9ad01d1b72c24213f3cf32f989f0d4e491e88ddb1346e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73f5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-trilogy-proper-player-cj-texture-fix-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70096
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-trilogy-proper-player-cj-texture-hd-mod.jpg
lh3.googleusercontent.com/-OjUNGUQsysQ/YZwgU5lF5WI/AAAAAAAAc_I/iwn7bg4S8CoNN62DITAoS64ZyLDbIY1fgCLcBGAsYHQ/w500-h528/ 65 KB
65 KB 297ms
291ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-OjUNGUQsysQ/YZwgU5lF5WI/AAAAAAAAc_I/iwn7bg4S8CoNN62DITAoS64ZyLDbIY1fgCLcBGAsYHQ/w500-h528/gta-sa-definitive-edition-trilogy-proper-player-cj-texture-hd-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63b9eea7c09e1760b4e440e713ffb1f5d44cb9418caf5fa9353f02f59e0f9785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73f3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-trilogy-proper-player-cj-texture-hd-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66636
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-popcycle-noite-night-real-population.jpg
3.bp.blogspot.com/-U96kRfDEBio/WOWqZR2egsI/AAAAAAAANyM/oFzVxYxq7ZE20Lmnc7O-oJ395r87UtdXQCK4B/s400/ 35 KB
35 KB 503ms
360ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-U96kRfDEBio/WOWqZR2egsI/AAAAAAAANyM/oFzVxYxq7ZE20Lmnc7O-oJ395r87UtdXQCK4B/s400/gta-sa-popcycle-noite-night-real-population.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

803eed4b2ecb4d5cf3ad16dc822a83fe05bc0ac4780a525eb8fe00dd2e91d33b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v3726"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-popcycle-noite-night-real-population.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35560
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-popcycle-beach-real-population.jpg
3.bp.blogspot.com/-RIkGM1sfRQs/WOWtB0JcquI/AAAAAAAANyU/0FeFkOdHY-oqwrMjZYIFHHpE9lZtdstXwCK4B/s400/ 39 KB
39 KB 575ms
463ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-RIkGM1sfRQs/WOWtB0JcquI/AAAAAAAANyU/0FeFkOdHY-oqwrMjZYIFHHpE9lZtdstXwCK4B/s400/gta-sa-popcycle-beach-real-population.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3120bfc2df6ec34e0a0a5242f1da88cbd9a075596ba0fe6c87d1a3338fb22802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v3726"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-popcycle-beach-real-population.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40224
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-popcycle-population-more-peds-cars-mod.jpg
lh3.googleusercontent.com/-8wU6_vrXWXE/YZrFGGlVDnI/AAAAAAAAc-U/zZR2xc1v5_sU2e_VW93hFZVCtniwCR4XACLcBGAsYHQ/w460-h189/ 36 KB
36 KB 372ms
367ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-8wU6_vrXWXE/YZrFGGlVDnI/AAAAAAAAc-U/zZR2xc1v5_sU2e_VW93hFZVCtniwCR4XACLcBGAsYHQ/w460-h189/gta-sa-definitive-edition-popcycle-population-more-peds-cars-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7ad1a381127ab78c6842aac3b416b42d1165f8be5fd9745dba092f3dfb481d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73e6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-popcycle-population-more-peds-cars-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36529
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 download-baixar.png
2.bp.blogspot.com/-CzT1PN0jFPk/V8QS4_ocVPI/AAAAAAAAK-w/uHiaRlu1Z-Y0Z-KunqceLRgEQYgn1p4KwCK4B/s1600/ 4 KB
4 KB 32ms
31ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-CzT1PN0jFPk/V8QS4_ocVPI/AAAAAAAAK-w/uHiaRlu1Z-Y0Z-KunqceLRgEQYgn1p4KwCK4B/s1600/download-baixar.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b5673acd1e13107f22d7d4e90778df431aa153f3b46349d3b9b769484700603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 00:20:16 GMT
x-content-type-options: nosniff
age: 9656
content-disposition: inline;filename="download-baixar.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3839
x-xss-protection: 0
server: fife
etag: "v2bf0"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:20:16 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-10JT8ECF5M0/YCSzzh3AHPI/AAAAAAAAaw4/YEcdTNNUspMG3oAZIYJtYRyhsYjrZMxtwCLcBGAsYHQ/w488-h223/ 30 KB
30 KB 363ms
358ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-10JT8ECF5M0/YCSzzh3AHPI/AAAAAAAAaw4/YEcdTNNUspMG3oAZIYJtYRyhsYjrZMxtwCLcBGAsYHQ/w488-h223/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab63d796f41e5421e82ffd99f02edd55a8af2d8321f5af8becf08e8e54d17b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b13"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30780
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-j5m5X9HY8U4/YCSz2Htln8I/AAAAAAAAaxA/1NcKmFql6iQrM2G3E7CrNDoedJRk8fW_gCLcBGAsYHQ/w400-h183/ 17 KB
17 KB 499ms
494ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-j5m5X9HY8U4/YCSz2Htln8I/AAAAAAAAaxA/1NcKmFql6iQrM2G3E7CrNDoedJRk8fW_gCLcBGAsYHQ/w400-h183/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da5b59f4a50e519456e12d0157b8aade77ffc031832490356eac05315d24face

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b14"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17019
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster.jpg
lh3.googleusercontent.com/-fp67o2y2nSY/YCaJOP50-2I/AAAAAAAAayM/VeoTV9EkLNkjtSOoh5rAbGiQpSF8J0znQCLcBGAsYHQ/w400-h400/ 52 KB
52 KB 383ms
378ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-fp67o2y2nSY/YCaJOP50-2I/AAAAAAAAayM/VeoTV9EkLNkjtSOoh5rAbGiQpSF8J0znQCLcBGAsYHQ/w400-h400/gta-sa-mod-proper-hd-retex-textures-remaster.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d12ac3b79c97d538cf08c1e1b754b230510d23528f82e2d2cfdcfe41550bcb29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b24"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53405
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-GV71tUtWX5w/YCSz7JSicaI/AAAAAAAAaxI/g0zGo7I7G7Ye2wo9tXeP9jr2dZO29hKjgCLcBGAsYHQ/w400-h183/ 26 KB
26 KB 455ms
450ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-GV71tUtWX5w/YCSz7JSicaI/AAAAAAAAaxI/g0zGo7I7G7Ye2wo9tXeP9jr2dZO29hKjgCLcBGAsYHQ/w400-h183/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8a3797e04b7b321c7d20c2f10043744ab4829283c89a62c73690682b3fbf9768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b15"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26887
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-ZPH6UuOPnDM/YCSzgV-6pyI/AAAAAAAAawg/na4Iul710Y0TqSCtUR3c_f0KptGoM_3IgCLcBGAsYHQ/w400-h183/ 13 KB
13 KB 429ms
425ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-ZPH6UuOPnDM/YCSzgV-6pyI/AAAAAAAAawg/na4Iul710Y0TqSCtUR3c_f0KptGoM_3IgCLcBGAsYHQ/w400-h183/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

79f8503281c4f56ddab54ae2417cf3c2ffa4356599b18615b523d35c94ee58cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b0c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13000
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-8HgIGfIEmwM/YCSzpzYbLXI/AAAAAAAAawo/Ax7f1f2XpFk_4zpIITqC4BhbGLV6XPFogCLcBGAsYHQ/w400-h183/ 19 KB
19 KB 441ms
437ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-8HgIGfIEmwM/YCSzpzYbLXI/AAAAAAAAawo/Ax7f1f2XpFk_4zpIITqC4BhbGLV6XPFogCLcBGAsYHQ/w400-h183/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58243d95739ac4d776fbecbd43479de161fd6cf000e8314580f450bda86225c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b11"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19201
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-fiTpb8y10oY/YCSzw1cmLnI/AAAAAAAAaw0/zn5QG_urpbcef3gjxqqPFvRRezE_SxTTwCLcBGAsYHQ/w400-h183/ 27 KB
27 KB 500ms
496ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-fiTpb8y10oY/YCSzw1cmLnI/AAAAAAAAaw0/zn5QG_urpbcef3gjxqqPFvRRezE_SxTTwCLcBGAsYHQ/w400-h183/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6493db57b6f5fe043866da62c20226e809ac78bc98359dc7ccfb50ccf50e0fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b14"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27275
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-F8MIreOnJLM/YCSzsw4da0I/AAAAAAAAaws/FnTEZlJRQAgn-jy0SDgVKKovppn_Zx0nACLcBGAsYHQ/w400-h182/ 18 KB
18 KB 462ms
458ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-F8MIreOnJLM/YCSzsw4da0I/AAAAAAAAaws/FnTEZlJRQAgn-jy0SDgVKKovppn_Zx0nACLcBGAsYHQ/w400-h182/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f60fcc93c3aba081966086a59e80e70b01beabd22f24afa6039cc908c72ff989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b14"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18651
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-textures-cutscenes-hd-fix.jpg
lh3.googleusercontent.com/-r6kCFcM5W0E/YKete1dIe-I/AAAAAAAAbkI/nWua28wI1K02jhXgmS3IpmjC7cDRJjQcwCLcBGAsYHQ/w400-h225/ 30 KB
30 KB 590ms
586ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-r6kCFcM5W0E/YKete1dIe-I/AAAAAAAAbkI/nWua28wI1K02jhXgmS3IpmjC7cDRJjQcwCLcBGAsYHQ/w400-h225/gta-sa-mod-proper-textures-cutscenes-hd-fix.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

432cc6494e7403717ed1035e5ba24d50f7dfb9ea241580e12e5e9d8ff388357e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6e43"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-textures-cutscenes-hd-fix.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30484
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg
lh3.googleusercontent.com/-tzpaKx0HDRE/YCS0ocUBQOI/AAAAAAAAaxY/q9ufDQQYGgY1DcWzSmQf4oF8dJtRKfPwQCLcBGAsYHQ/w474-h217/ 36 KB
36 KB 446ms
442ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-tzpaKx0HDRE/YCS0ocUBQOI/AAAAAAAAaxY/q9ufDQQYGgY1DcWzSmQf4oF8dJtRKfPwQCLcBGAsYHQ/w474-h217/gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b4bf10c750748950567c778de3c159398e361c4c236c4a235269d94d4eede288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6b17"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-proper-hd-retex-textures-remaster-interior.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36653
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-mod-camper-the-truth-mothership-hd-remaster.jpg
lh3.googleusercontent.com/-NXtusw4J2eM/YKemUzSMXcI/AAAAAAAAbkA/ipIeN8gBogUQlr9r-LMkfkYMozWTBKRhgCLcBGAsYHQ/w474-h357/ 96 KB
96 KB 593ms
589ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-NXtusw4J2eM/YKemUzSMXcI/AAAAAAAAbkA/ipIeN8gBogUQlr9r-LMkfkYMozWTBKRhgCLcBGAsYHQ/w474-h357/gta-sa-mod-camper-the-truth-mothership-hd-remaster.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0de263c3c05f2a5ee9657dbeaac67821e1fc7a25b80a481311038922ba5d1dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v6e41"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-mod-camper-the-truth-mothership-hd-remaster.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98254
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod.jpg
lh3.googleusercontent.com/-TLgZvlbI4G8/YZrjFdEjqJI/AAAAAAAAc-c/bGaTY3HXcoQ0dj3jQIMmoDkRiQFrpBiAACLcBGAsYHQ/s16000/ 197 KB
198 KB 496ms
493ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-TLgZvlbI4G8/YZrjFdEjqJI/AAAAAAAAc-c/bGaTY3HXcoQ0dj3jQIMmoDkRiQFrpBiAACLcBGAsYHQ/s16000/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ad56af78bd5c1d822f256f4b3a40ea82d8b79c33a6e8e9b72c888a7e43355160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73e8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202118
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-paint.jpg
lh3.googleusercontent.com/-VG5SI6clDUI/YZrrN5RWutI/AAAAAAAAc-s/doB6eNYhth4Sdj2Rw0wiSPPM0ffejgEhwCLcBGAsYHQ/w469-h528/ 51 KB
51 KB 269ms
265ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-VG5SI6clDUI/YZrrN5RWutI/AAAAAAAAc-s/doB6eNYhth4Sdj2Rw0wiSPPM0ffejgEhwCLcBGAsYHQ/w469-h528/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-paint.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

30c2e9b324ca92a7627339f4de3e104bc105a3f92bcff3159dd408d75c9461b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73ec"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-paint.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52152
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-cop.jpg
lh3.googleusercontent.com/-dFAhi2KeLVc/YZrkTMB1iuI/AAAAAAAAc-k/wic5ODbqR3UxUWsilHZQuwe8TSEtT4YRgCLcBGAsYHQ/w469-h442/ 58 KB
58 KB 349ms
345ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-dFAhi2KeLVc/YZrkTMB1iuI/AAAAAAAAc-k/wic5ODbqR3UxUWsilHZQuwe8TSEtT4YRgCLcBGAsYHQ/w469-h442/gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-cop.jpg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f386e76a0a479e152c9436ff9dbf890f7ec312ea3e6e883bafb8748c1a27fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v73ea"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gta-sa-definitive-edition-proper-vehicles-retex-texture-hd-mod-cop.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58970
x-xss-protection: 0
expires: Wed, 31 Jan 2024 03:01:12 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 207ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f1cce6c07f93a973b97053bff17d3644e8434c73268128fa3addc89d3da730d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10676
x-xss-protection: 0
server: cafe
etag: 1059142144233364698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:12 GMT

GET out.php
papeldeparede.gratis/ 0
0

GET
H2 200 save-game.jpg
gta.nafaixa.com.br/images/ 20 KB
20 KB 289ms
285ms Image
image/jpeg 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/images/save-game.jpg
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 5c628625cdc2eb7c1391c5da3affc0c87060620d8d24803e974995a69038389c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:08 GMT
server: Apache
accept-ranges: bytes
content-length: 20780
content-type: image/jpeg

GET
H2 200 120x60.gif
www.omural.net/banner/ 3 KB
3 KB 456ms
344ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.omural.net/banner/120x60.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a905db9ba1136cb83506b493889e8e7492f79749de4b5121b9f4896a56101a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Feb 2013 23:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dWFcfiZs3tn8AVrko4935RjajWDTbtLh7kiMuq7TUnK4pvLKJ6JekZ48%2BVsMCU2bRD2JNjWwvEa5jOvxis%2Btz4PhBj2Ij1Ec8JiRPMW5etNX5ymDin%2Fc15RZjJN6%2BFI5Vl%2BcCZJf2hQrPj1Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d67810df48190d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3047

GET
H2 200 120x60.gif
www.nafaixa.net/ 16 KB
16 KB 594ms
448ms Image
image/gif 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/120x60.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6d51883c8a3663c2a1d2b14aa22d83b9fd9ecf5c5f04e1f2475cc33ae684e91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Nov 2008 01:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcNXUe9YUYsmSUiumjZDcpsfX8bhz34AudbASk2gDH6PIW%2BKlXwued4QVgjwVk4RU8iut8kRGD2LHq1XnRgCtf4TX8JeRp4qOExRDPK0gahdRaeesTJbhlgAZTcJEVvlMdjDG7J%2F%2F3c8s90EOcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678110a072bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16333

GET
H2 200 120x60.gif
www.sopapeldeparede.com.br/banner/ 35 KB
36 KB 707ms
508ms Image
image/gif 2606:4700:3030::ac43:8e01
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sopapeldeparede.com.br/banner/120x60.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8e01 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e020ccafd2bbea30d09cfc8f9561aad86ea2f142c531412a0c40d572fd5c9401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Tue, 11 Feb 2014 22:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siN2TNCg4enIHYFH53qWmCp2XAFcEsAFpV9%2BxfM1Lck82jON5XXY0eFUycbOy5r%2BIDnMQHOM2vJylO3lW66LqWOi3FwneiCpm%2BPJxlPlDaba8mkWbXevXJVmSyZj9Py0JC3phPE8VX0UsMT0pd%2B37XwfurvwuOefLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 84d678116fead554-CDG
alt-svc: h3=":443"; ma=86400
content-length: 35842
expires: Thu, 29 Feb 2024 03:01:12 GMT

GET
H2 200 small.js Show response
widgets.amung.us/ 8 KB
4 KB 187ms
42ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/small.js
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
server: cloudflare
age: 2317
etag: W/"63c04130-2170"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 84d678101e703a88-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 02:22:35 GMT

GET
H2 200 120x60.gif
gta.nafaixa.com.br/banner/ 14 KB
14 KB 289ms
286ms Image
image/gif 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/banner/120x60.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 3b093f45e5a0f24e00632224aa29b30cfdcec8b7dcff628107a613005687b9d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 14404
content-type: image/gif

GET
H2 200 180x40.gif
gta.nafaixa.com.br/banner/ 6 KB
6 KB 290ms
287ms Image
image/gif 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/banner/180x40.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 510a48a6d3f99d71682c2ec24ead59e3c4eddce9ece3a6d9c7aea4b8507972d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 6375
content-type: image/gif

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 158ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31db9762ae58bbbb3f0ceb5ca8a2623c6745a53c99bfaa67a8c616f0b129916b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 03:01:12 GMT
content-md5: 6saZuJTSjvmhD9BCh8xByA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: 791VGEio8TyWoX8m3neBH4rfKX+iGZtcybzwFRGpSZTtdT/cGhotpIL2CeiEphnJ9tE9lCYLWImBzGvD/rD+Ng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e8791e05c1107626be9f7e09af03dc9a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2feccdfaa0fce6f6b8f34ffc69d2879b"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:04:57 GMT

GET
H2 200 sopapeldeparede.js Show response
gta.nafaixa.com.br/ 2 KB
810 B 295ms
287ms Script
application/javascript 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/sopapeldeparede.js
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 2cd3c948557ad07e403d5b58c19749dd167913e975f3e169be1f34721482c700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 03:16:29 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 755

GET
H2 200 topo.jpg
gta.nafaixa.com.br/layout/ 58 KB
59 KB 150ms
147ms Image
image/jpeg 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/layout/topo.jpg
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/b-style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 3b53fd241a73c57168fa336780e2deeb8c0e0643a8045d28c244f2288ab9aea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/b-style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 59891
content-type: image/jpeg

GET
H2 200 ipR0bMOmF2o Show response
www.youtube.com/embed/ Frame A476 92 KB
41 KB 174ms
104ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/ipR0bMOmF2o

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e820a60a340f04b84a76387761eb056bea4e03ec91b316dabb50814c520e9afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 2 KB
2 KB 108ms
20ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:11:25 GMT
x-content-type-options: nosniff
age: 64187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1556
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 28 Jan 2025 09:11:25 GMT

GET
H2 200 fundo_titulo_menu.jpg
gta.nafaixa.com.br/layout/ 519 B
549 B 239ms
239ms Image
image/jpeg 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/layout/fundo_titulo_menu.jpg
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 5e066ee8ffbf8841f9fb5b30930edee20b009fcea75424f6b1dc4f9488f935a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 519
content-type: image/jpeg

GET
H3 200 all.js Show response
connect.facebook.net/pt_BR/ 305 KB
86 KB 59ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=28a24686f3b267ac8d1c8f741f2c710f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d84c753118947c2fd0503a0f67769a68622bc65f07fe73099eb080840d9de72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gta.nafaixa.com.br/
Origin: https://gta.nafaixa.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 03:01:12 GMT
content-md5: oiargsvvxEngn7K43cRU6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87995
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
x-fb-debug: oiWuwzRi6YN0H2mIif1IAY5PyrX4HjeZubJ3HWCiDhsusEQ9U8crzbZj6l1Rtg8Rl/vHddQv8wXo9oTPq/bmwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e22adf27a030d0e3015eaaa7524f82f3
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f096f939e81c706dd929f70247e1bc70"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Jan 2025 01:12:23 GMT

GET
H2 200 status.php Show response
gta.nafaixa.com.br/vip/ Frame 702D 548 B
540 B 194ms
173ms Document
text/html 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://gta.nafaixa.com.br/vip/status.php
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: nginx/1.23.4 /
Resource Hash: f45c21b100a667bec4887d1b2abe2631220b7a3829dde40fe522002c084243b8

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 387
content-type: text/html
date: Tue, 30 Jan 2024 03:01:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.23.4
vary: Accept-Encoding
x-server-cache: false

GET
H2 200 Mural.php Show response
www.omural.net/mural/ Frame E82F 10 KB
4 KB 394ms
374ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/mural/Mural.php?Mural=9406
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42b2ed0ffd16a43f620208c61f13bd7a055fe9b8b6d525000e182fefd82d6337

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d67810df45190d-FRA
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Jan 2024 03:01:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhF%2FD6E4%2FaDZVURmnxuNgPK%2BmBdEC8N%2F%2FyGSkTrgXT5i4pNjSNWE74ImgUb%2FzXnTcSSpilphI8OhFgE8pIm8O8oOcORAc%2FfEX03sjhLNK5t7UuMO8hC0FpVcjo%2BTBhYk3dPHCHtd6Wq2JgXGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 listinha-games.php Show response
www.nafaixa.net/v1.2/jogos/ Frame 4C96 2 KB
928 B 485ms
432ms Document
text/html 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd975d141676d5c8d26b8f1df936fbcd6c50813f0be668d2914097634f642da

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d678110a062bfa-FRA
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Jan 2024 03:01:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FrcdvKdgsWVHFVBMk3%2FvGj5MbUhx9ktDK2DKNy95rxP212RjlVu3qbB4ImxUlBR84V96it4zXEMAjTwNvI8k2D0qqbgeXVt03c6X1J0Nrh7mjZygrkLucQt3wohknZJlQGYvefYW3bvHQSIFRI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 88ms
21ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gta.nafaixa.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 01:49:54 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4278
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 30 Jan 2024 03:49:54 GMT

GET
H2 200 seta.gif
gta.nafaixa.com.br/layout/ 68 B
97 B 154ms
148ms Image
image/gif 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/layout/seta.gif
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: c3ecd346a5e0a181b18f82368d44e781f0ffbd6e0b275faf5035a9602f529b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 68
content-type: image/gif

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 92ms
52ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=288191814570051&input_token&origin=1&redirect_uri=https%3A%2F%2Fgta.nafaixa.com.br%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=28a24686f3b267ac8d1c8f741f2c710f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
strict-transport-security: max-age=15552000; preload
date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: CO8UmzsFn+yf+grEQNvK4kzdimHxxPeSeTdshYg37MGjaINrIwCsvyO6ybPFOFWTHzED2WC8rLHtfDgl/xdtsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gta.nafaixa.com.br
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/cb886c6c/ Frame A476 359 KB
47 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb886c6c/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0927d0eb1802a65f1b033034b2d947118d176148381dce25c885d9deb94b9d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 14:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47487
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Jan 2025 14:39:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A476 15 KB
15 KB 73ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 77362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A476 15 KB
16 KB 70ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 582718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jan 2025 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/ Frame A476 53 KB
17 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9419adcc1f13fd1ae3c0d347a3803311060a2d8d35759514019ceb545aa6d108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 08:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 498981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16791
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 23 Jan 2025 08:24:51 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/cb886c6c/www-embed-player.vflset/ Frame A476 319 KB
95 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5904ac053ee5163169774e5563cc32a2c458a4ce0e8b4e76e173998f4d01d580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 01:04:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97391
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jan 2025 01:04:32 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/ Frame A476 2 MB
771 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac64e5d6f76ccb2e045537f017a83122eedb10a18e4cad23a8563df1e96d5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:24:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 789328
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Jan 2025 20:24:31 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 30ms
29ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1771179545&utmhn=gta.nafaixa.com.br&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GTA%20Na%20Faixa%20-%20Downloads%2C%20GTA%20III%2C%20GTA%20IV%2C%20GTA%20San%20Andreas%2C%20GTA%20Vice%20City%2C%20GTA%20V&utmhid=1609546518&utmr=-&utmp=%2F&utmht=1706583672537&utmac=UA-2088460-14&utmcc=__utma%3D128461018.242839724.1706583673.1706583673.1706583673.1%3B%2B__utmz%3D128461018.1706583673.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=986416327&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bgSexy.png
gta.nafaixa.com.br/sexy-lightbox/sexyimages/black/ 1 KB
1 KB 166ms
151ms Image
image/png 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/sexy-lightbox/sexyimages/black/bgSexy.png
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: de70bf4abfa316d41f9328274697a68ac32256b626d6114d5eff055a5c6563a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 1085
content-type: image/png

GET
H2 200 buttons.png
gta.nafaixa.com.br/sexy-lightbox/sexyimages/black/ 2 KB
2 KB 165ms
151ms Image
image/png 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/sexy-lightbox/sexyimages/black/buttons.png
Requested by: Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: f3e9629433f58593a1263aaa2081aac96747d73420e555fd364c52c53b4747ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
last-modified: Tue, 25 Aug 2020 18:00:07 GMT
server: Apache
accept-ranges: bytes
content-length: 2134
content-type: image/png

GET
H2 200 / Show response
whos.amung.us/pingjs/ 31 B
133 B 246ms
231ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=baqdhzvky27z&t=GTA%20Na%20Faixa%20-%20Downloads%2C%20GTA%20III%2C%20GTA%20IV%2C%20GTA%20San%20Andreas%2C%20GTA%20Vice%20City%2C%20GTA%20V&c=s&x=https%3A%2F%2Fgta.nafaixa.com.br%2F&y=&a=-1&d=2.095&v=27&r=6648
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b918c397d1bd14a5cb4ba1bce1f86080b85af823cd0e2372c65044debccb6fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84d67811afb03a88-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H2 200 like_box.php Show response
www.facebook.com/plugins/ Frame 6061 39 KB
15 KB 114ms
107ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=288191814570051&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbdc52e84b756f229%26domain%3Dgta.nafaixa.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgta.nafaixa.com.br%252Ff6b19d235f47fdc9f%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FGtaNaFaixa&locale=pt_BR&sdk=joey&show_faces=true&stream=false&width=260

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=28a24686f3b267ac8d1c8f741f2c710f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd643cb575e4bd00eaafb3ea019dfd1ddd367212e9b8e506522822b0754fb035

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co media.tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co media.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:12 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self)
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=()
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: j5LJnkbNXsbpfPn+KW1yyt3iMTc8pgXrXt6ma0v/SvrE8GSijnglfYbgHM6Yt7lp9Lpx+PuZRCJAUeNGIXN8Sg==
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 406 KB
138 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0997380255145595&plah=gta.nafaixa.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9f4998d0c662df4b67e5fa6d21c96b3db13704267d47579239d9b4d0faccca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140841
x-xss-protection: 0
server: cafe
etag: 11994019322412854905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 38D2 9 KB
5 KB 81ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 14:56:01 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 14:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A476
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

33ms
32ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

658cdad52870fc6477eda8311bc97deebd09ff837968e28e8578a6713b94f981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A476 29 B
495 B 77ms
23ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:55:30 GMT
x-content-type-options: nosniff
age: 342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:10:30 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 93ms
29ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 30 Jan 2024 03:01:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A476 87 KB
40 KB 43ms
40ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fe4c951f0f708ce916e10fcdb3fb82bb8f8e6ab9078bd7905906c33f4083097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40782
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/ Frame A476 117 KB
33 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae389a5daf8a3cf0af4742ede3304801fb55d272726f8fab13254abaef80b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:31:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33854
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 28 Jan 2025 16:31:53 GMT

GET
H2 200 jz7nBWcXoC6PzFPxSGBK-EbGk4-kUqTnoXZXIXcr3eQ.js Show response
www.google.com/js/th/ Frame A476 51 KB
20 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/jz7nBWcXoC6PzFPxSGBK-EbGk4-kUqTnoXZXIXcr3eQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f3ee7056717a02e8fcc53f148604af846c6938fa452a4e7a1765721772bdde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19783
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 22:16:10 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/ipR0bMOmF2o/ Frame A476 43 KB
44 KB 128ms
73ms Image
image/webp 2a00:1450:4001:806::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ipR0bMOmF2o/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5086f345895c2a7c688e209d0b85c3543e9b9c7fbe6787ef4aa70fd384111177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-content-type-options: nosniff
server: sffe
etag: "1637742893"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44352
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 05:01:12 GMT

GET
DATA 200
OK truncated
/ Frame A476 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 81BsrjtKIPRNjdna4O4OAJn5ZCuq6eNoO1auP29WRh0DqrcgL84zNJiULcQ4UgxtBZcyFwRs_A=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A476 2 KB
2 KB 115ms
22ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/81BsrjtKIPRNjdna4O4OAJn5ZCuq6eNoO1auP29WRh0DqrcgL84zNJiULcQ4UgxtBZcyFwRs_A=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fdf75db464a2338a06fada278c7b12a6a809ae573934294f3060436642f7913d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 00:00:48 GMT
x-content-type-options: nosniff
age: 10824
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1892
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 31 Jan 2024 00:00:48 GMT

GET
H2 200 nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame 6061 19 KB
5 KB 132ms
56ms Stylesheet
text/css 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=288191814570051&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbdc52e84b756f229%26domain%3Dgta.nafaixa.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgta.nafaixa.com.br%252Ff6b19d235f47fdc9f%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FGtaNaFaixa&locale=pt_BR&sdk=joey&show_faces=true&stream=false&width=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: o/7VM47+HYG0hT0S5PaW4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5162
x-fb-debug: 6hodcVibmkWKZ9dMGSc+oHzTgnQnDc/lINxIAnXF1IgVKDyl13wMTd3xgT4k9PAWcEkVNyPk2NBuUY458ddxbg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 23 Jan 2025 15:29:10 GMT

GET
H2 200 R1rI9_QXPKe.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 6061 354 KB
92 KB 132ms
56ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/R1rI9_QXPKe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb8829aa29254fcf51588307eaf1626e78ec6daf17d580b2415a527889340f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qEunU9EdsMUffyx3o/MqTg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93736
x-fb-debug: yteh9nwBmO1hMGjmhCDK40sQx8bnSuVzmewxxaTflJ1PJPKOz07jhjAiAJx/YNMbTPIaZYTf/Xe23y7a/HejCA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 28 Jan 2025 23:46:19 GMT

GET
H2 200 8ZrPme2EwKH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 6061 9 KB
3 KB 132ms
56ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/8ZrPme2EwKH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JieWsOvZ3RFDEjZePuauxg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2809
x-fb-debug: ZLGrFbQo3pspKhG45P3rDR1yhPcs14K2iUadBssLVpRwmk6E3x895PpMBSuZCO+rqbUNQgwOIfUfJDUC1L5LQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 25 Jan 2025 17:02:27 GMT

GET
H2 200 ru8zNtgW1u3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 6061 94 KB
28 KB 99ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/ru8zNtgW1u3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xfgcH48ZrXyM9ExSIhREow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27517
x-fb-debug: EVLPPcq+CwRFGXbYWuki/X6+ZnDBRqHfAtuZwxAwIpQ8cwEIwRj1zoJP8rtj4bK12TQkr47X22rH28dTcL4KKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 23 Jan 2025 01:27:28 GMT

GET
H2 200 91fY1Wa8SUF.js Show response
static.xx.fbcdn.net/rsrc.php/v3iM-F4/yU/l/pt_BR/ Frame 6061 107 KB
31 KB 165ms
89ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iM-F4/yU/l/pt_BR/91fY1Wa8SUF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e5b4d1086775f98af3dee9fd1f720c00219cbe61616f93357c11c5b4d9b7726

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IwZKCMb+/wm8ONIxul+sjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 31252
x-fb-debug: AN8+1x4Owhj1b8496IP6AcUtB3WaDBnfIukuFQ2eiqB1UhiBEZOjpPSH3qIt4WVxP05gXp38X4sBsWNKeoXzrg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 25 Jan 2025 03:15:42 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6061 507 B
525 B 99ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: JKPhUQZ/BgllFlo5xqakwxx0U5C+HyWBPjWO15RevZeky0EhyeSbncJ55YnZRNPOU2PvO/Ms++LN8HJ5uCPD4A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 20 Jan 2025 00:46:46 GMT

GET
H2 200 307130141_430463709230738_8636199320995305354_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame 6061 18 KB
19 KB 134ms
133ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/307130141_430463709230738_8636199320995305354_n.jpg?stp=dst-jpg_s261x260&_nc_cat=107&ccb=1-7&_nc_sid=081abc&_nc_ohc=x-Z1sM9fqZgAX9PKNL1&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfDX0fb0sCEXlzom9_WVUx5TzoEhmuejxLptIzIz0PyZjA&oe=65BE37A6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=288191814570051&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbdc52e84b756f229%26domain%3Dgta.nafaixa.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgta.nafaixa.com.br%252Ff6b19d235f47fdc9f%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FGtaNaFaixa&locale=pt_BR&sdk=joey&show_faces=true&stream=false&width=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0356f94bd972d01d4ab4eafac13ec868543806838573942a7e80269721706adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 28 Sep 2022 17:10:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2051287827
thrift_fmhk: GBC2JnH+EqZOvtu3PaSdSABmFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: BerB6leNujdDbFmgIoW7FzVcfBRFU6M5n1YGinJ9ukXOyip9FdX0vLZkNmNX9ziwFibDbMODTm7_WLStVtj4W88olUN99sQSfljEhYvFwlggX8lw6joY738R4Cjo4NScxcsbxAmPf1CkEqOyX0xjjA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 288430358
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 18824

GET
H2 200 306962716_430463712564071_4253911457511785956_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 6061 2 KB
2 KB 147ms
144ms Image
image/jpeg 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/306962716_430463712564071_4253911457511785956_n.jpg?stp=c91.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=BmrEh4tMJnMAX_yC6yr&_nc_ht=scontent.xx&edm=ANSO7JkEAAAA&oh=00_AfAed-p3TNWoPZ4PdqCtAM7FkllmOo-IabLxiEQgxqH-qQ&oe=65BD4E45
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/like_box.php?app_id=288191814570051&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbdc52e84b756f229%26domain%3Dgta.nafaixa.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fgta.nafaixa.com.br%252Ff6b19d235f47fdc9f%26relation%3Dparent.parent&container_width=0&header=true&href=https%3A%2F%2Fwww.facebook.com%2FGtaNaFaixa&locale=pt_BR&sdk=joey&show_faces=true&stream=false&width=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2f4e61946b3d78d43b2d2ea2ae2429597f3fd7084d129c82cf982c97c49b3235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 28 Sep 2022 17:10:33 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3196680917
thrift_fmhk: GBB9Zeh1tRkDGcDvsttoPDipFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: dUPUAigXnLvX0gEOvdiVWnCRbhGutIe708MThNB9Qro2eebilR9CQULocFiixeQAQSXu-jktSwnp7p6kg58EfcEGh32GUVGujf0M8WBVeOfmR0JQP3zGgOa6OawwhBnnVcTgz6pDehFrjPkmmLUseA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3649571450
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1798

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A476 4 KB
2 KB 43ms
34ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 03:01:12 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A67C 723 B
381 B 173ms
173ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&slotname=1625915130&adk=3143226822&adf=1795251393&pi=t.ma~as.1625915130&w=1168&fwrn=4&fwrnh=100&lmt=1706583672&rafmt=1&format=1168x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672599&bpp=2&bdt=604&idt=253&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&correlator=8783238358289&frm=20&pv=2&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=262

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0997380255145595&plah=gta.nafaixa.com.br

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

877192bb794fbc5f97299c8ccb06a7a1cc2fde957931dfa3497888800c0fde38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame A476 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?1c0mzg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/ipR0bMOmF2o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ Frame E82F 138 KB
22 KB 94ms
31ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omural.net/
Origin: https://www.omural.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 756
age: 5170586
cdn-cachedat: 10/31/2023 18:48:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bb359314c1634b80b9d1630ca1b87cdd
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84d6781448e59049-FRA
cdn-requestpullsuccess: True

GET
H2 200 feliz.gif
www.omural.net/mural/emoticons/ Frame E82F 1 KB
1 KB 349ms
345ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.omural.net/mural/emoticons/feliz.gif
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75a04b6f14b73aa716886456a2ed794d4073f02f1c94c3b02812fcfbaeb9c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/mural/Mural.php?Mural=9406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 27 Feb 2013 23:49:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uf92OLvTel08E1Dz5uS8%2F%2B2o2nq1B6I0lLq1TKlNx%2FrfQA%2ByrkJxSAhU3XE1i2fEXrXGlERyVfKgR4bZTBBIth59XayOasiqMjE2axHazB7cCoddMTEsppB5OeBF1ozQL0nXec4zQZ%2FaS6DJbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d67813ea04190d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1085

GET
H2 200 email-decode.min.js Show response
www.omural.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame E82F 1 KB
1 KB 25ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.omural.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/mural/Mural.php?Mural=9406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xorn%2B3AjUqeIG5qsZ8X7Zl9Df%2F5bZGeQu8vsaDgQS1ej3U%2FT3qNyFOsfYQnffFmThzRnq16KwuX1zYHXgsosgbMl3wRlCr5bUYt9G%2FRDbXnzKCNNzpIu13%2FuZK9Z8ai%2BNQd%2FUIFtZMySTdpgXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84d67813ea05190d-FRA
expires: Thu, 01 Feb 2024 03:01:12 GMT

GET
H3 200 vu.php Show response
www.omural.net/ Frame E82F 31 B
608 B 354ms
352ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/vu.php?site=mural.omural.net&icone=11&fonte=&cor=&tamanho=&u=1
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a47bdddbab08875058c0fafcefdf6ce527782293d4a36c6dcd00b3c23e4f6c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/mural/Mural.php?Mural=9406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5za60pMRxzULB8uTosdt6lr93sNwElwJc9u4sR5l9tlTIK%2F%2BsbwmX2blLsCzTCb9OI00YSaznICh72qf0tC9cSZDtF68ktJONKMHMnp2NIn4A63ah3LiI7SMAWkLYYeQ7pi57b7UJyEcjY7fng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 84d678147a7b5b7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 uo.php Show response
www.omural.net/ Frame E82F 395 B
760 B 354ms
350ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/uo.php?site=mural.omural.net&icone=0&fonte=&cor=&tamanho=
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd33a1b080c6df19a48980e9995a211639eddafcb9aa9fe978de436425a7370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/mural/Mural.php?Mural=9406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=po5kCBZbhbArHZbFqWes0AlQSmm5pqxwKuOejXjvBkIwzhiaIMjdqtZHAzfhEwgP6pJnYm8%2BZZPqWqpP2nMTCEMXtkRNxfUTj7ZRvOrCQJDpJgtuLnk8Yg%2FH5TKW5WBjIXaBPRDx89Tp33SQ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 84d678150aa25b7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 small.js Show response
widgets.amung.us/ Frame E82F 8 KB
3 KB 37ms
28ms Script
application/x-javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.amung.us/small.js
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
server: cloudflare
age: 2318
etag: W/"63c04130-2170"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 84d6781519cb3a88-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 31 Jan 2024 02:22:35 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ Frame E82F 68 KB
24 KB 392ms
24ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://www.omural.net/
Origin: https://www.omural.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 11781470
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-etou8220076-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1706583673.490848,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 27871

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ Frame E82F 20 KB
7 KB 356ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omural.net/
Origin: https://www.omural.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 884726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BrUC4SI%2FbGDZMfgVh1c6DqomhZAEmvfitOCT5wOlBdqACgeycmlb8%2BfFYysWiTLtBj7EwshtOwdkl1daPFtcIJmgD4nE5MJaH6VN2qwU2UufztQ2HtpHGngGz8sYc51s2gqYQvXBvmzWEiQrY2zzKf%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84d678171fea2c4e-FRA
expires: Sun, 19 Jan 2025 03:01:13 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ Frame E82F 50 KB
14 KB 33ms
25ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.omural.net/
Origin: https://www.omural.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1048
age: 977918
cdn-cachedat: 10/31/2023 18:58:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b983872be2b8e173ae6e3b564e222f85
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 84d6781519249049-FRA
cdn-requestpullsuccess: True

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 33ms
33ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 30 Jan 2024 03:01:12 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A476 90 B
134 B 38ms
37ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8620d33fe5d5fa5e09f5fbf814677efd2bc21d0e95e336fe88b0ccdb32361db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 78C2 22 KB
10 KB 216ms
216ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=200&slotname=1930719933&adk=3456574893&adf=3772124647&pi=t.ma~as.1930719933&w=200&lmt=1706583672&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672387&bpp=215&bdt=392&idt=585&shv=r20240122&mjsv=m202401240101&ptt=5&saldr=sd&abxe=1&prev_fmts=1168x280&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=846&ady=670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=588

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c18ce042ef6f716d50b38525956b055ec83f7394b41b5c6b60090a6d67c3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 monster_bash.jpg
www.nafaixa.net/Games/aventura/ Frame 4C96 4 KB
4 KB 342ms
342ms Image
image/jpeg 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/aventura/monster_bash.jpg
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1535de29382e81c71d550ef6f61f0419dfbb69585976381fc39951f5828d982e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Thu, 31 May 2007 22:38:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdN7zAUgNmDhkJr5V9b43gOydhxoMBCqUQQjVeZHZyn45cCRowRPfsPbkKZaXMuIpOd89OsJOglFsLSoxsUM0q7Bd%2FWGVbnpUZihIDtNcDnA%2FYAv5RcojqD%2BHdiUGHNfrJfH53jB0MAFATAADCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678143b5b2bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3979

GET
H2 200 trapshoot.gif
www.nafaixa.net/Games/tiro/ Frame 4C96 3 KB
3 KB 344ms
344ms Image
image/gif 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/tiro/trapshoot.gif
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614aa2d4fb5b6db49ca0cbbd331ae121a44501923322c7cb11931cc376ca6e07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Thu, 31 May 2007 22:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InwDvCiRxYo9WgD66mg3K4gzCANjJwxUeGMM0WkmhGI6UmUk%2F%2BaD7a%2BKyTaHNRgHBtjwW1tvXPFgmhktL7RwggOKsnPh1AxW9URAEDU2C6py6T4T3xVqjhgNeZo42x495txNwNRFLUG14S4n%2Bkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678143b5c2bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3060

GET
H2 200 netblazer.jpg
www.nafaixa.net/Games/esporte/ Frame 4C96 3 KB
4 KB 348ms
344ms Image
image/jpeg 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/esporte/netblazer.jpg
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec9d42a1df331fd53f2b5ba74f6cb2182e478f4ae0f2f8fcb6633e919ff6457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Thu, 31 May 2007 22:39:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy8exS0Nk%2Bg%2Bv4pllIazQsvpel0hFja1Gwm7SUrv1g9v78tM7GIrmzgSV%2B1fMq5x8Bpl6tDz8r%2FhpTUfRKPqnP4MVMAzCDuNGRCkMQfbXJFhdrHtNXLnoCaS2QeB%2FiTY%2F74fSrg9FeyqCxCXOQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678147b772bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3554

GET
H2 200 war_terrorist.jpg
www.nafaixa.net/Games/tiro/ Frame 4C96 4 KB
4 KB 349ms
346ms Image
image/jpeg 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/tiro/war_terrorist.jpg
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5108b497104c8deceeb582979e7d1c56e53e34bf87bf8d49f29325e06dcc5e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Fri, 16 Nov 2007 22:54:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K01aqOm%2F6x6%2F79Z0x8%2FCxiGpoMdrwiC6lylmODjFucHekLnX1fw4gvFQf0%2Bnc%2Bav4oLmpPggcjM%2BuA2Qsvm57D2bL9a7cHhwTVxMj9ixdOKSOE619Szy85fdJaRU%2FL4A1Q7SPkoY%2BrxIfvUMYfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678147b782bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4142

GET
H2 200 peixes.gif
www.nafaixa.net/Games/colorir/ Frame 4C96 5 KB
6 KB 352ms
349ms Image
image/gif 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/colorir/peixes.gif
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb2d746b576e5aadcf547a28e44791719ec7560e0f34a22d9fe298fbf7d6683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Fri, 31 Oct 2008 20:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzjYU9LKEPf6giPulmaJRk15JpexcMFsz%2BeHibfFc7%2Bw4YQh1ODgziaB0btPo8STRMr0q1r6xryIyZ6OOr%2FwKHyIXHZPBkqTNlb9R%2B5PkZmjjcbG7qJ6Jrh7lMfeyVYX6sARraOxE9nfN2LKBhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678147b792bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5484

GET
H2 200 harry-e-dinossauros.gif
www.nafaixa.net/Games/colorir/ Frame 4C96 5 KB
5 KB 353ms
350ms Image
image/gif 2606:4700:3036::ac43:8295
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nafaixa.net/Games/colorir/harry-e-dinossauros.gif
Requested by: Host: www.nafaixa.net
URL: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8295 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d817ab56de71bd486482f78ada2901e701061823f70c4524625a5cf6c2b99d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nafaixa.net/v1.2/jogos/listinha-games.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: MISS
last-modified: Fri, 31 Oct 2008 20:24:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qof4zuWt%2Fe0swN2pvWoDYQY1NYDdOsZffg7jK%2BS4PbKtU4SBthytzPpQX1n0cnk4ShqriKOZ59HjOjIjBze3YuMpITYt%2FZIVjnTKuHrnFcJaDDlBwS2gPe2xJbLXbtgmXbdca0wX6kPB%2FzbIU2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84d678147b7a2bfa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5136

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B2C9 134 KB
28 KB 291ms
290ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&adk=1812271804&adf=3025194257&lmt=1706583673&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672623&bpp=4&bdt=628&idt=376&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=1168x280&prev_slotnames=1930719933&nras=1&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=393

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb3f6742973b3e269670d5a0371b0b1816b5951bc6c8a0e1ff3af2591e9a77d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28315
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame A476 50 KB
14 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 30 Jan 2024 10:30:26 GMT

GET
H3 200 ga.js Show response
ssl.google-analytics.com/ Frame E82F 45 KB
17 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 Jan 2024 01:49:54 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4279
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 30 Jan 2024 03:49:54 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6061 573 B
712 B 27ms
25ms Image
image/png 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: drCW06JTX9LDzPRAF/Wnb71N1p/voPp6Q2siN77UygKFNDVUfd3KqJoiJuykhnjF6xgEHpPVdi8zkBN3SWtBsw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Jan 2025 05:05:04 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78C2 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BMhCfV4Cu8hiB3MGT8YlyatU7Q46d8qLfTb4YBO40JgQaWNYG90cAV9jUnw3ThF3kAEW6BVXn6xqeLnlvzftpIMPQlVBbcMlDc-veUmi1AjPTOlMM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=200&slotname=1930719933&adk=3456574893&adf=3772124647&pi=t.ma~as.1930719933&w=200&lmt=1706583672&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672387&bpp=215&bdt=392&idt=585&shv=r20240122&mjsv=m202401240101&ptt=5&saldr=sd&abxe=1&prev_fmts=1168x280&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=846&ady=670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=588

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 78C2 89 KB
31 KB 114ms
112ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 78C2 3 KB
1 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 78C2 20 KB
9 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78C2 205 KB
65 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706532320618808"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9672 624 B
246 B 59ms
58ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNWsDP2KRgzPRnoxi1JMAG5sJK_Y-rpmlConiTvkCK8j2G_XMREQSMkRpA9aet3xWzkhfyngGIDZQ8Z4VAhrulCiffronNzmR7BcpDKaWC9d-F7OyA2odurwyb-_ydIkZzv9FcIe5Us6I2-jrBl_LPE91cstv1yM9xZ38Hn4rTBCrAfzqtU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=200&slotname=1930719933&adk=3456574893&adf=3772124647&pi=t.ma~as.1930719933&w=200&lmt=1706583672&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672387&bpp=215&bdt=392&idt=585&shv=r20240122&mjsv=m202401240101&ptt=5&saldr=sd&abxe=1&prev_fmts=1168x280&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=846&ady=670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=588
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9672
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

43 B
336 B

47ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNWsDP2KRgzPRnoxi1JMAG5sJK_Y-rpmlConiTvkCK8j2G_XMREQSMkRpA9aet3xWzkhfyngGIDZQ8Z4VAhrulCiffronNzmR7BcpDKaWC9d-F7OyA2odurwyb-_ydIkZzv9FcIe5Us6I2-jrBl_LPE91cstv1yM9xZ38Hn4rTBCrAfzqtU
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UwJ9Ww3MUXPEAjiE5sxH%2Fow9SFEsMGfvpUHr0lJGDB8N7ZSqXULowjkdXRTWVXPNemMbRmUfItoKU%2FqmgopIFKa4AIbuzqvgh1HzYZiiPYpQcW6mQgi4OCllxdTatVFq35rsDG47gKE7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d67816baa94516-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9672
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbhmeZyr7swY1V1722FAawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

43 B
769 B

49ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNWsDP2KRgzPRnoxi1JMAG5sJK_Y-rpmlConiTvkCK8j2G_XMREQSMkRpA9aet3xWzkhfyngGIDZQ8Z4VAhrulCiffronNzmR7BcpDKaWC9d-F7OyA2odurwyb-_ydIkZzv9FcIe5Us6I2-jrBl_LPE91cstv1yM9xZ38Hn4rTBCrAfzqtU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70ksJTrj7%2BzC50YPTfzj5tsXhQGrxYihRQOxa3v58eShHHd6Trxz2LOScQ0XwrUz09VKyzEY24FdIL8NrCKzIUWsZfoJfIEcjVRaDfoXPqnS1BgmYXZ%2BoC8zPo5gsh%2FPSMvzblX2TfAL9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d67817896944fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9672
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

43 B
1 KB

31ms
30ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY95z5xgEwAQ&v=APEucNWsDP2KRgzPRnoxi1JMAG5sJK_Y-rpmlConiTvkCK8j2G_XMREQSMkRpA9aet3xWzkhfyngGIDZQ8Z4VAhrulCiffronNzmR7BcpDKaWC9d-F7OyA2odurwyb-_ydIkZzv9FcIe5Us6I2-jrBl_LPE91cstv1yM9xZ38Hn4rTBCrAfzqtU

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
an-x-request-uuid: 0bd3cf22-3b94-4944-bf70-ee4741f30a1f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9672
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
an-x-request-uuid: a6d6a9a6-c451-405a-b228-8e370959d90c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 165 KB
56 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a937604a59ebe72ddb0809c39f077d81622f53828d7bd608b5b718884bf2e90d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57002
x-xss-protection: 0
server: cafe
etag: 71096142806520467
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78C2 0
20 B 75ms
75ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2496562767227&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78C2 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2496562767227&version=m202309260101&ct=76&x=1&cor=213993297965491170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 78C2 103 KB
39 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrmoJ6mJlwakc-3xgZF7QJSFobvGRuNeCEp2xaqS82o84c-dp6YrrhgeUerImPh8gWZz6haPxX1CaTx1xBtoH5WkrALcSyVbP6otXhwgQ0ld5PKDFSpyrhQ_prtTtFXQ2puy3KjTpxtCNlepvxbvPMZvJuIh8hEk84prxlMO9dSXzDtFo&dbm_d=AKAmf-AyLkxVr49BieefdW160GcNsUT3UuauWFWmLUr0XqZSerKhzkOqgNluaxN43gaV_SEoblT_HLNDYlWY-h4j0BTtkfPu-jtdBUow0s22Cqf59V4GKPtUcsfZIW-VGWCqKuKzXw5s6hAeg6KAjBzrGlr-lhLVenq_MUWW0vktFqeu37DSqaKgWM8NHlqRjrMay9qJQtj1tPGDCtMbazhpJXhqAt8Wr8U0VDg0nYi8qkXpA2AmAUcRjXD32g_KlozhbPQEw_xjvJ-hEv-IbwMDppyl4eNK1r26IEz9OlTLRE-diE9H2zYb3T_TX5oSzdiOqZW4ZXRyEe7eodfXnTZM1N8nMfk3bvipGqdP37dTSHMGiE_hddML4Z7cVVHvEzXEP1e9cxkKGxQTh6tJUn3kK_XvI2zc-gVX-1tpt3hGWuv3HHRoYvpvZqYfpFi6NTg1Ipa5XwXZZfmgoI4Ksog_hEWDy2ZP3P7CC1BuSAdXTkZqr9St6duBHjCB1BYZJPeDH7C5SXeKEfTl-1DASsGGDuBlygk52rK2FhwphpE-I7U_VEUAcxMbcjpDPBYtT0n7MXzPTDjd5rql_vDOpMm1kfZtVn1ZUdCsQ_kAE-rd1JrG2rj-cSa14d78pvdtI8BOPCALR1M0vJQcAsFFVZDed5P13TVGCs_XvXLTwY3eDBosvMzCLofIDDyeuh4gLJzMZENFn8PgiUHBDkH5QGRAusaelkHoElYRXkRZSb4v9HyOHDZ22tXBpq_AZTYNySzI57po14ZqcVaTKDQamT1P3QqW8msu_j9AxDgaBSKk-OShDBS9Fr9fvp5T52TK-hQ8MQDvNRvdzMhb6qa6-thbnkN_WUtTmg6nMMg1gJnxhH1kewLHRM22aGuCccXhXXhK2qt6L7BmtaUHGTXLFQkAnjHz3KJAMDp6XUruBqSySxCkp9tdgMpVSGeqI4TpWiQlGFcLsDGczElgj_WUNw36mHe8FDXJaoyR6wpfHZ0QTw2RUxFZObeuUJi2jQ8FqUPTIHdZ6s2q-3phuFtW3qsIlBFOiuQ21_RCWXq_1iAfZtf1eM2fA7BiuwR983mhobKZ9qXrubdmlWKlIFGVbFnhSzvlZisZ0mdXk5HkR4Bs8u8L11j7VLDq_sEYEoJexWms-WG6lsvuiwn7L0bKtqt3uo4UBXVyfp3qTsB-ncCVzltvRngZ5JGiewt-UukHi21p0na3hmp7DJ1_c4OTgYaOD3CFM0geAoR-rGXL39chcP-wl4xCOwW1I8P7FzNkwVbnFevBqMAlzvOjtcM8P9RyUmYM5P9dTil4vZK4nOZIEOuy8r01kHk4CBP2I1lIN8AL-QBi1-68wghcgzR44eh1YMpPS81LywIZk2C7qdu37GhO9X1-hUeftsusu7spnUJ_opLz2fuWlThozOVSZNAO7saAw-Hmo04FrAxAL3EkePFMKezBv0kelwoGW5BDjMxIkRAOtEVTvy4QL2tjH-KM_bdW-ZtF44jnJBriDzfLmOiKHYsTotY-T5FAWgbfyPhziv4loZ-e2PR5MYBCOO6e7SPIkOodmKhBZ_SINvRngtmnH-nRPcZhbyDwWqI1SNeugF85QXWSgGq528D2ZVmCP-9k5DnGGUwp2yoRGJkAhykfBVy6FS0QFU72s4UP1a4uXogWwsjHydDMF4NRtFrVK65yxxUfj5bmKFDnVebAoElH6DBfJlVVH0a4gCRz5xjftE9IQMH31izQzCZDGQCiuyBnO6KQRjh49Hhklt1gQWpn5tj5_28P5XXi6ryH0nOLpAmKk0C3C_t1mzmVbPLSH8eyHy0FpOuPoW4QQ60iGyYr2wkemhVOLln4SPwzEth-TzRNTlrVoMRX8tJCVUrtDNhFdd21KfIZrSL7A_1Iv8FEEYImk8VTceDSLUkRP2T54G4HOWgY4TQnSj5LEbERPF4i42gf6QAgmhYtn9U2Umd1c3QBlu55_KXh85bUwxtdlElNLPQQcjZYYoENI4jMsdzR_nJ6F4NATo7fkccmQ1aFk-zWSw2lAGYzAsiuWDtCNStPCe1eOq3HBeLJLkRRI8jfre9JaY7UEsdOYVsE6Oj-Zrx4okWEkWlIzKWKtoOILlkhpikODMm72DZceWSoYA8O2n9EDNMymt375R7eZ3L_iD7ZaXxyA8QJuQrtWgZS4q260Wm4-lsELFFVpgOeQzLh1UVj5OPiVnu0qstBs7vcEUuz4GMhEeOUNa6Ppi0gRuT6uEJOBT0tmJyn8rVCQ5ipXJZ85rFpYQldx0bqNjE7VVN6XWr90pmCHmLUCzD1XQaDkvjkI6jUwDg-1Yh8HHUXO6WRG_7SxARAU3vF7rtt7LSBNAtvsMjI2PL78dCEAF-38KuyHW4G6ZT9-qmiFPZjySzx6yZmJ2IG9hB38pIPkbEBNcnIDFcGbKs1gR7usYs_QEmxHteR6MA2tchgPLuHlAi29Da2qXRqQZmqLpAMQHDWX-ycrA2_8ZEEDGendTF1eYb-wlq1MtR2lMuy3ItQ5EwQXFSQA2cbqJGgyuMKFOyR_8WkC-1VkRStDpfqlq14AvfMD7Lz6RNjxwWddOEGnetvqSGwA7syiwf1xH4_i1-sbIXniQmGM2xpFuXn95yqe2oFZrKagP7NG3fvOEE4eHvsV8Qmk8FcLAfxzJNpTE-J6PA-1kKj503E1B2kjkzF4rQ7wf0cqVGcnvgGJRJkKUL69GNcjUTYMYfkBQj3Zei1qybQVscAF6gEcGcLF1FO7W4ndVimhFhqFfqjMXY-fZOA-G4F992lwbezUXuGKvo2ExK_TVu9-Krtjnxu6a5lPBQBP09-o54ZZchh9gtijKjmEPPL8di0e5A8WU7WxsGBYSUGgdCF1PYnkeV-Sw4VFfYwBp3dorUAy9zKaJsDTgc6u9vXXJU0kCw4T3ZdINyrKTvPvl0UHkkB42cvX5vRdUHcEdqJ1y_VnRBpRzO6ZL9jSaGhpMgjIrlfOUec37UcxaC3sM0gNjUDqCHiHmhWyNm4qjkJwGXdGW3DLj4eNOJ09V58UpdQa_IODKOGBrYwuLo_v50pHWFYDrI6PLhTuxm5lQoM9qeMl9gbtNLZYTRqfTjImLy6uPWQoWA4CV0dXE_wxJu3xs2Sd5ZUK2GZ2IS8bMD-8169VFoaVWQyQNLABj9CPO1VFd3pazkk2BYEIi75Mf12q2UYUABWJol1Moen2q0i0rurhKBVEkAwfxDPzao6Ie_hDhG8JE7-BvWvzwc95a1Q5di2QoDZ8xbVj3wwmCqEGQSYaVqL9kzCYfLyih_rIzem4HgjMmbRzSIaPwuwUFKlZB6SRtdzzE3qFwAduz-GWHCw5Tf7AISj_WGeAqt-QvHEcGBRybiGY7cu6YYeJTbexojQEXlNuceh_oxTIsGG5qGKV31_kwKI41_aHzaSEOuCRqLN8jcnjzv7MJkwBPoYXfplJjMWSbQIAjcL92IsAlc9YKfhyQWfyvFGlxT3w-NAdKBiJUOu39Ph21Wc-BQaOfy9Y7t2slMwv_rqrCutRX552rNv_T2pwRQ0TcvMz-ZdBqx74DAmMBHLrnpzPcZ3tqV83loTBE_6CRxot04DhCkaHNO_SxeUcXL0jb1t9BQ32PnEQBN13vm_3Z27T7RBVuyv7CeqajbIbSNmb3d89Ep44l2MKJMZzjuAUaHE2tk0_a926KiWn5rX-PRd-w73WyfGhZZwlpngo9fQjp9lkzZb2_wnydc0QwXYaQ&cid=CAQSTgAvHhf_pSrjwG-2H0XIKQQfbvJNJ3AfPacNA9MlLMIXdrEd-qjzpXZL4KcTeHG7PGJ3keyk3HB1y7S1Y0ptmfaK3qU9RET_EI9KlUw7XhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=213993297965491170&adk=2857193499&idt=134&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c485a9d427f24da84e50327e7fc83cc48983f84fa8db2810bec29eb7dbd8da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=200&slotname=1930719933&adk=3456574893&adf=3772124647&pi=t.ma~as.1930719933&w=200&lmt=1706583672&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583672387&bpp=215&bdt=392&idt=585&shv=r20240122&mjsv=m202401240101&ptt=5&saldr=sd&abxe=1&prev_fmts=1168x280&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=846&ady=670&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=588
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F67E 104 KB
44 KB 183ms
178ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d5c4c66767efc5b6ebf27ca0b7594fe62ace64911b312bbfd6dade384f7c3aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 44786
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 9B69 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 9CD7 9 KB
4 KB 32ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame C86F 9 KB
4 KB 34ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Mon, 12 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 78C2 172 KB
61 KB 73ms
19ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 78C2 12 KB
4 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrmoJ6mJlwakc-3xgZF7QJSFobvGRuNeCEp2xaqS82o84c-dp6YrrhgeUerImPh8gWZz6haPxX1CaTx1xBtoH5WkrALcSyVbP6otXhwgQ0ld5PKDFSpyrhQ_prtTtFXQ2puy3KjTpxtCNlepvxbvPMZvJuIh8hEk84prxlMO9dSXzDtFo&dbm_d=AKAmf-AyLkxVr49BieefdW160GcNsUT3UuauWFWmLUr0XqZSerKhzkOqgNluaxN43gaV_SEoblT_HLNDYlWY-h4j0BTtkfPu-jtdBUow0s22Cqf59V4GKPtUcsfZIW-VGWCqKuKzXw5s6hAeg6KAjBzrGlr-lhLVenq_MUWW0vktFqeu37DSqaKgWM8NHlqRjrMay9qJQtj1tPGDCtMbazhpJXhqAt8Wr8U0VDg0nYi8qkXpA2AmAUcRjXD32g_KlozhbPQEw_xjvJ-hEv-IbwMDppyl4eNK1r26IEz9OlTLRE-diE9H2zYb3T_TX5oSzdiOqZW4ZXRyEe7eodfXnTZM1N8nMfk3bvipGqdP37dTSHMGiE_hddML4Z7cVVHvEzXEP1e9cxkKGxQTh6tJUn3kK_XvI2zc-gVX-1tpt3hGWuv3HHRoYvpvZqYfpFi6NTg1Ipa5XwXZZfmgoI4Ksog_hEWDy2ZP3P7CC1BuSAdXTkZqr9St6duBHjCB1BYZJPeDH7C5SXeKEfTl-1DASsGGDuBlygk52rK2FhwphpE-I7U_VEUAcxMbcjpDPBYtT0n7MXzPTDjd5rql_vDOpMm1kfZtVn1ZUdCsQ_kAE-rd1JrG2rj-cSa14d78pvdtI8BOPCALR1M0vJQcAsFFVZDed5P13TVGCs_XvXLTwY3eDBosvMzCLofIDDyeuh4gLJzMZENFn8PgiUHBDkH5QGRAusaelkHoElYRXkRZSb4v9HyOHDZ22tXBpq_AZTYNySzI57po14ZqcVaTKDQamT1P3QqW8msu_j9AxDgaBSKk-OShDBS9Fr9fvp5T52TK-hQ8MQDvNRvdzMhb6qa6-thbnkN_WUtTmg6nMMg1gJnxhH1kewLHRM22aGuCccXhXXhK2qt6L7BmtaUHGTXLFQkAnjHz3KJAMDp6XUruBqSySxCkp9tdgMpVSGeqI4TpWiQlGFcLsDGczElgj_WUNw36mHe8FDXJaoyR6wpfHZ0QTw2RUxFZObeuUJi2jQ8FqUPTIHdZ6s2q-3phuFtW3qsIlBFOiuQ21_RCWXq_1iAfZtf1eM2fA7BiuwR983mhobKZ9qXrubdmlWKlIFGVbFnhSzvlZisZ0mdXk5HkR4Bs8u8L11j7VLDq_sEYEoJexWms-WG6lsvuiwn7L0bKtqt3uo4UBXVyfp3qTsB-ncCVzltvRngZ5JGiewt-UukHi21p0na3hmp7DJ1_c4OTgYaOD3CFM0geAoR-rGXL39chcP-wl4xCOwW1I8P7FzNkwVbnFevBqMAlzvOjtcM8P9RyUmYM5P9dTil4vZK4nOZIEOuy8r01kHk4CBP2I1lIN8AL-QBi1-68wghcgzR44eh1YMpPS81LywIZk2C7qdu37GhO9X1-hUeftsusu7spnUJ_opLz2fuWlThozOVSZNAO7saAw-Hmo04FrAxAL3EkePFMKezBv0kelwoGW5BDjMxIkRAOtEVTvy4QL2tjH-KM_bdW-ZtF44jnJBriDzfLmOiKHYsTotY-T5FAWgbfyPhziv4loZ-e2PR5MYBCOO6e7SPIkOodmKhBZ_SINvRngtmnH-nRPcZhbyDwWqI1SNeugF85QXWSgGq528D2ZVmCP-9k5DnGGUwp2yoRGJkAhykfBVy6FS0QFU72s4UP1a4uXogWwsjHydDMF4NRtFrVK65yxxUfj5bmKFDnVebAoElH6DBfJlVVH0a4gCRz5xjftE9IQMH31izQzCZDGQCiuyBnO6KQRjh49Hhklt1gQWpn5tj5_28P5XXi6ryH0nOLpAmKk0C3C_t1mzmVbPLSH8eyHy0FpOuPoW4QQ60iGyYr2wkemhVOLln4SPwzEth-TzRNTlrVoMRX8tJCVUrtDNhFdd21KfIZrSL7A_1Iv8FEEYImk8VTceDSLUkRP2T54G4HOWgY4TQnSj5LEbERPF4i42gf6QAgmhYtn9U2Umd1c3QBlu55_KXh85bUwxtdlElNLPQQcjZYYoENI4jMsdzR_nJ6F4NATo7fkccmQ1aFk-zWSw2lAGYzAsiuWDtCNStPCe1eOq3HBeLJLkRRI8jfre9JaY7UEsdOYVsE6Oj-Zrx4okWEkWlIzKWKtoOILlkhpikODMm72DZceWSoYA8O2n9EDNMymt375R7eZ3L_iD7ZaXxyA8QJuQrtWgZS4q260Wm4-lsELFFVpgOeQzLh1UVj5OPiVnu0qstBs7vcEUuz4GMhEeOUNa6Ppi0gRuT6uEJOBT0tmJyn8rVCQ5ipXJZ85rFpYQldx0bqNjE7VVN6XWr90pmCHmLUCzD1XQaDkvjkI6jUwDg-1Yh8HHUXO6WRG_7SxARAU3vF7rtt7LSBNAtvsMjI2PL78dCEAF-38KuyHW4G6ZT9-qmiFPZjySzx6yZmJ2IG9hB38pIPkbEBNcnIDFcGbKs1gR7usYs_QEmxHteR6MA2tchgPLuHlAi29Da2qXRqQZmqLpAMQHDWX-ycrA2_8ZEEDGendTF1eYb-wlq1MtR2lMuy3ItQ5EwQXFSQA2cbqJGgyuMKFOyR_8WkC-1VkRStDpfqlq14AvfMD7Lz6RNjxwWddOEGnetvqSGwA7syiwf1xH4_i1-sbIXniQmGM2xpFuXn95yqe2oFZrKagP7NG3fvOEE4eHvsV8Qmk8FcLAfxzJNpTE-J6PA-1kKj503E1B2kjkzF4rQ7wf0cqVGcnvgGJRJkKUL69GNcjUTYMYfkBQj3Zei1qybQVscAF6gEcGcLF1FO7W4ndVimhFhqFfqjMXY-fZOA-G4F992lwbezUXuGKvo2ExK_TVu9-Krtjnxu6a5lPBQBP09-o54ZZchh9gtijKjmEPPL8di0e5A8WU7WxsGBYSUGgdCF1PYnkeV-Sw4VFfYwBp3dorUAy9zKaJsDTgc6u9vXXJU0kCw4T3ZdINyrKTvPvl0UHkkB42cvX5vRdUHcEdqJ1y_VnRBpRzO6ZL9jSaGhpMgjIrlfOUec37UcxaC3sM0gNjUDqCHiHmhWyNm4qjkJwGXdGW3DLj4eNOJ09V58UpdQa_IODKOGBrYwuLo_v50pHWFYDrI6PLhTuxm5lQoM9qeMl9gbtNLZYTRqfTjImLy6uPWQoWA4CV0dXE_wxJu3xs2Sd5ZUK2GZ2IS8bMD-8169VFoaVWQyQNLABj9CPO1VFd3pazkk2BYEIi75Mf12q2UYUABWJol1Moen2q0i0rurhKBVEkAwfxDPzao6Ie_hDhG8JE7-BvWvzwc95a1Q5di2QoDZ8xbVj3wwmCqEGQSYaVqL9kzCYfLyih_rIzem4HgjMmbRzSIaPwuwUFKlZB6SRtdzzE3qFwAduz-GWHCw5Tf7AISj_WGeAqt-QvHEcGBRybiGY7cu6YYeJTbexojQEXlNuceh_oxTIsGG5qGKV31_kwKI41_aHzaSEOuCRqLN8jcnjzv7MJkwBPoYXfplJjMWSbQIAjcL92IsAlc9YKfhyQWfyvFGlxT3w-NAdKBiJUOu39Ph21Wc-BQaOfy9Y7t2slMwv_rqrCutRX552rNv_T2pwRQ0TcvMz-ZdBqx74DAmMBHLrnpzPcZ3tqV83loTBE_6CRxot04DhCkaHNO_SxeUcXL0jb1t9BQ32PnEQBN13vm_3Z27T7RBVuyv7CeqajbIbSNmb3d89Ep44l2MKJMZzjuAUaHE2tk0_a926KiWn5rX-PRd-w73WyfGhZZwlpngo9fQjp9lkzZb2_wnydc0QwXYaQ&cid=CAQSTgAvHhf_pSrjwG-2H0XIKQQfbvJNJ3AfPacNA9MlLMIXdrEd-qjzpXZL4KcTeHG7PGJ3keyk3HB1y7S1Y0ptmfaK3qU9RET_EI9KlUw7XhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=213993297965491170&adk=2857193499&idt=134&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 20:48:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 78C2 31 KB
12 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 01:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:45:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 78C2 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 400016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
DATA 200
OK truncated
/ Frame 78C2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b52efab6a7855cb6ceee71703a275e77807ddc0928c0daf70be9fd13a555da40

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 77F1 624 B
245 B 73ms
70ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNV80x8Vz71Z2kXLPsFsbhEHESUh0YtTisof0TRJDYRL3cryFAJcNKsRhAEdS2L4Jooax8_0_LJWXyb4m9Fmv7ov7y0rVxhruSmiy35JLtX85VWdNyt9ob-9baaVjX7QHXvybe-F5E5TTo6LA_4RaMV6SZ0AV8Lkedd68v7wBc_iliV4cKc

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 90F6 89 KB
31 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 90F6
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77875697/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015808167&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
481 B

141ms
33ms

Image
image/gif

2600:9000:238d:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:238d:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 4267891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: jeFVZk95DoV3uOW3ldPxYybQD7YqbegxClvFiF3FN8ZtQTDjwtUjyg==

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: nginx
x-server-name: app31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 90F6 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:06:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 90F6 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 90F6 205 KB
62 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:15:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90F6 42 B
63 B 78ms
75ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cr7LyxHEnI6QZ6Gwv6ttDrIa42piMAeWWMtP9h97INpmXivHNoELDyK4fNH8bsNVTxGR0mRxK28P0TzWJwhCk2DMOYE2PnKufB4DmRNmhBkuw3-FM

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 55C4 640 B
265 B 72ms
72ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7B21 89 KB
31 KB 137ms
137ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 7B21
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77875697/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015808167&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
479 B

179ms
32ms

Image
image/gif

2600:9000:238d:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:238d:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 4267891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: IVv6MchYJuOucq8neow6br9oZTbtpG89_Hr6sU699VfM0p5x9pHyOg==

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: nginx
x-server-name: app09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7B21 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:06:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 7B21 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7B21 205 KB
62 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:15:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B21 42 B
63 B 65ms
64ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Busi7h48tRCj0Q8HLLWyIIhwBxBYrfVgd4731C_EOz_PkD3jieirHc3umGJ0zJi62oC7QXXxqrz6TSYdx2fl8nCrwsoIx_clRXocGRLOYCcBNBstw

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5D87 640 B
265 B 67ms
63ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 82A9 89 KB
31 KB 121ms
118ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 82A9
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77840789/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015465496&ias_pubId=pub-0997380255145595&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
481 B

159ms
31ms

Image
image/gif

2600:9000:238d:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:238d:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 490623df85c571a18ba7da1511cc969e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 4267891
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: apdurjWwLSQtQCvTIaAW3l9Upxh0CqYs9eXAc0xKXeYadI0jBjbPiQ==

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: nginx
x-server-name: app36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 82A9 3 KB
1 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:06:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 82A9 20 KB
8 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 82A9 205 KB
62 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:15:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:15:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A9 42 B
63 B 65ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ag-OUyvAMNVn81ZUmhG-Z-Cx-C24eca29G1EYTJRGIxrASKU88CSUpBF3feIERLzERWcZudzMRYc1eoqtXjXK5GafvTauHQ74xJoyeLdcgou5R0Y0

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.omural.net/online/ Frame FF82 566 B
828 B 153ms
150ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/online/?site=mural.omural.net
Requested by: Host: www.omural.net
URL: https://www.omural.net/uo.php?site=mural.omural.net&icone=0&fonte=&cor=&tamanho=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1523ba9db7cf2cd353fb51f0aff63a09854414b225565dee2c4cf8e46458faf4

Request headers

Referer: https://www.omural.net/mural/Mural.php?Mural=9406
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d67817cb2e5b7a-FRA
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI39i%2BVrmGcHUqQ6uxY7tGygSqYiehrFUGtiZQmlRN08EqnFQ5IqfrazksMYaClEno8aX7N%2BMEwKBiadMfDgyD8qWCZVjK3h62DQLBFaHnxKoT1syarKy4FGLCNgX7jQhyL2uzSwfz42onQlcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 uo.php Show response
www.omural.net/ Frame E82F 395 B
760 B 147ms
146ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/uo.php?site=mural.omural.net&icone=0&fonte=&cor=&tamanho=
Requested by: Host: www.omural.net
URL: https://www.omural.net/mural/Mural.php?Mural=9406
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd33a1b080c6df19a48980e9995a211639eddafcb9aa9fe978de436425a7370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/mural/Mural.php?Mural=9406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLElBh57UlLggpVryiKSm3P6fzfiJo5mRIzE8MgHLYvl4QUwcfl%2FyT%2BUCZv9hnooFEJX82VxAjhYaz2hqEdz%2BTzkoqpXyJxlTPIEFd8Wob7dyfjlZ3t9klrLvu6lCeqrXJNJPckTeXPXw%2FYhuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=iso-8859-1
cache-control: no-store, no-cache, must-revalidate
cf-ray: 84d67817cb2f5b7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BF06 38 KB
13 KB 36ms
32ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:46:45 GMT
expires: Tue, 28 Jan 2025 17:46:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9813938113422845581/ Frame 55CB 673 B
437 B 97ms
36ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e67e70d58e851d3719d900b523047c2eaf4b4c5c4d15dcf2392fdb2f2fd38ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 408
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Wed, 29 Jan 2025 03:01:13 GMT
last-modified: Thu, 25 Jan 2024 09:58:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 78C2 0
0 171ms
62ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsum7mvOSMkYHvnB_TCarp9vRDiy0vy04pQOg-el8V2jTkctJtl1wTnjteEM9QPdkFwwS2ldigH3nEUh2UrAqR1rBL1Bl5KTx1bfcVMBykNH_MCuihnhMqABBX7g6oExXGL4otUXLR7p3MIUqqsovG6QRleKhFJQNiUComs_Q1urtizJbHclStOcjlKo3Zg2xwgSFV3UePAMmi_oNkO6WYu42F1vj6Ij8SeovZqeU3NmHsKda8OQ7N7ji0aoh5r-I0uB8u6A2TCyDmMlidE6zsSyDSIZpz8wZlbJH13xaIYcBptEjlLBcQKT6xXRfwlxFqSZvR9OkZ8XAv4haZJaVneqVis60uTtH3on02oZIn1YNLZJVAssUaY7KTaZyzD9Q8cCc4DiBrOaZap6DhArPT8kDD4-wPUM4IxKzssp0t2IOVMKBk0VwImvGQQbpR2JJc0FJ-rUMt3L9YUQ1vp0kVHw8sO56hw7rTqrCRgnwXii0FPgL28FsmeyIskIZwqUq78HSAu2XrOmM11GYskIfFWphMwpEOssWm-u0g5oZeSfcjOEK-ubuLwP2VZm384XAPyvfHXLwnTeCY1CXk3EMMFeVtlicg6uvyo0U_fNdQFybpiKw4s0cwaB1qvbyVfAv6Z4at2ZPUUE79S4bx6oxhJESgJ93JRSn3JPH9CFkENBQOvFMQGZc9ANgV3QSLaJJBGedTJ0Swv5Z0V_ObFjAhmIh1OhDOwIc_h7oDIpaUxRj0sn47Y8d052gIzPqm6s1oauf6g_go25xdz51lv8IGNkfju41EyXcF6G-WmMUiqXNJXQzMTh-yzIo3MW8F095i3WOtkDJWRsmyYqDusEbuaXVFcOnZ6ZdVaiFZBTarY2e96fVi8mpZRwe5ujJI5u_-B1PPGCnhnmMTD2bMKv315FSbACaZLjg3DQOaVD8IhSkVhpmBJZlutDTAAVD-6fhIcGrOZFr7xS8GmF7BpL8UZRXBDO3-gPLEqfWiSVQzdtfPRbX4LICgbt6XVedU222Ab4sZg_5dBBt5Ob8dxqXRpOMJvEQDYspS_VUgYEHBO-VDm9s0IcGl_RrRin88GVzswwZ5a-3b8LqS6htTpltwuCTCKYrOyRaQrrC644sVk8lL_hVcYPaW8Zsa_2UMXk8snufwTRgC09D1Az9RHhwp3u2S0S-niiw1QRc4uPfzW8OyqgsTQbZRB4L6jJycz-Lu9MQUlM2WCKWoPhe3s7WIDhuOJeYSZY95lZFEmnk7x5SuWU0TX1d22Qz0eB7UVEcFJY6YFqELgi-o_tgfXGIP7FyYg1ZfMeOKvXbnCs6WPn35g-Ivj01eHtoHQDf88cyB1uHSyDEJ_2W_AUI55wmiw&sai=AMfl-YT6iN2ObPd-33MkeGlClAmmx1P5uqFpFkbaRYFEo17_wIyDO5u1YE0O8ipA5cKaLLuHJa3bfijJq8oOempPkEoEKXaIWa6-7YjJ8UkwzK4H3jv17MwEytOjrAwNofln-PVfk-De5zhk7JhCoTXe8oSnVVJp-8HhykxSnST2iJTgU4K8dMd7cFFgw2l4IgbvGqdg8RdZY_p35pF1GqgO538n7OL0jkKWoCP33J8J21PAlKp8oU0hstQ6n7_dB30XlLK56BxAHK1qgGvuZKr7M7xPqly2wM4ReCn2yA&sig=Cg0ArKJSzFPtkdWdvG67EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=124&cbvp=1&cstd=119&cisv=r20240122.50189&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A1D2 466 B
238 B 85ms
67ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRink82DAjAB&v=APEucNUeztflnZK5JpsrUEMYmKVNyp9qFWgzwOctJj-eWM2dkjOewu7zbvzvI8P4N-xH-_yBrXnXLSZIXPMfkD83H51SpcEyZXAHZZdXNsldguBq7FB-tqNpnhIBXhxPWIbbJTvOy0q8_1U43sHcOi1OLNcfJU9D1fUaGFMHRPeHt-eJbvYrSx8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Tue, 30 Jan 2024 03:01:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame BFB5 23 KB
9 KB 36ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 10:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 10:23:48 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame BFB5 8 KB
3 KB 35ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:24:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 16:24:31 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BFB5 0
0 255ms
67ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstJJwM119uKLAm8SYcr5l3XzkohPSWJEkdoIXbspxvp3tXL77I8y3bXPRAK2JNE3ZtioNtNq4vV12jydFKfHBB_qSVj7lIZhNV1USCP17UiOKn_zIPCNEFhcB1XRPMcLlp3-X8xLkXhlox-zn30dr7u-ZxkN0HmNLRk4YMuwGqEnsNd9UojMY7oQ7jh6m8SCt1DHWWKL_FctbDjmosfNgnOFFwYwrss-PUpI9au9ta6NahLUW0CEPl9_SaTctiaaFGbIqX0Bg423iM3pp8fEf9qOYCLRHTDWCpbV0xTLa1Zu4v2gTFXiDDHrS59L-mb4zAigbDuhBzQtIi8f0KfKHXv-IUSDyyTz1GT1RBlWjesp-SkBT7TZnR2X0lKQkr4BHt2OQ0mgPejlc3iKPPxzrZfL8p7c0axJFlLMufIJeKjrhkDj3iVhLNCS166pEwV2UFr9AvQuUVvHMo9tTsZuPoeHgAeikRxKpsDswZz0WQYKCERZKLzgY9HFX0JqOdjmuJSDzLIOY4P_QGv6Y9oYl8yH1o1ELLa3Y47aMaqhZavlntOxQjy0-9y9X6VIaATcDugl2zVgwxOm8fR15gKJ3mkuFDQD8uypHdy_Us-g6H1OegFXnArOeZY4068VYXSBbAPjPWIyu9zQF7eCvxc2ZpObAnrjA1iO7-jbCYjFjHRHbOat9Ra0uMotnrRDeNtov1ecuGh3ZYPGj3wPJj6QGVTYNWNXPVYRyDTesd835V9_VkdV9_yyXodvu08SKkri_EseIDg0eh5ckdSayijNcFM0NnQ2riAupn92AN-itXnOlZXXU0SR2R5wFUIxDmbEWvxAj1nk8tMJgXFx64StFMfw9UJ5t_53XLMi_Z903rUBVAb8Kul-ftYV9aqxZsPNgRDinyJOjPyihX6KMW_IKN4Tin2hdFjOyS9xRvEhoUkWFhsFAqYwJ8g6pk0EfdujDxeGZvsLdvW0-f5V30a9k7bGHcTYPDz30ZqAGSK-EoRZcvUgJPDWBS0R7DAgk5v4tzLTFyLhSfaVS2QtB2n8vrNOX-IGdDDgaMW_BdQIgWcD7gEkEGgG6vBvwkcqmJnGCQ7lzxv8rEqaIWbU6h7tAu0jGoYmpbcjRjOmO3gv-pQdjBb03n-QA13hvjOpTMzwrwyaCggnM34Z_CICk3XewWLWvpXkXDQqiNUNr3Iw2qUQ2iKK61UvKMDnqBvdSYz40ewuY2gGrLYZUzoCRRk0ZeY_-Wft093KL0VC8PRej1gyqeOP0yifpxBYuQ2DappUMhP_Y3fOuE2BM1YDpZX-NQgCpHc4vSLz2liJ44C&sai=AMfl-YR4jZeeCllQsJG4BVUvFk9OM6RzWxdGe8jD15JAT5094iEhMoZElhFuLThinGog1Ex5h7-Fy-Ksix6MA1bp-ck2qXKb6AuTFsnyyqjC4U_-Xk6n6OW4WJyxnOL4rEi36PpEpzIPRsm8LS5rQ4QxM6le-6jC5tRxrS9bucyo7WIloakKBzhHpp1Yloq5ATBxjfvO_QpSiJyD-qgrh7doDm1If20AooM5oW94sUkFxBfC34JM1nX05EN7RixCZH5e0k5GC_FGEidNZU-yOMyf9gzmBr8JZGy-AJ5M2WK0qsI2ZLVE5F6G3VjAqLi8fp3cEIRzsqTnXyoaEMjJ3slcv9FiC9rThtSukDHrjQNuql-vmYTcRUzn8CapTyVC0H7ZZRIk6TZAzfxMJfMWFyqmK3cxtLldgO2fgGGOxSa7&sig=Cg0ArKJSzET_x8Ff48LrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nc2dodC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20240122.88366&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BFB5 41 KB
14 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 400016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BFB5 3 KB
1 KB 33ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 21:06:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3F84 1 KB
643 B 36ms
25ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame BFB5 20 KB
8 KB 34ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 23:41:57 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFB5 205 KB
65 KB 44ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706532320618808"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFB5 42 B
63 B 67ms
57ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNnWCNyEkiCpJT4z1ZjSI6IhvKGsbEPSJrsZ08wuE6G74Ebb5mUb0Sm-Jt9TT-1FtVJyNpNCXB05jc4bT9hf3dUt3FeS8m9L00TmUTc2_PBhouY_Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 8929810551118474425
s0.2mdn.net/simgad/ Frame BFB5 122 KB
122 KB 54ms
29ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8929810551118474425

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2b52b71e5e53c942d4bfad7d3ffa9852252da9f311dcec8d8369dfb156b4c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 17:12:35 GMT
date: Mon, 29 Jan 2024 17:12:35 GMT
x-content-type-options: nosniff
age: 35318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125053
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 08:34:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 77F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

43 B
740 B

56ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNV80x8Vz71Z2kXLPsFsbhEHESUh0YtTisof0TRJDYRL3cryFAJcNKsRhAEdS2L4Jooax8_0_LJWXyb4m9Fmv7ov7y0rVxhruSmiy35JLtX85VWdNyt9ob-9baaVjX7QHXvybe-F5E5TTo6LA_4RaMV6SZ0AV8Lkedd68v7wBc_iliV4cKc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZGd%2Fntux7dq%2BWURYPNK1t3WeZ0ZWC3QNlNsnd4VeVm%2F%2B88YgPVN%2FHgcZw2hZOt%2BIbVCku6iyMb8Qv15Dn3i6Z0j1Z2PQeFCkx7%2FlCHeY%2FoyxZW%2B81Ml1NNYyLKynshW63ytGX5g6VCxhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d678188a2944fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 77F1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbhmeZyr7swY1V1722FAawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1

43 B
728 B

53ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNV80x8Vz71Z2kXLPsFsbhEHESUh0YtTisof0TRJDYRL3cryFAJcNKsRhAEdS2L4Jooax8_0_LJWXyb4m9Fmv7ov7y0rVxhruSmiy35JLtX85VWdNyt9ob-9baaVjX7QHXvybe-F5E5TTo6LA_4RaMV6SZ0AV8Lkedd68v7wBc_iliV4cKc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSDEoCEplqTZC9SjTEC8LbfPgZ1gbHY3IEbnLHdvwBXKsm5q108LzVHnJMignLZiJexAVqQawUfkWrn6YmdzP1w9k8bIpzLUOrIljsQWCNLRFAmkNr6dle9sZFtSQYvegbV9s1t22kPwKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d67818da7544fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECUyzzBeYxpetRFwP1ZYmuA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 77F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

43 B
1 KB

46ms
29ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNV80x8Vz71Z2kXLPsFsbhEHESUh0YtTisof0TRJDYRL3cryFAJcNKsRhAEdS2L4Jooax8_0_LJWXyb4m9Fmv7ov7y0rVxhruSmiy35JLtX85VWdNyt9ob-9baaVjX7QHXvybe-F5E5TTo6LA_4RaMV6SZ0AV8Lkedd68v7wBc_iliV4cKc

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
an-x-request-uuid: b31d88cb-e660-4b35-992e-dfd48b721b6d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHPxNabnfCGpChLEKpSdK0E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77F1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

170 B
188 B

34ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
an-x-request-uuid: 12608641-546a-4bcc-aa1c-e45fa71de91e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ1OTM1NTM2Mzc0NjMxNzg1Nw%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BF06 39 KB
15 KB 38ms
33ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90F6 0
20 B 55ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2765487593934&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90F6 0
20 B 58ms
54ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2765487593934&version=m202309260101&ct=76&x=1&cor=15439319867648610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 90F6 93 KB
38 KB 68ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG_F2l6PpSldMLTwrlf207IvM2qMzH3gdyCgMydIAExuKtWqI9-iuYHZ31ULzNQ7pVlEQgCID71f94oWL9Atd7v6b0dOgDvdcGEnzJ2wPA-D9uu9zUVB7b8LJX_BXPKokc965GiQdoQQrV3ymUEugcqBztA87RN9dHVmUoTPnyngeDPzQ&dbm_d=AKAmf-DyMaqAjODpXUrWKVgOnS8kkTLwU9ii8VYDhqq7enPKXTBfKqHuG2M3HmWC2PqeIjcfNTyAUhj2q95_aY9mjXDQNTAuxZlfr9hmzxsZlunrpQIxMc1ZHdQkiyKxqS1Vz2ZRlmdaG8rD_RtgJ6rSSWytpcD5r3jdxt0hPA4pZ9eabT4yFMNDxoUV1tL-WlllsOnSKyQMLvIz5VkF7rEw66BxUJZ7TvyNJjbVbAhcSs7tzNZLzbvkKABq75FbDC7v32zsVde_hsGkmzyXQX5TaD--aHfa32eFwlZxBhJF82QR0kJ9cQ3HCPOTTCmsMGXf_tSPA0-vxzxiQO57OnpcqhZ_swmUKHZEvJmM7c2QYreegTg9-_HCVShc15qaPDowe41GFH_J_9dPJVh9ewFnJ3dgffXiGMPJt_C88b1J6HmUIFrLLkAo2kLtVHcSdiOBF3ASQJJoM0qMUpff_mCQQMf-GrfoF_DjO3lv_dA0EufijPthDNpItu-2ke2EULaddSZRGcA54anAgzUNX1qIct5EORtkZrHDRn_5IVJF6weWK_zg0QkP1LH16WB-nY2yros3Yls84HXEXkEnZ642EjS6XP6KEq232yGGI-s3H9j2KypOBvICEw-CPok4oNPu7AH0nDKAvtWm_a9lQYWZC4RQVX8vEjhKax8MzVVuIHqT-iSkZLHx-Qx7SU6boyJxtIOgraWgrNn7idnr7_ofIW534PXqSSyQFDSB5QRi7eJAwWWaUjI8XfxMNn9jErGl9ndqiJkqjHH4YiVYJ_XH3AIYnYBYp0UwNSSL7xREwVMiIO-DNaAP-uguLpY9i2PPI3NJ5MA85mjtLExAKqFXRV6T9WvuYzSm7_AQhyjO6UzKRJhbo_VNbz6i6Lcb_wourM5uwvCciPJHMRDtFa-HIN35PmSpg0GWQZd-9H6X4jfW7RKMbDdWJ-8cX8Ll1jXqSy4WLR4gRIYf3obPxpgl2JwvRO6PEHHsZoy3oPbM0uq--QbXRSgSWbG7sT_kkrB9hOsqSocy0s-UAvFuCX4N9uTz22iwztzvprGrG_fpDabnJ9lpcQIyqa_3mrpa6VD4-fqYth_wtVfls1sp7oxRfI2NR0FUrKWR4c-_CLGRXW1fiCqZWcc1xRkHywDZZUNH5Yp9m2SBB-H8LOpm6B8e_xRfm2vx75FVtPnBQ7h3KKXj5Mf5fvMvvyW7BRd_7k4wRLKT6Q-lgihERbwWIq-f4GTC5-NzFb3cN2lNX29awalfYyryGV6fdf0cHQpmb_14pqUfNtRajIWohCxhk7rofdJ7cdsAQG4JoaHZQ3xRZf1jWwUXp63v0LuqQqKEyp_dOOYL564l7jz5N-ZFYQKSeS8kV5ptxjkR329YiKF5w2RJst4j-tzk7yisFnShYgbzhm0QwmiWrNyQVOHIsfnoGVIH7gW5H-3ks19amU0yQX-12lemFDgtJLb8qwi8h1w9NsZ-QqxGplgxxp9p7HvCiJ-S3om6xz4GXuXlzvLVtsxysKaEDX7R5KahN1liQpmwemhTRQKPWPHGQ9ZbmoUa1E2s547w5MAC5Ms3vBBfTa-1LDXHSkLa7Ap5dmdc3PCkmFZ4Ct_s5BAdkH_g0BFDv8YU60HwCH1xHOyDoKCyPdbatjo4toYcsoP4-stiapj99R33XMw-iMYIQwA3yErUt7lxH27LFp7M_eSiPW2msF0O0YNJTBXEvIOQrk6XxwOvIvvFPoNhLQMD5tKhAOb_jsZlxP4fdUUbE4dgR58de2aLbraXMOJ4BX3Xdt6iZ7vHiO5QoJBxctkgeLfId1IGjapYVU6axtmA4XiFOxzs2VQEFNaFQilWeTl5OcMahk8x6uHVB75FT1qT-KnvBc7XIfOgeMuVK3ds4xbLs_Q2uNIo-hoAds_iVENdN_C0r4yME11K7YFTwg1Q8ryFNZCi2XJRsLmjr94v08AQUeHk4EApG3hcvJV72hOQEH8bKmoLTjOMBf-yztT2BghehsK_Fj8d-8TDunFiNrv5UxamjHZlYZscispjffxC3MdZSWRLLEmgswP9bXYI0Js8WM2gTSs2-CEhgNhd15Piwy3vPn0250HF8WNyHBllCHqP2OW4F8oC9zEp0D0ypKX3w041ibIH-IhrmgyOjWsZRmzgXUNrPJzAz1PiDlIT5XuMhP1pFVTQDtNrknxMAvsAM8RlR5iABE54HjStjMj314gdKF8M8OokmSteCejEsb7Tt-Y08y_mPuQ9mjmx-rxcFwuqQfnzfCxLtsDc9cv0ONlYkqWI9mGGcTeOm4sJPTOIiXiepfU6e6C2ejfBVuorbt91jcOotFELfyEfv7GadcKuMhzlT1pfPMNDtb9i6Mt-7jaBZGZ4nATUZ97sepyYudxY39JOcmp37Wahm68p2RXUoX0kh_cnqHxA28RlU8DuqE9qrUHWdpezhY7jwn_pKiIWDgryY-3UgoSvRJrToUNBpjUTu8X9fEtJWbULctAqCaL6bdjqkTAqNQCKvXScWSABilz64tjYjTjnZBbNDrLb0p-V6fn1GAiaSSY1XWLQz6l3y408b3RHr_dK2OFWLryIqmpk6lwWeDyxiJEGLPckiOrGd1opYC5_NToVUUoA8ZZibpl2UXaypAfpIN-2sKh_AY4eVOkqOPuYM_8ym76YNx9RBKtm5NUiRocfh3VOs3K9HY8yw823HYawWS3BnQ7fIxH8aNHC77_vSzcWpVrGT-6cs_Cw3NOvFSAYTTl0aIUBpOxE5zBwy6diTMrgh1I99mrsAi_ZlcejtZqr2ky6rHBxfHjAQPwd_GTfThCvnTYvX4ZC4NALR16g0PY6Ns4SMHaUISWUT3AgpfhfERQejmtgLujvgiAr_a66UomqAn-_CI1uPwAnYp_nG6klyABnsu4zpZngfb3r0p0uw1nQd9c75dpV0NQR9SeAKO2YYn7wm4XP5pIbWp_MvEc6VJYngGfXSBOmwbpigPlctb9XJGdrTb96KvEoYYMH20MNeWT7TBLfzPM7O4MxbEVPEV-dPegm3cdfaNeTCiAfMioFN4gt-QZuu57FJLKK0Vph_WqUdQtIPxihdzDzLfbf-B0qUK8XItHH5IP-d8yCnN_NbzgcG40PnE8SD3FXOsHmtDAl3WuFYs7xQTMG6bvs_1xqeSxxcGmpMiRVVemQtKHRPpPawvlW6OeZmto70E-UIyNRdNSf6vc1pEb5IDGg44bla4KtGzqylW1o6mOa5K8hZY3Xn6JwsgkhfUuBNZrd9xcDFPqqcP5uPUjZVavtJqeuvjO1WYG2fqU_pad6vREBkgO_6kXQkvGMjXbmD1UoqiMoQ9yKd9MDGSXH2bJGjKL98h8AjViGsulNbVfeYoLwvCLdA8LG3rYlvQMH-sMVNPOMMg1vx-WNd5oeJT7l78qdkrCDhhQJNPX50yGLXqGoQkFZaGTfPmMe-nbsN9I7xrfhkzxxCl3GrFZm47atlI1B92OZ8WxwFMBkMw_f0fZqXIg2PkjISdayiCMKHki3xbSSztn43okpnoHg8FPZAwDzSUL2WgMlTp7sc1p4xp72vx-c5xwId_0LYddDL_dn4caoGOpw-H29sYD8joXNrvDVWE_yBX1eDNyDvKWkroaewsWORWYRx8nruk2yw6d_SZJRv-YQgGiOrsd_7WAPc6BTbpDQpyAkxItAdfezkIx2xx2pra_Di2o&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=15439319867648610000&adk=2935317966&idt=95&cac=0&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ba2974c32cfc90c642bfaac913f8eb96d8df6ac12b9e7522d142b12f064fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38935
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 55C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1

43 B
105 B

125ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 55C4 43 B
111 B 172ms
27ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 55C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1

23 B
163 B

156ms
52ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 03:01:13 GMT
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 55C4 23 B
163 B 192ms
51ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGPOitIECMAE&v=APEucNVfgdFqrNNWNXb7CHd8zDTYrkWFepX7--yL1S1nt4xCX8xXZtBvJLnxTDZJz6hQRnjz3ntALuQEWwYdPZgTOhcLhNCusKrfZ0r_W_6I70j4-m4Xi8z9YdAQ0vzIUCA9Zm9g9J9-ClP8ltrF2KoDKUX2F5kJH6uV88zsWgNkdu_0YOMfV_4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 03:01:13 GMT
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5D87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1

43 B
97 B

132ms
36ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENtCcUtIaJeSYQZ5M0tBgNA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5D87 43 B
295 B 169ms
26ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 5D87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1

23 B
163 B

154ms
50ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 03:01:13 GMT
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEIAv6eDxNL1jK7Y2-9I0BH0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 5D87 23 B
163 B 192ms
52ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIf55oACMAE&v=APEucNWl4EC7eVpYosQ3Quwui4wWhSW1HAM5puvdzWwdLKp0Js5gyDU77toMrUUIWHqNshe8jGSL8n33zAYWAPnJ2T4q3hSuUiXu9_rY6rNFkHV8hqnDiYdtR15w6EMEeh2cTeAK5FyCsHFgIBuf22nOY_u0fIlWgmwtpn5x-u6q6Lm-Bhwt07I
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 30 Jan 2024 03:01:13 GMT
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame BFB5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d7d8b3726360c1f5cc765cd084ed3234452d8ae76a993880174b69bc5e80e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 393F 38 KB
13 KB 123ms
29ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:46:45 GMT
expires: Tue, 28 Jan 2025 17:46:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3F84 35 B
463 B 145ms
24ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGoh141HuHP7ipTSmm5wUG0&google_cver=1&google_push=AXcoOmQB1fSVgwCZALTq8L1ya8sNIXdq3t0_40hwJJrTutCe3P-u4Vo99YQ-eq4hunWR_8eU0D1eZiuJ35vxDi44pmq-7MKNsxOBXgns

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F84
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2lXam1qcm0xUnVFbjc1&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKi...

170 B
188 B

46ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2lXam1qcm0xUnVFbjc1&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKiM1cyaxF4FqyOwcJRi1-TIXlcgfur8q53G1juuhOxZL4lfUd01xupDxTsv

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Jan 2024 03:01:13 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-0e43c5f7c900ed44a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=V2lXam1qcm0xUnVFbjc1&google_gid=CAESEK0xRuAF2Ea_tE-K5px7Eck&google_cver=1&google_push=AXcoOmRDx1D-Pn4e65-HCo67SYi4tLqB8vsJb_ZMebOnpKiM1cyaxF4FqyOwcJRi1-TIXlcgfur8q53G1juuhOxZL4lfUd01xupDxTsv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3F84 70 B
149 B 161ms
41ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFQKktoHL43vsnOgZQs36Ow&google_cver=1&google_push=AXcoOmTmQLPf7pJpsezrKNyeh2-S371cOjYFLfOBE6qQIWnpFdJzrAvdBumEqlFRzASvlztjAFUW5yIEDFDsaT8JDSquepmkJu-c9TQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3F84
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEL_YFkDFt82a4sMbZ5pWYuM&google_cver=1&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD__Y1MPHDZvd6V7IcIxHPu&google_hm=yus2Y5RASsmGl5c_...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD__Y1MPHDZvd6V7IcIxHPu&google_hm=yus2Y5RASsmGl5c_pXjFGoM

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmR0bIfvAOMCgA52uDLktfw6gd-A3URyW5s6C2emQLPvtuuKB850D3BURATHUZ1VpST0nzYDwKWt3DD__Y1MPHDZvd6V7IcIxHPu&google_hm=yus2Y5RASsmGl5c_pXjFGoM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 3F84 0
174 B 148ms
29ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED2dWHNif8_mU6AgphOZ8kM&google_cver=1&google_push=AXcoOmS6LbQ3_V9LeRd8dbP3SLnwd77C8KfIFQfEyIuArZP9d39p59is8yx4H8w1ftcEJ4RZV9jURlkONXSxLYmF4VOn1QKTsSRZWTRo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0997380255145595&output=html&h=280&adk=189193175&adf=1356357377&pi=t.aa~a.2753964767~rp.4&w=554&fwrn=4&fwrnh=100&lmt=1706583673&rafmt=1&to=qs&pwprc=1666991488&format=554x280&url=https%3A%2F%2Fgta.nafaixa.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706583673364&bpp=1&bdt=1368&idt=0&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7e29936ee97bba85%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg&gpic=UID%3D00000d4c83464712%3AT%3D1706583672%3ART%3D1706583672%3AS%3DALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w&prev_fmts=1168x280%2C0x0&prev_slotnames=1930719933&nras=2&correlator=8783238358289&frm=20&pv=1&ga_vid=242839724.1706583673&ga_sid=1706583673&ga_hid=1609546518&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=1720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C44795921%2C95322183%2C95320869%2C95321626%2C95323008&oid=2&pvsid=999000826269301&tmod=317947013&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=1&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3F84 43 B
363 B 421ms
301ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR5eQOS2i6AyLSVdAXCHvFoGlEikyv_k6PWjM6oYHIe-2n6_2SzhIUvK4wJg3GvodZkf_8GmxdxFj8BOsFTZnSUEcgeGTCOwE70&google_gid=CAESEAZUPy1nlsMOOSJ1YEEvWRs&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 186739
expires: Tue, 30 Jan 2024 00:00:00 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame 3F84 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3F84 0
12 B 37ms
33ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jy6RM_VRbV7uPbSORcq9vq0Wheq6sSFtSSKrlpk3a_5j2cL_l2Kf_B35krPj5kmWDYRC0BkA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 55CB 120 KB
41 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 11:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 11:17:24 GMT

GET
H3 200 template-db7349e4.js Show response
s0.2mdn.net/sadbundle/9813938113422845581/ Frame 55CB 37 KB
13 KB 29ms
24ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9813938113422845581/template-db7349e4.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 09:59:16 GMT
date: Thu, 25 Jan 2024 09:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13540
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 09:58:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index-66cbe3b0.css
s0.2mdn.net/sadbundle/9813938113422845581/ Frame 55CB 4 KB
1 KB 26ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 10:05:25 GMT
date: Mon, 29 Jan 2024 10:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1452
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 09:58:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BFB5 0
0 107ms
52ms Fetch
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstJJwM119uKLAm8SYcr5l3XzkohPSWJEkdoIXbspxvp3tXL77I8y3bXPRAK2JNE3ZtioNtNq4vV12jydFKfHBB_qSVj7lIZhNV1USCP17UiOKn_zIPCNEFhcB1XRPMcLlp3-X8xLkXhlox-zn30dr7u-ZxkN0HmNLRk4YMuwGqEnsNd9UojMY7oQ7jh6m8SCt1DHWWKL_FctbDjmosfNgnOFFwYwrss-PUpI9au9ta6NahLUW0CEPl9_SaTctiaaFGbIqX0Bg423iM3pp8fEf9qOYCLRHTDWCpbV0xTLa1Zu4v2gTFXiDDHrS59L-mb4zAigbDuhBzQtIi8f0KfKHXv-IUSDyyTz1GT1RBlWjesp-SkBT7TZnR2X0lKQkr4BHt2OQ0mgPejlc3iKPPxzrZfL8p7c0axJFlLMufIJeKjrhkDj3iVhLNCS166pEwV2UFr9AvQuUVvHMo9tTsZuPoeHgAeikRxKpsDswZz0WQYKCERZKLzgY9HFX0JqOdjmuJSDzLIOY4P_QGv6Y9oYl8yH1o1ELLa3Y47aMaqhZavlntOxQjy0-9y9X6VIaATcDugl2zVgwxOm8fR15gKJ3mkuFDQD8uypHdy_Us-g6H1OegFXnArOeZY4068VYXSBbAPjPWIyu9zQF7eCvxc2ZpObAnrjA1iO7-jbCYjFjHRHbOat9Ra0uMotnrRDeNtov1ecuGh3ZYPGj3wPJj6QGVTYNWNXPVYRyDTesd835V9_VkdV9_yyXodvu08SKkri_EseIDg0eh5ckdSayijNcFM0NnQ2riAupn92AN-itXnOlZXXU0SR2R5wFUIxDmbEWvxAj1nk8tMJgXFx64StFMfw9UJ5t_53XLMi_Z903rUBVAb8Kul-ftYV9aqxZsPNgRDinyJOjPyihX6KMW_IKN4Tin2hdFjOyS9xRvEhoUkWFhsFAqYwJ8g6pk0EfdujDxeGZvsLdvW0-f5V30a9k7bGHcTYPDz30ZqAGSK-EoRZcvUgJPDWBS0R7DAgk5v4tzLTFyLhSfaVS2QtB2n8vrNOX-IGdDDgaMW_BdQIgWcD7gEkEGgG6vBvwkcqmJnGCQ7lzxv8rEqaIWbU6h7tAu0jGoYmpbcjRjOmO3gv-pQdjBb03n-QA13hvjOpTMzwrwyaCggnM34Z_CICk3XewWLWvpXkXDQqiNUNr3Iw2qUQ2iKK61UvKMDnqBvdSYz40ewuY2gGrLYZUzoCRRk0ZeY_-Wft093KL0VC8PRej1gyqeOP0yifpxBYuQ2DappUMhP_Y3fOuE2BM1YDpZX-NQgCpHc4vSLz2liJ44C&sai=AMfl-YR4jZeeCllQsJG4BVUvFk9OM6RzWxdGe8jD15JAT5094iEhMoZElhFuLThinGog1Ex5h7-Fy-Ksix6MA1bp-ck2qXKb6AuTFsnyyqjC4U_-Xk6n6OW4WJyxnOL4rEi36PpEpzIPRsm8LS5rQ4QxM6le-6jC5tRxrS9bucyo7WIloakKBzhHpp1Yloq5ATBxjfvO_QpSiJyD-qgrh7doDm1If20AooM5oW94sUkFxBfC34JM1nX05EN7RixCZH5e0k5GC_FGEidNZU-yOMyf9gzmBr8JZGy-AJ5M2WK0qsI2ZLVE5F6G3VjAqLi8fp3cEIRzsqTnXyoaEMjJ3slcv9FiC9rThtSukDHrjQNuql-vmYTcRUzn8CapTyVC0H7ZZRIk6TZAzfxMJfMWFyqmK3cxtLldgO2fgGGOxSa7&sig=Cg0ArKJSzET_x8Ff48LrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nc2dodC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=136&vt=11&dtpt=136&dett=2&cstd=0&cisv=r20240122.88366&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:13 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A9 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6181542734967&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A9 0
20 B 64ms
63ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6181542734967&version=m202309260101&ct=76&x=1&cor=3652762468609138000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 82A9 93 KB
38 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr_jCfsVCyWLo6CoHBFHmi37ILwkoEglTw7O1_oYzPizKcwfwyp69xJJJm-NsrPqaE8WwgItb0v59xbBFQQ8Eam8n5K3cbWvXGk8l0cQdT7rNiZ2feojFUylsw69efDqv7AyATZvP262dk-6NWmSP8L8bzW5awCoBxOcH9_14OJXgdIk0&dbm_d=AKAmf-DZiLbGYDV7G8g8xnn3lUWI9mYzvrn6Ys3zmjhCixTcex9t8Wd5tu53LmG2LnvFJ0Qjyn-A5G2Y7kYOEp2dEF_KJN-cXimD3vzPP7fHskBQAyfHEaIr0IBIAXSHUj7-YShFfa1UVEP-pPtFWaw-d5EKPhBTd6vDPWOXKY6Vn1CV5xmVQCCFddMNf-AfhGPKxB6iApVZgrg05y-7fXyVsZ10hJLjrQE1-MpNX3qe5rHqU8C2115cf0eJ06TIpj0EpJA9ra9AjoZNMF_vR4ijk6pE02vlesEk0sUzukYXuwMWGbyAIjf-6qf4AZRbP7plkQBiHo0gdhH812INFhLF1jzD20pOzmJswEO13sVP1zJnNxC7VvJKrFtIiJTskQUFOKhN1OcujOHBNXK9ZaIub16BLUlcPjEgq1Vtm2AODFzxKtgbN-QEo8dz_iQkkPsirFUCcbHjCtX5sONtyCnttAVVTpipAR5jHYvdc9NxNYLBeZsNOUTNRNvaAmQDRj5wtTJUfeidg31bV4WgIZUVUjlT2WiI2vpan-gix-gUUGwYWz2yhOTOdAVYWa1Uq5O8lwiBRcaCcsLnYHVOVQur_8mI36Pbx6xPdN2AW7bUhhUzXb3MHUKLj2LtxQ2VWiQxUDW8SNrIdqlgay_cGDTcqoMxNDn2z83wyavmUDnajmznIz6V6avuHnMO22ozXd9-mitUdLdAbQ-tTO0ziflSV_Dbe8xdp4fX84gaFNXGlVIMOfZcYSvYDcaKtS89c7OoqqVbXoZzrazriadgmYhdoHUAcV0FxNI5lZ15rgNjKYcf5l2WazuGe_twWq1_EX8MxD0dAKHkab5vgfN7rWS70dlZdxBpvC-57xoctPXIU5ueYSlBGKDfpG78PIcS0og12_5-StpECr69jb7rEYXtZnCxVkMDfjvvGOELxlDuCX5mnsQPs7VdlP3nunZ54YJf_AAAAMfWAhOP64csgd-LeAzoipzSO9vcglJVgMsYqVhjRton880Q7VvXXfahzewpsh48kpYBjP76PnKt1J-eaccoEzAigLHELxrlW3WCwneU5d7_0q2B21MfbSBwy1xCDDkzxwOIz3VUt8YtG3SnrGdL3bjbB9Wnl-h7hbKlPIHWBXmaIjqbjHcf9aRTJLSPsyjkOsIyJIYVsBIj0qByy7NqsOfPa3iq-PGC3tByu56Nyx5Kzw_fNX3yjrCL3rauomJ6RaPBQi1XuhmG3dU8D4w02QMcOmFNmTYmLLPrCzOwGsBWtzvmR4B1fmlOFyBUUPWga1fte98Fhw7vlp7rNMbjcsDlcSSpIRMe9p6SVjCZSKXwA_yubqCJXuZK391iTGt_xpqtN0E1MEzti2y1ssKxOftPQqEox9IeqWtEkzIxasuEqIOcPn9cKE-vm_Re52yRq1xR_GHPEduQC6v1s44jmk3GpNQ8rIZfQSN5fIk5lLSi7gzcSs5-sEOTUKq8r99UqzH8zv57407yIRH27sCaHorXgtbJhZujiUpmjFFWD1UBdgzMc_TPUDWKlXzn-7oT-w_7SvAsJwyfbimcuCWT0C3CfJBETWCgjioym2RaqbgJUwapeiKxvIeL_VALraXu5Levw2giW7EbmqviCXZwArN60P1BAjUy462c2V-tfW8e9diMTrC8c4hmSrhUP6THRfjKeb4TYtZYLRs09vKSfCq_ltfe6kOnI1y9sixB3BuMOaqEwcDVYU1Tz1JPCkgUif3aFTm5eIGAmnJLynh4ZqsNSYRZwvxdbTtp-nnL9DrXl5LrwBUm1EDLhbizAQYihjc1EdTYVSWxx5yxBK_TFx4lr6x3a5Is-sVPiK97cKcyfQ3SajTLfENChjpksKmMPAy2xDga14SjuSGjyNDZEzG9dVdkMk5_LmFWMG7ap3yYvN37QB_fXZ9-k9KnrCV3mF_60uffVDcGM_B3FpsA_0n3vGwjVvDWddLSMbls8HqJJMPELm2dmjYpH9YjxYg-WR9USdwgN_sY8nAxm67PYbSWu0smCvztOdlC4oT5b919OveRsXWPnVWX8pb6eP-BsSb-WQMuiXfeyU2AgwUzTeuuwdR7giYe9ZSxHtdObxe7FiiEzN2xtHgvZWJJBjLyaYkmM6o5kZJ9Uks_ahBaFQZ3Dqlf7Kf9heFZaTozoZtYC1F2DILGx49ps7TEV2Lr9bEPYYOKOwL6lydS5ECM0cGoDpAs8CbJETZFdHTwb0TCp_pJkxGZsqqgbY2JExzwfFJxv6rCncPTcgjSTiMlxign15WVl4iLM085uloKldXLGrNCmMAW4akhXTGClvqvXHtSrqsr-CSOYEuPc1CZvPKEwR9nIgdQJigPzl6jzDhnq3huvQpJ923gZAY7K1hWV4BEyK8hCVy5Omn2snWpHp0w-TIM1pBm4xHnzeHd6zr-G40sTjzya5P_R7BXlJT-f0EfSUBGaoZQ58y1Ihimck3BzWI3PiRE8LLtgdw2V8OUtaxltPfIx5sjQyKVdiSIiRYfPTyr706Hng_L2mCkSBhM1IXUDrCWUle-ZnCAeVscWpN1hfSNcQHoKymxq1KQ4XhhtdBsNPemiZ7oVB_YDetlXYUupXQ91JIwOhhtXWqbgIncXrJMF1ZIZNtjMyq9qAXkb8oSMr7ZNo6NjT3zPYu5MM_F2WT9HQNv9qBxCJ3g2VhUtia5D2cLhWSzCNAtjfSNvDE2gKzOhGiviaUsEPpVbX3YlylnPq7tg_F-I82BrYVjyCtPMUJAniYee5ySceSZ3WBZfFokv3wD0GnScQQAkQaocu6H1EH5mQmwB4gYGIpQbIG8JS-FAGGJwplwohI8CLCGt0XEAhyKFwiFJHxTESrow6ZgMWb10NeLXlsYyUE_taTFCeL2dHTygsui7TXhwsp4vQUseU6RcnTZk-wv_6t3_SijIeR8b8SOwuTQuBUPbkuGgGM0hfUSBvtiexy0O75B3L-ug6AK2rJfM_4z8z-w2FFqrznIClWjKHgflAf1V0ttdkyvY_kCWr6YMNv4nOOFbclwXsBFyd7yR5apVBBXhKa6fuKtzQBY5y1pLFckp5R5h7_tWIpE57WP8edH4hPn2Cba7Ovlm9Jme5SyLIBuLCWFf6uVtV5yoaSgOSREIGuLaQcsYSLpwdQHs5DqEE0PmybGa6HhtdwDObhNVcX9Ki7BU3vNK8Stl5IcP4pASM-GL2c2hzJoPYp-gwc2V4QR1Qq-yFSC9sAP7DhiLnuPKhtdSWrh4hsy1E6mk4l9tlrBuUCwex3la48enCEhqPuVKEislEXEGwDfGpzqOCuTQpmvHn4fd15ITojX-IQOEejjXvrk0LvCkPiCstt6nl49Av_mT3_sZumHf7daXFGz6mEe4ZhACX3DJnPPH35mSe0XsQWjAsUGGkdCz3H8fZ1AKA9nk_Owqj1M9oex0RfEP4wiinU_zv3sgXpOQtvG46zd83_MCPPnz2PIA4DJMGC2jh0QUj382vw_KbXBo6496JCQgskpcBAHwzoi-PNOcdr1YBksecupYbGjXBHExagyJuqnMhps-7vPrz51xpxrcaUqfEVMCOC-KcHUUWieqvAtuISFxrDSPrAkb71K-LHNcXEN7fpw4gLhm99CSJL6ZksIbIpJTiyDPh3mJMx-O5V8wWDGLI5n8t4yCNlKheGkp4sez8hNjQVDAdPH0ODIikdTHJFwlgweBnrlkoM&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=3652762468609138000&adk=3062569611&idt=128&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27fc71dd7348757bd15d4dfce72998f230a8015b465ba3dcee6f1b7a3efd2632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39016
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B21 0
20 B 69ms
58ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3293331138147&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B21 0
20 B 69ms
58ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3293331138147&version=m202309260101&ct=76&x=1&cor=9800913799140782000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7B21 93 KB
38 KB 79ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CouJBL59pkCG54gQAJOwLsNFrtSM_NlEpVTvPpYcsKcokzs09r-gFaABE6iTS2AWEwyf05ze2Nn1nLduU6SN2EuIZdo39YpfmWsyXobzMYf-a643qMBRXY7csgb0sFKTUTPY0GplwzUVqm6Lr75xEdCS_XbFMyFtlmPuDxlD-vHtMy6o0&dbm_d=AKAmf-CAk5-o40AJPp0czQgPz23xA7MJ3-YP-S8CcvOvKsU8EeqJmwE9x6jdBP_m2h93gCCcsmUqdmIWGZFGLXcJ7GxSowuSphKRxZ6_hKwgY_z8DeZQwS4r1C2jZ7U8u1OKnijI6Q_OJaItb05YxBeS8Q5YQsi1vvjTBp2HfHjDUYownDqt2zdYKSR0k27IamABb_0MnMl1d1oseM3P-pVj1htq0e4UiRbHEG_2uyRpPCRAk6fL3GbZ4U8OxZtIG5pL69gWGdTDyPaFEwfsuIb9VSaYmNvwfCVmq3eFafPDcxgTEHP7EXxL8dlKiEG2vAOwYvBakpLuHEk1wAk9rpSRS-ddKEygm4tBwycH-ixZ5n7K4B5rRELCB_Oo3WG36IX4K8g5VsaYaXp-8hrvlwj-_BJcePpLmKaHYvzGBTmmaEihiGSy6fQe6BqZPE658DyPLmRJTXqjBRAiGM-TUc-IVrHmlUyKlpxYQpu5cIBeBXXTRPlYqxVl0ebA0X8CU4csH1eso7M8KlaVrBr0xdwuqyfD1T2rogQ9H6LLjrWBemyFe-7dF9cuS65ruy8V3Oe-rGhgcP5sS9Ah7iVcvXzifqUFHhHAm-VTecawtLuerwfk27e6WKs7RjHCidYNlZGVjYEiXLJfjl2Kvu6iErLuI9d_rV7TrYNP7M3fJHbqQAr6I9eZX-H676aabN3H7qj0qGFa-oE0FRj1C2lnRVgm3uLeAl6IFmBBe3T0I1StWH7Q-0zCdEEE9TUWETnoc6kr8UN39XIX1VbI7EfjZ8HB_vOvQcTacpRGpzPlcz7e1rjbTrfE930vD0ZCs7jCtyLUivTLZpFgaHpHLO3T3Au3yQ8DYVacpe2Tp4pi_dTl0zmkDva-21W5G_ZwaBT23vdELgBWWQeW_oyUWdRj7DDEZ09FERYixlVYkF0eS9nrEftN3bGR3NezGe5IoCm5s0hPLtVqPjw9H7hlcOfEsiEYf_THyrrc3gimsSojGvPUVyZmwc3yY_KbYsgjQ5PhSxnP566pjC7j6uCg329U5Nx9qdMQBuMI_KVAaM2YafYmFE5gDKcLOvK6JqWfi-ezNuDvfN8-Q09OAOIi9cHvS2ZjyKjgNDiOj2Iu7KJLst23IFSyfokCUYp629CVp6iMFaqR6TbOxKLytUgv4fDsQXl3bf7rsPg6ZfN6fpQh2Fjoh7M35utNaRTpz0uKFMzeV9QnkPjg_zv6lJfOx_d2ZZxRVbsUlcT14C2OTTEgJditHaJNaoSGGbeYd2WRWUX2ER_DYNZitToQzkTk8i0pB6wSjBswHXbUyFFfCOkRZWt4-bpLHqeCn6-nYX2lbf_8hdFkw-XhQYN-hJGbXe9Gki692w7bLy4tDQMXCa-u-3jIZw4tAzBMVnjMO3BBmuFMfahFqIMGfVD68hLfr48MGDYLcwRYg6gLF2WF27DvvTqz1sbtlw6MjqHpLpINj_elCOR8FOdhrkl1WRLZetG2vIbjmWfO_xKWYJrXMGVoCrQOYXxr45CgjSu_mNJ1o3kYC9VCxmnq6nND5qfXLpr1F60OmYJI7SmeV0grHgZ2w1pqNzULk4uzTD_sXQtRw6ApT-fe1278VRdfGLMTX_haJD39qTNVN7c8NfJDZ_06MASY1U9iDU4JqBwwSHK9LMaVEKd4TMEYS4rU6dZUHYwtYme1_q3uDLdfb8s7FBbtCgARX0xXwSvYSb4GGlwCtfCC6MAbkJdUfB236cBp8xIuiy_IZ5iW_Fj25W_q1uCONyMh5WsIiemVBnX6YCsPBOxAwdrCjA5wmRgCAQklYOTmBisNYk2vdaV3BS5V9r6USWEROCfDtwErP9ozXzQaaOAwkLfVN3hI5vrN8qGWEmbCDjgMRre2R6CDzEiXRABtaxikAIoES50Ig6xAISJ8opoDTtaSs3XkNyqJqV3MxlcuW4g23HJ838HlmUcj6zc-X2leKhbPLnIHnF13QV5eyyFTw5Dztd3yj64NuquHR8rC5FJngEP9qRtDPjBvjN1T1WqWOzW7De7iYrrnjzZqgufss4xvGB2InIyLKFh8kAtBuC4dLbMarzkLA5JAUc7874CXho0IPrSxQHUiT3EipC8x7r9ACCX7dQtKwf_K_jqo5W_zxNyD2X0AsUe9-2sSYGA--j6axDcny0SHIG0zA_xQeLDPqsH4GF6l47vMErMJu8XbNJSFuSRXqiae0NNXWpPMTs_3PlnXl4ZJPGgdB1rOH-wa4_W2VFljx5j7HTfBY7SKhi2PcheYzcdjRWx8G91pr4SRpNVaMW3sHDNP80w75M0eCjufMDodxGgBDaU5DSeS7LHYYMvtul12anwE2v-CMZw3lAB0EvtZ1jhyjH13LhLrC88g1Jr9CITbI4nzHtuWdH0dzwqT7pcDBA_bVoQsTpmUk72iBBmrIJ4vdjtJjRQWC-0tdua-K910Ji0dO8ZMoc0X9ACkaQn0vGduER_LK7kBEiWYQbUaAoP9VIu1sr_Ndic3PNVEJ6HbG3XchCSW_LCW_aXX-JmjTtDwFEQ4TrU_NFq0yb_BOKySQIZH-H6PASjMOChrO4yfQeXrWXFh3DeluL-rDyF2qDNKRo_I8KbpwOqW9rF-Mpqzt5SenTVAFgvinC2lO6wHm8S_AmLdziJgX9p_1LFIweSzuiRoQxNbsdkLZ2lRCQZMblsgM6LHF4X_guM-YCgIvREZzqxEFaRWdP9zrsCcbvSeJHZRyr_RlLe46LFOomZUJ2ET7753qyGigna1gvgFv0oEEMSlnNpFkC2FvkLwstLrtHD0s7ZrBUj4CRLPppV44tXvGJ5i0HnmxQ6s2R3-daHQNRr2wMKPFxBNaqHA0X81CC5BLD1LP2bI_fXYo2wtq7drpwUAM_HM1YJ9woe22zqZpi4JR0atxTJs2HuK3XZzETHPm7Qke_3WEs6-K61ufQFPE3W4pbMwl_qQxwWjEKHAa2wI34LoX6p6Z_PYAadYPLydCbVaTRSD7VjQAcj7oCWGnhhoL7-VnYay9_0ZhzNjq03zvi5BPha90aCUzt_50yZOg92-0S5SbzzU4hhnLNoaVdpA8gjK5PYsNzIQlv139UMROGH3tCuYErxlSwVaHFuyDC5SEOMP8ufm98XVO2gbvydbjTizAxx3CeVeU4EQnhzTbLR1nCvQY1BjH5dVLr4AZaupbFdZiJ-68xrxI85D_VkXIAtLg3i402nwQ1JGAP0rLY_JONT-xV8WKIPB39s-cxHKQaUWRQknFoEATj1nTPltYUfXzfkBZpfNU1X2kmm1EWKSoVI11GTslg-KjUJtnQc1iGXTE4I5o9TOl6X5Ci7nIQiFt_RpbO87sqBn2I_bzB4jkdXgvanof_pxAyizk5-1aMu1rwvDN6DXOEYylqja37XhTaJX_mHNAEGKBh60hFjWCT9oMdWBeQtUp29j2K4AfZbP9JETMa7g86Hn1U_ltJVHk3lzK0AlO0xK90_o5r-eKvIChHrUF2X-t_7iGhoeze4OWe_FIE8jYotgTNUnV7XFkQ4M8gpUngFNCBGaceKJISLukIiezglz_wj_vJkLG4AFB79q7W4tYTV7vMpaE0OuKo6yuwSCjehS-KHUJ1VqCrl4XUj0M7vlZcLsoaaW6c7OEwZAgReI18zutLE9tGi-Cn2S-3lMSnFPo_pJmtrJ7CVS7Xh9fxrFfQjZtpKFt64Rnbk&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=9800913799140782000&adk=2515327513&idt=159&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de3f46dca331927f2acbc7d48b7270deeb22462cc596fc17813f445040a6e266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.omural.net/online/ Frame F2F3 566 B
834 B 157ms
152ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.omural.net/online/?site=mural.omural.net
Requested by: Host: www.omural.net
URL: https://www.omural.net/uo.php?site=mural.omural.net&icone=0&fonte=&cor=&tamanho=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f1a833212669cc4d6f917d41c0ee007b6532237447c903fc2c277a7489a9d5

Request headers

Referer: https://www.omural.net/mural/Mural.php?Mural=9406
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84d678192b7c5b7a-FRA
content-encoding: br
content-type: text/html; charset=iso-8859-1
date: Tue, 30 Jan 2024 03:01:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eLw276zwiKC4WUcvjKnlTBSwD%2FNMsBvRyNVYXHBsYQMoG%2BPZI7Jh3%2FdZ00q5YxwYF4YNtolew3pc18KIF34Ah2H%2FSOebRe9QTVrACNnsOOWPWd%2B%2Be0Bu1UETxx928URZBvlYc9qFzWn1NtfOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 90F6 111 KB
39 KB 38ms
18ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 20:09:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 90F6 12 KB
4 KB 64ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG_F2l6PpSldMLTwrlf207IvM2qMzH3gdyCgMydIAExuKtWqI9-iuYHZ31ULzNQ7pVlEQgCID71f94oWL9Atd7v6b0dOgDvdcGEnzJ2wPA-D9uu9zUVB7b8LJX_BXPKokc965GiQdoQQrV3ymUEugcqBztA87RN9dHVmUoTPnyngeDPzQ&dbm_d=AKAmf-DyMaqAjODpXUrWKVgOnS8kkTLwU9ii8VYDhqq7enPKXTBfKqHuG2M3HmWC2PqeIjcfNTyAUhj2q95_aY9mjXDQNTAuxZlfr9hmzxsZlunrpQIxMc1ZHdQkiyKxqS1Vz2ZRlmdaG8rD_RtgJ6rSSWytpcD5r3jdxt0hPA4pZ9eabT4yFMNDxoUV1tL-WlllsOnSKyQMLvIz5VkF7rEw66BxUJZ7TvyNJjbVbAhcSs7tzNZLzbvkKABq75FbDC7v32zsVde_hsGkmzyXQX5TaD--aHfa32eFwlZxBhJF82QR0kJ9cQ3HCPOTTCmsMGXf_tSPA0-vxzxiQO57OnpcqhZ_swmUKHZEvJmM7c2QYreegTg9-_HCVShc15qaPDowe41GFH_J_9dPJVh9ewFnJ3dgffXiGMPJt_C88b1J6HmUIFrLLkAo2kLtVHcSdiOBF3ASQJJoM0qMUpff_mCQQMf-GrfoF_DjO3lv_dA0EufijPthDNpItu-2ke2EULaddSZRGcA54anAgzUNX1qIct5EORtkZrHDRn_5IVJF6weWK_zg0QkP1LH16WB-nY2yros3Yls84HXEXkEnZ642EjS6XP6KEq232yGGI-s3H9j2KypOBvICEw-CPok4oNPu7AH0nDKAvtWm_a9lQYWZC4RQVX8vEjhKax8MzVVuIHqT-iSkZLHx-Qx7SU6boyJxtIOgraWgrNn7idnr7_ofIW534PXqSSyQFDSB5QRi7eJAwWWaUjI8XfxMNn9jErGl9ndqiJkqjHH4YiVYJ_XH3AIYnYBYp0UwNSSL7xREwVMiIO-DNaAP-uguLpY9i2PPI3NJ5MA85mjtLExAKqFXRV6T9WvuYzSm7_AQhyjO6UzKRJhbo_VNbz6i6Lcb_wourM5uwvCciPJHMRDtFa-HIN35PmSpg0GWQZd-9H6X4jfW7RKMbDdWJ-8cX8Ll1jXqSy4WLR4gRIYf3obPxpgl2JwvRO6PEHHsZoy3oPbM0uq--QbXRSgSWbG7sT_kkrB9hOsqSocy0s-UAvFuCX4N9uTz22iwztzvprGrG_fpDabnJ9lpcQIyqa_3mrpa6VD4-fqYth_wtVfls1sp7oxRfI2NR0FUrKWR4c-_CLGRXW1fiCqZWcc1xRkHywDZZUNH5Yp9m2SBB-H8LOpm6B8e_xRfm2vx75FVtPnBQ7h3KKXj5Mf5fvMvvyW7BRd_7k4wRLKT6Q-lgihERbwWIq-f4GTC5-NzFb3cN2lNX29awalfYyryGV6fdf0cHQpmb_14pqUfNtRajIWohCxhk7rofdJ7cdsAQG4JoaHZQ3xRZf1jWwUXp63v0LuqQqKEyp_dOOYL564l7jz5N-ZFYQKSeS8kV5ptxjkR329YiKF5w2RJst4j-tzk7yisFnShYgbzhm0QwmiWrNyQVOHIsfnoGVIH7gW5H-3ks19amU0yQX-12lemFDgtJLb8qwi8h1w9NsZ-QqxGplgxxp9p7HvCiJ-S3om6xz4GXuXlzvLVtsxysKaEDX7R5KahN1liQpmwemhTRQKPWPHGQ9ZbmoUa1E2s547w5MAC5Ms3vBBfTa-1LDXHSkLa7Ap5dmdc3PCkmFZ4Ct_s5BAdkH_g0BFDv8YU60HwCH1xHOyDoKCyPdbatjo4toYcsoP4-stiapj99R33XMw-iMYIQwA3yErUt7lxH27LFp7M_eSiPW2msF0O0YNJTBXEvIOQrk6XxwOvIvvFPoNhLQMD5tKhAOb_jsZlxP4fdUUbE4dgR58de2aLbraXMOJ4BX3Xdt6iZ7vHiO5QoJBxctkgeLfId1IGjapYVU6axtmA4XiFOxzs2VQEFNaFQilWeTl5OcMahk8x6uHVB75FT1qT-KnvBc7XIfOgeMuVK3ds4xbLs_Q2uNIo-hoAds_iVENdN_C0r4yME11K7YFTwg1Q8ryFNZCi2XJRsLmjr94v08AQUeHk4EApG3hcvJV72hOQEH8bKmoLTjOMBf-yztT2BghehsK_Fj8d-8TDunFiNrv5UxamjHZlYZscispjffxC3MdZSWRLLEmgswP9bXYI0Js8WM2gTSs2-CEhgNhd15Piwy3vPn0250HF8WNyHBllCHqP2OW4F8oC9zEp0D0ypKX3w041ibIH-IhrmgyOjWsZRmzgXUNrPJzAz1PiDlIT5XuMhP1pFVTQDtNrknxMAvsAM8RlR5iABE54HjStjMj314gdKF8M8OokmSteCejEsb7Tt-Y08y_mPuQ9mjmx-rxcFwuqQfnzfCxLtsDc9cv0ONlYkqWI9mGGcTeOm4sJPTOIiXiepfU6e6C2ejfBVuorbt91jcOotFELfyEfv7GadcKuMhzlT1pfPMNDtb9i6Mt-7jaBZGZ4nATUZ97sepyYudxY39JOcmp37Wahm68p2RXUoX0kh_cnqHxA28RlU8DuqE9qrUHWdpezhY7jwn_pKiIWDgryY-3UgoSvRJrToUNBpjUTu8X9fEtJWbULctAqCaL6bdjqkTAqNQCKvXScWSABilz64tjYjTjnZBbNDrLb0p-V6fn1GAiaSSY1XWLQz6l3y408b3RHr_dK2OFWLryIqmpk6lwWeDyxiJEGLPckiOrGd1opYC5_NToVUUoA8ZZibpl2UXaypAfpIN-2sKh_AY4eVOkqOPuYM_8ym76YNx9RBKtm5NUiRocfh3VOs3K9HY8yw823HYawWS3BnQ7fIxH8aNHC77_vSzcWpVrGT-6cs_Cw3NOvFSAYTTl0aIUBpOxE5zBwy6diTMrgh1I99mrsAi_ZlcejtZqr2ky6rHBxfHjAQPwd_GTfThCvnTYvX4ZC4NALR16g0PY6Ns4SMHaUISWUT3AgpfhfERQejmtgLujvgiAr_a66UomqAn-_CI1uPwAnYp_nG6klyABnsu4zpZngfb3r0p0uw1nQd9c75dpV0NQR9SeAKO2YYn7wm4XP5pIbWp_MvEc6VJYngGfXSBOmwbpigPlctb9XJGdrTb96KvEoYYMH20MNeWT7TBLfzPM7O4MxbEVPEV-dPegm3cdfaNeTCiAfMioFN4gt-QZuu57FJLKK0Vph_WqUdQtIPxihdzDzLfbf-B0qUK8XItHH5IP-d8yCnN_NbzgcG40PnE8SD3FXOsHmtDAl3WuFYs7xQTMG6bvs_1xqeSxxcGmpMiRVVemQtKHRPpPawvlW6OeZmto70E-UIyNRdNSf6vc1pEb5IDGg44bla4KtGzqylW1o6mOa5K8hZY3Xn6JwsgkhfUuBNZrd9xcDFPqqcP5uPUjZVavtJqeuvjO1WYG2fqU_pad6vREBkgO_6kXQkvGMjXbmD1UoqiMoQ9yKd9MDGSXH2bJGjKL98h8AjViGsulNbVfeYoLwvCLdA8LG3rYlvQMH-sMVNPOMMg1vx-WNd5oeJT7l78qdkrCDhhQJNPX50yGLXqGoQkFZaGTfPmMe-nbsN9I7xrfhkzxxCl3GrFZm47atlI1B92OZ8WxwFMBkMw_f0fZqXIg2PkjISdayiCMKHki3xbSSztn43okpnoHg8FPZAwDzSUL2WgMlTp7sc1p4xp72vx-c5xwId_0LYddDL_dn4caoGOpw-H29sYD8joXNrvDVWE_yBX1eDNyDvKWkroaewsWORWYRx8nruk2yw6d_SZJRv-YQgGiOrsd_7WAPc6BTbpDQpyAkxItAdfezkIx2xx2pra_Di2o&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=15439319867648610000&adk=2935317966&idt=95&cac=0&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 20:48:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 90F6 31 KB
12 KB 38ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 01:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:45:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 90F6 41 KB
14 KB 36ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 400016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET

partner
sync.search.spotxchange.com/ Frame A1D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHAl-YZbi-y4KuUN6oxAsoA&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame A1D2 0
0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58269/ Frame A1D2 0
125 B 76ms
32ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKmuShCYmfDyBRink82DAjAB&v=APEucNUeztflnZK5JpsrUEMYmKVNyp9qFWgzwOctJj-eWM2dkjOewu7zbvzvI8P4N-xH-_yBrXnXLSZIXPMfkD83H51SpcEyZXAHZZdXNsldguBq7FB-tqNpnhIBXhxPWIbbJTvOy0q8_1U43sHcOi1OLNcfJU9D1fUaGFMHRPeHt-eJbvYrSx8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 / Show response
whos.amung.us/pingjs/ Frame E82F 30 B
211 B 314ms
307ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=omuralmural&t=GTA%20Na%20Faixa%20-%20OMural.net&c=s&x=https%3A%2F%2Fwww.omural.net%2Fmural%2FMural.php%3FMural%3D9406&y=https%3A%2F%2Fgta.nafaixa.com.br%2F&a=-1&d=1.418&v=27&r=5493
Requested by: Host: widgets.amung.us
URL: https://widgets.amung.us/small.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b74b3d3e291557a575307fc9a02ca67da2c2d4bb133409c6389bcc9bc54ddac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.omural.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 84d67819ace4918c-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/javascript;charset=UTF-8

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 82A9 111 KB
39 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 20:09:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 82A9 12 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr_jCfsVCyWLo6CoHBFHmi37ILwkoEglTw7O1_oYzPizKcwfwyp69xJJJm-NsrPqaE8WwgItb0v59xbBFQQ8Eam8n5K3cbWvXGk8l0cQdT7rNiZ2feojFUylsw69efDqv7AyATZvP262dk-6NWmSP8L8bzW5awCoBxOcH9_14OJXgdIk0&dbm_d=AKAmf-DZiLbGYDV7G8g8xnn3lUWI9mYzvrn6Ys3zmjhCixTcex9t8Wd5tu53LmG2LnvFJ0Qjyn-A5G2Y7kYOEp2dEF_KJN-cXimD3vzPP7fHskBQAyfHEaIr0IBIAXSHUj7-YShFfa1UVEP-pPtFWaw-d5EKPhBTd6vDPWOXKY6Vn1CV5xmVQCCFddMNf-AfhGPKxB6iApVZgrg05y-7fXyVsZ10hJLjrQE1-MpNX3qe5rHqU8C2115cf0eJ06TIpj0EpJA9ra9AjoZNMF_vR4ijk6pE02vlesEk0sUzukYXuwMWGbyAIjf-6qf4AZRbP7plkQBiHo0gdhH812INFhLF1jzD20pOzmJswEO13sVP1zJnNxC7VvJKrFtIiJTskQUFOKhN1OcujOHBNXK9ZaIub16BLUlcPjEgq1Vtm2AODFzxKtgbN-QEo8dz_iQkkPsirFUCcbHjCtX5sONtyCnttAVVTpipAR5jHYvdc9NxNYLBeZsNOUTNRNvaAmQDRj5wtTJUfeidg31bV4WgIZUVUjlT2WiI2vpan-gix-gUUGwYWz2yhOTOdAVYWa1Uq5O8lwiBRcaCcsLnYHVOVQur_8mI36Pbx6xPdN2AW7bUhhUzXb3MHUKLj2LtxQ2VWiQxUDW8SNrIdqlgay_cGDTcqoMxNDn2z83wyavmUDnajmznIz6V6avuHnMO22ozXd9-mitUdLdAbQ-tTO0ziflSV_Dbe8xdp4fX84gaFNXGlVIMOfZcYSvYDcaKtS89c7OoqqVbXoZzrazriadgmYhdoHUAcV0FxNI5lZ15rgNjKYcf5l2WazuGe_twWq1_EX8MxD0dAKHkab5vgfN7rWS70dlZdxBpvC-57xoctPXIU5ueYSlBGKDfpG78PIcS0og12_5-StpECr69jb7rEYXtZnCxVkMDfjvvGOELxlDuCX5mnsQPs7VdlP3nunZ54YJf_AAAAMfWAhOP64csgd-LeAzoipzSO9vcglJVgMsYqVhjRton880Q7VvXXfahzewpsh48kpYBjP76PnKt1J-eaccoEzAigLHELxrlW3WCwneU5d7_0q2B21MfbSBwy1xCDDkzxwOIz3VUt8YtG3SnrGdL3bjbB9Wnl-h7hbKlPIHWBXmaIjqbjHcf9aRTJLSPsyjkOsIyJIYVsBIj0qByy7NqsOfPa3iq-PGC3tByu56Nyx5Kzw_fNX3yjrCL3rauomJ6RaPBQi1XuhmG3dU8D4w02QMcOmFNmTYmLLPrCzOwGsBWtzvmR4B1fmlOFyBUUPWga1fte98Fhw7vlp7rNMbjcsDlcSSpIRMe9p6SVjCZSKXwA_yubqCJXuZK391iTGt_xpqtN0E1MEzti2y1ssKxOftPQqEox9IeqWtEkzIxasuEqIOcPn9cKE-vm_Re52yRq1xR_GHPEduQC6v1s44jmk3GpNQ8rIZfQSN5fIk5lLSi7gzcSs5-sEOTUKq8r99UqzH8zv57407yIRH27sCaHorXgtbJhZujiUpmjFFWD1UBdgzMc_TPUDWKlXzn-7oT-w_7SvAsJwyfbimcuCWT0C3CfJBETWCgjioym2RaqbgJUwapeiKxvIeL_VALraXu5Levw2giW7EbmqviCXZwArN60P1BAjUy462c2V-tfW8e9diMTrC8c4hmSrhUP6THRfjKeb4TYtZYLRs09vKSfCq_ltfe6kOnI1y9sixB3BuMOaqEwcDVYU1Tz1JPCkgUif3aFTm5eIGAmnJLynh4ZqsNSYRZwvxdbTtp-nnL9DrXl5LrwBUm1EDLhbizAQYihjc1EdTYVSWxx5yxBK_TFx4lr6x3a5Is-sVPiK97cKcyfQ3SajTLfENChjpksKmMPAy2xDga14SjuSGjyNDZEzG9dVdkMk5_LmFWMG7ap3yYvN37QB_fXZ9-k9KnrCV3mF_60uffVDcGM_B3FpsA_0n3vGwjVvDWddLSMbls8HqJJMPELm2dmjYpH9YjxYg-WR9USdwgN_sY8nAxm67PYbSWu0smCvztOdlC4oT5b919OveRsXWPnVWX8pb6eP-BsSb-WQMuiXfeyU2AgwUzTeuuwdR7giYe9ZSxHtdObxe7FiiEzN2xtHgvZWJJBjLyaYkmM6o5kZJ9Uks_ahBaFQZ3Dqlf7Kf9heFZaTozoZtYC1F2DILGx49ps7TEV2Lr9bEPYYOKOwL6lydS5ECM0cGoDpAs8CbJETZFdHTwb0TCp_pJkxGZsqqgbY2JExzwfFJxv6rCncPTcgjSTiMlxign15WVl4iLM085uloKldXLGrNCmMAW4akhXTGClvqvXHtSrqsr-CSOYEuPc1CZvPKEwR9nIgdQJigPzl6jzDhnq3huvQpJ923gZAY7K1hWV4BEyK8hCVy5Omn2snWpHp0w-TIM1pBm4xHnzeHd6zr-G40sTjzya5P_R7BXlJT-f0EfSUBGaoZQ58y1Ihimck3BzWI3PiRE8LLtgdw2V8OUtaxltPfIx5sjQyKVdiSIiRYfPTyr706Hng_L2mCkSBhM1IXUDrCWUle-ZnCAeVscWpN1hfSNcQHoKymxq1KQ4XhhtdBsNPemiZ7oVB_YDetlXYUupXQ91JIwOhhtXWqbgIncXrJMF1ZIZNtjMyq9qAXkb8oSMr7ZNo6NjT3zPYu5MM_F2WT9HQNv9qBxCJ3g2VhUtia5D2cLhWSzCNAtjfSNvDE2gKzOhGiviaUsEPpVbX3YlylnPq7tg_F-I82BrYVjyCtPMUJAniYee5ySceSZ3WBZfFokv3wD0GnScQQAkQaocu6H1EH5mQmwB4gYGIpQbIG8JS-FAGGJwplwohI8CLCGt0XEAhyKFwiFJHxTESrow6ZgMWb10NeLXlsYyUE_taTFCeL2dHTygsui7TXhwsp4vQUseU6RcnTZk-wv_6t3_SijIeR8b8SOwuTQuBUPbkuGgGM0hfUSBvtiexy0O75B3L-ug6AK2rJfM_4z8z-w2FFqrznIClWjKHgflAf1V0ttdkyvY_kCWr6YMNv4nOOFbclwXsBFyd7yR5apVBBXhKa6fuKtzQBY5y1pLFckp5R5h7_tWIpE57WP8edH4hPn2Cba7Ovlm9Jme5SyLIBuLCWFf6uVtV5yoaSgOSREIGuLaQcsYSLpwdQHs5DqEE0PmybGa6HhtdwDObhNVcX9Ki7BU3vNK8Stl5IcP4pASM-GL2c2hzJoPYp-gwc2V4QR1Qq-yFSC9sAP7DhiLnuPKhtdSWrh4hsy1E6mk4l9tlrBuUCwex3la48enCEhqPuVKEislEXEGwDfGpzqOCuTQpmvHn4fd15ITojX-IQOEejjXvrk0LvCkPiCstt6nl49Av_mT3_sZumHf7daXFGz6mEe4ZhACX3DJnPPH35mSe0XsQWjAsUGGkdCz3H8fZ1AKA9nk_Owqj1M9oex0RfEP4wiinU_zv3sgXpOQtvG46zd83_MCPPnz2PIA4DJMGC2jh0QUj382vw_KbXBo6496JCQgskpcBAHwzoi-PNOcdr1YBksecupYbGjXBHExagyJuqnMhps-7vPrz51xpxrcaUqfEVMCOC-KcHUUWieqvAtuISFxrDSPrAkb71K-LHNcXEN7fpw4gLhm99CSJL6ZksIbIpJTiyDPh3mJMx-O5V8wWDGLI5n8t4yCNlKheGkp4sez8hNjQVDAdPH0ODIikdTHJFwlgweBnrlkoM&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=3652762468609138000&adk=3062569611&idt=128&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 20:48:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 82A9 31 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 01:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:45:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 82A9 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 400016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
DATA 200
OK truncated
/ Frame 82A9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db849638a3e050f79934e47922008ca0561a908ddf68eea633f2b7bf6c85d03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame 85D3 15 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4af2ce8e90181643100e35ec94552d8204110aa04999e3bc8930dad543735e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42859
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4976
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 15:06:54 GMT
expires: Tue, 28 Jan 2025 15:06:54 GMT
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 90F6 0
0 67ms
64ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXe6LmNtANFmr1ttbtwNnDcj2w3a5Pb9J0O5A6SJlHNLzxt49sassRghAdXtgRXQKMeA_MPdW96tLPZ90PglQCJvAvx_AR0y4hvy9PpTDBBDd0rqAK61RB7QlyhuQNzVZL5BNXDimttVBtBNHjO3Dbvl-YHi_kcFmcazb87C1CZbeMQiRg8_hDvpgoEjTgZ2R5-Eq7JTUO8wWd_oI-b1-fd9UlqpiRe4oo8TTfHLvxF5KZYZwihcNFUU3-FwnpZw6Tc1Dn8N_VK2c5AA29HavNUktqyTpmhUrp32jfz0Dc9zoB2eJK6P0fNLaj80yLJvAXwKCRo9FPimXfdjHHS3ggrxhzAuH7ljsf0ijS6v7prT4fSOfowe1SSEeRjQDKGwOck0QdgPeYyQm9Sm71ZceFB_Fh9iDkx_dv3EaUyKHxP2NoK3HxFqHytfjJBUsXNlhakBlqqTrPLpPXJUyQpgmb854cZc8cLuXycRnE9X0iJbZIntGzXWdEIl5NbBTeg5P6JoR_ODKUTV6vYn_3gtN9vq_YIxDE6-qPKhjTckIBLPWc7erVMnVMbfdnZ_9tK33a6N3MwMzxk6PTConoKIx_djIlRBH3URsUGtPmnPORuRZB2u1Kz8HIT4o0jvsVppX7y0JGVLh9C5FK4Uq9k9fuNN1a_fmeu3R2-cK8cTfG4NskGbfPocU8SiUsi1cPojnqKhCHmjP2CsK25o9o4zuPDTXkup9VT7iBjO6lv4KLIcEszFOm9VNUmM2NL3PPE6EZE5a1CbPgq3oWdDs83JzHs9w2FBobBxt9AHL1uPrB_pIDzpEhLEQAYZBIBXOh4-LtGXjMR1piqurs4RRH-2R7Ohj3x16KOvFxbIIw4x5MxRkYC60uhoXl9vXq2QsFegFqV_p2jrwCbTWrYERuworFKZ0nlGIsaqDklFk1AqrafLMXtlRh7wD-xS-DxngZlVK_abtHcf692khsXCnwzmUIiNKZIG3a0ijAmN4pO0GAS8gqVA2J3iUX_Pn9ojKufvHOurgxDdlG_j40vkQ5WKA8TostonxF6n1BRbw6kmHA22mUdjenpTgHguUhoFXyQi7IRLd5Bn-ZFvGj3LT84e4i7EKf5IFQigbVx4WKQS9CMrmzir1M3bSZzhoXHV5DeCk_rUlzT07cOTIpCZqnmEpvcmL-eOzOBGsXlKG3gA6ij1nMOoF8gupBGx94V1YnbqzgnY7fh37pqFMgJIUdaCEG-3jPtU7C5YyWUmxLhc6EhZU6utQFChXeVaaZAjINI1j1y3q2nLJz8HlHrwuXpsDdaaHhRdqT8whbIwSC47zs7m76d1L2axWI9RH8Qps49D1YovC9TcPol-s&sai=AMfl-YSSU0twXjbOvIZCKFiHrK0K3tyV8UWR9MQRz0Ijj58UZrKW7qM4VfP5K4KRlpeuYF5VmtHTIRl_sfbC19OrxQIrIdBlOlLmW6B4r5tZo_egIxnXpo7xNBzRUodB88xogMEHs2-5vifEko0TbtCqiXBJTde-EAJuaizwytruWLXF85FG8yvOIaFwrCoEDSPSRDWM_XPccz2a2sCx_Ne_7c2Am2pyn3JEmXPb3cdtpd_hGUlJpTh4iI0QrwAH2UTzqd-fIx9Fhz1NQz7o1bNzfDm1OkuDdS8vc0ssXA&sig=Cg0ArKJSzLJdyo08KCXJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=154&cisv=r20240122.88968&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 90F6
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdp...

42 B
733 B

124ms
124ms

Image
image/gif

34.241.81.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

34.241.81.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-81-135.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-09a33b2f9.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: bVrdzcI6SSs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-045ff60d9.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: yXDCPvjYQl4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2516992581&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 90F6 43 B
1 KB 249ms
46ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015808167&extPm=539824499&extCr=20952930895&gdpr=&gdpr_consent=&rnd=2516992581

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Tue, 30 Jan 2024 03:01:13 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 30 Jan 2024 03:01:14 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7B21 111 KB
39 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:09:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24720
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 20:09:13 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 7B21 12 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CouJBL59pkCG54gQAJOwLsNFrtSM_NlEpVTvPpYcsKcokzs09r-gFaABE6iTS2AWEwyf05ze2Nn1nLduU6SN2EuIZdo39YpfmWsyXobzMYf-a643qMBRXY7csgb0sFKTUTPY0GplwzUVqm6Lr75xEdCS_XbFMyFtlmPuDxlD-vHtMy6o0&dbm_d=AKAmf-CAk5-o40AJPp0czQgPz23xA7MJ3-YP-S8CcvOvKsU8EeqJmwE9x6jdBP_m2h93gCCcsmUqdmIWGZFGLXcJ7GxSowuSphKRxZ6_hKwgY_z8DeZQwS4r1C2jZ7U8u1OKnijI6Q_OJaItb05YxBeS8Q5YQsi1vvjTBp2HfHjDUYownDqt2zdYKSR0k27IamABb_0MnMl1d1oseM3P-pVj1htq0e4UiRbHEG_2uyRpPCRAk6fL3GbZ4U8OxZtIG5pL69gWGdTDyPaFEwfsuIb9VSaYmNvwfCVmq3eFafPDcxgTEHP7EXxL8dlKiEG2vAOwYvBakpLuHEk1wAk9rpSRS-ddKEygm4tBwycH-ixZ5n7K4B5rRELCB_Oo3WG36IX4K8g5VsaYaXp-8hrvlwj-_BJcePpLmKaHYvzGBTmmaEihiGSy6fQe6BqZPE658DyPLmRJTXqjBRAiGM-TUc-IVrHmlUyKlpxYQpu5cIBeBXXTRPlYqxVl0ebA0X8CU4csH1eso7M8KlaVrBr0xdwuqyfD1T2rogQ9H6LLjrWBemyFe-7dF9cuS65ruy8V3Oe-rGhgcP5sS9Ah7iVcvXzifqUFHhHAm-VTecawtLuerwfk27e6WKs7RjHCidYNlZGVjYEiXLJfjl2Kvu6iErLuI9d_rV7TrYNP7M3fJHbqQAr6I9eZX-H676aabN3H7qj0qGFa-oE0FRj1C2lnRVgm3uLeAl6IFmBBe3T0I1StWH7Q-0zCdEEE9TUWETnoc6kr8UN39XIX1VbI7EfjZ8HB_vOvQcTacpRGpzPlcz7e1rjbTrfE930vD0ZCs7jCtyLUivTLZpFgaHpHLO3T3Au3yQ8DYVacpe2Tp4pi_dTl0zmkDva-21W5G_ZwaBT23vdELgBWWQeW_oyUWdRj7DDEZ09FERYixlVYkF0eS9nrEftN3bGR3NezGe5IoCm5s0hPLtVqPjw9H7hlcOfEsiEYf_THyrrc3gimsSojGvPUVyZmwc3yY_KbYsgjQ5PhSxnP566pjC7j6uCg329U5Nx9qdMQBuMI_KVAaM2YafYmFE5gDKcLOvK6JqWfi-ezNuDvfN8-Q09OAOIi9cHvS2ZjyKjgNDiOj2Iu7KJLst23IFSyfokCUYp629CVp6iMFaqR6TbOxKLytUgv4fDsQXl3bf7rsPg6ZfN6fpQh2Fjoh7M35utNaRTpz0uKFMzeV9QnkPjg_zv6lJfOx_d2ZZxRVbsUlcT14C2OTTEgJditHaJNaoSGGbeYd2WRWUX2ER_DYNZitToQzkTk8i0pB6wSjBswHXbUyFFfCOkRZWt4-bpLHqeCn6-nYX2lbf_8hdFkw-XhQYN-hJGbXe9Gki692w7bLy4tDQMXCa-u-3jIZw4tAzBMVnjMO3BBmuFMfahFqIMGfVD68hLfr48MGDYLcwRYg6gLF2WF27DvvTqz1sbtlw6MjqHpLpINj_elCOR8FOdhrkl1WRLZetG2vIbjmWfO_xKWYJrXMGVoCrQOYXxr45CgjSu_mNJ1o3kYC9VCxmnq6nND5qfXLpr1F60OmYJI7SmeV0grHgZ2w1pqNzULk4uzTD_sXQtRw6ApT-fe1278VRdfGLMTX_haJD39qTNVN7c8NfJDZ_06MASY1U9iDU4JqBwwSHK9LMaVEKd4TMEYS4rU6dZUHYwtYme1_q3uDLdfb8s7FBbtCgARX0xXwSvYSb4GGlwCtfCC6MAbkJdUfB236cBp8xIuiy_IZ5iW_Fj25W_q1uCONyMh5WsIiemVBnX6YCsPBOxAwdrCjA5wmRgCAQklYOTmBisNYk2vdaV3BS5V9r6USWEROCfDtwErP9ozXzQaaOAwkLfVN3hI5vrN8qGWEmbCDjgMRre2R6CDzEiXRABtaxikAIoES50Ig6xAISJ8opoDTtaSs3XkNyqJqV3MxlcuW4g23HJ838HlmUcj6zc-X2leKhbPLnIHnF13QV5eyyFTw5Dztd3yj64NuquHR8rC5FJngEP9qRtDPjBvjN1T1WqWOzW7De7iYrrnjzZqgufss4xvGB2InIyLKFh8kAtBuC4dLbMarzkLA5JAUc7874CXho0IPrSxQHUiT3EipC8x7r9ACCX7dQtKwf_K_jqo5W_zxNyD2X0AsUe9-2sSYGA--j6axDcny0SHIG0zA_xQeLDPqsH4GF6l47vMErMJu8XbNJSFuSRXqiae0NNXWpPMTs_3PlnXl4ZJPGgdB1rOH-wa4_W2VFljx5j7HTfBY7SKhi2PcheYzcdjRWx8G91pr4SRpNVaMW3sHDNP80w75M0eCjufMDodxGgBDaU5DSeS7LHYYMvtul12anwE2v-CMZw3lAB0EvtZ1jhyjH13LhLrC88g1Jr9CITbI4nzHtuWdH0dzwqT7pcDBA_bVoQsTpmUk72iBBmrIJ4vdjtJjRQWC-0tdua-K910Ji0dO8ZMoc0X9ACkaQn0vGduER_LK7kBEiWYQbUaAoP9VIu1sr_Ndic3PNVEJ6HbG3XchCSW_LCW_aXX-JmjTtDwFEQ4TrU_NFq0yb_BOKySQIZH-H6PASjMOChrO4yfQeXrWXFh3DeluL-rDyF2qDNKRo_I8KbpwOqW9rF-Mpqzt5SenTVAFgvinC2lO6wHm8S_AmLdziJgX9p_1LFIweSzuiRoQxNbsdkLZ2lRCQZMblsgM6LHF4X_guM-YCgIvREZzqxEFaRWdP9zrsCcbvSeJHZRyr_RlLe46LFOomZUJ2ET7753qyGigna1gvgFv0oEEMSlnNpFkC2FvkLwstLrtHD0s7ZrBUj4CRLPppV44tXvGJ5i0HnmxQ6s2R3-daHQNRr2wMKPFxBNaqHA0X81CC5BLD1LP2bI_fXYo2wtq7drpwUAM_HM1YJ9woe22zqZpi4JR0atxTJs2HuK3XZzETHPm7Qke_3WEs6-K61ufQFPE3W4pbMwl_qQxwWjEKHAa2wI34LoX6p6Z_PYAadYPLydCbVaTRSD7VjQAcj7oCWGnhhoL7-VnYay9_0ZhzNjq03zvi5BPha90aCUzt_50yZOg92-0S5SbzzU4hhnLNoaVdpA8gjK5PYsNzIQlv139UMROGH3tCuYErxlSwVaHFuyDC5SEOMP8ufm98XVO2gbvydbjTizAxx3CeVeU4EQnhzTbLR1nCvQY1BjH5dVLr4AZaupbFdZiJ-68xrxI85D_VkXIAtLg3i402nwQ1JGAP0rLY_JONT-xV8WKIPB39s-cxHKQaUWRQknFoEATj1nTPltYUfXzfkBZpfNU1X2kmm1EWKSoVI11GTslg-KjUJtnQc1iGXTE4I5o9TOl6X5Ci7nIQiFt_RpbO87sqBn2I_bzB4jkdXgvanof_pxAyizk5-1aMu1rwvDN6DXOEYylqja37XhTaJX_mHNAEGKBh60hFjWCT9oMdWBeQtUp29j2K4AfZbP9JETMa7g86Hn1U_ltJVHk3lzK0AlO0xK90_o5r-eKvIChHrUF2X-t_7iGhoeze4OWe_FIE8jYotgTNUnV7XFkQ4M8gpUngFNCBGaceKJISLukIiezglz_wj_vJkLG4AFB79q7W4tYTV7vMpaE0OuKo6yuwSCjehS-KHUJ1VqCrl4XUj0M7vlZcLsoaaW6c7OEwZAgReI18zutLE9tGi-Cn2S-3lMSnFPo_pJmtrJ7CVS7Xh9fxrFfQjZtpKFt64Rnbk&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fgta.nafaixa.com.br%2F&ds=l&xdt=1&iif=1&cor=9800913799140782000&adk=2515327513&idt=159&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 20:48:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22349
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 20:48:44 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 7B21 31 KB
12 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 01:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Feb 2024 01:45:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B21 41 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 400016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 78C2 0
0 63ms
58ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsum7mvOSMkYHvnB_TCarp9vRDiy0vy04pQOg-el8V2jTkctJtl1wTnjteEM9QPdkFwwS2ldigH3nEUh2UrAqR1rBL1Bl5KTx1bfcVMBykNH_MCuihnhMqABBX7g6oExXGL4otUXLR7p3MIUqqsovG6QRleKhFJQNiUComs_Q1urtizJbHclStOcjlKo3Zg2xwgSFV3UePAMmi_oNkO6WYu42F1vj6Ij8SeovZqeU3NmHsKda8OQ7N7ji0aoh5r-I0uB8u6A2TCyDmMlidE6zsSyDSIZpz8wZlbJH13xaIYcBptEjlLBcQKT6xXRfwlxFqSZvR9OkZ8XAv4haZJaVneqVis60uTtH3on02oZIn1YNLZJVAssUaY7KTaZyzD9Q8cCc4DiBrOaZap6DhArPT8kDD4-wPUM4IxKzssp0t2IOVMKBk0VwImvGQQbpR2JJc0FJ-rUMt3L9YUQ1vp0kVHw8sO56hw7rTqrCRgnwXii0FPgL28FsmeyIskIZwqUq78HSAu2XrOmM11GYskIfFWphMwpEOssWm-u0g5oZeSfcjOEK-ubuLwP2VZm384XAPyvfHXLwnTeCY1CXk3EMMFeVtlicg6uvyo0U_fNdQFybpiKw4s0cwaB1qvbyVfAv6Z4at2ZPUUE79S4bx6oxhJESgJ93JRSn3JPH9CFkENBQOvFMQGZc9ANgV3QSLaJJBGedTJ0Swv5Z0V_ObFjAhmIh1OhDOwIc_h7oDIpaUxRj0sn47Y8d052gIzPqm6s1oauf6g_go25xdz51lv8IGNkfju41EyXcF6G-WmMUiqXNJXQzMTh-yzIo3MW8F095i3WOtkDJWRsmyYqDusEbuaXVFcOnZ6ZdVaiFZBTarY2e96fVi8mpZRwe5ujJI5u_-B1PPGCnhnmMTD2bMKv315FSbACaZLjg3DQOaVD8IhSkVhpmBJZlutDTAAVD-6fhIcGrOZFr7xS8GmF7BpL8UZRXBDO3-gPLEqfWiSVQzdtfPRbX4LICgbt6XVedU222Ab4sZg_5dBBt5Ob8dxqXRpOMJvEQDYspS_VUgYEHBO-VDm9s0IcGl_RrRin88GVzswwZ5a-3b8LqS6htTpltwuCTCKYrOyRaQrrC644sVk8lL_hVcYPaW8Zsa_2UMXk8snufwTRgC09D1Az9RHhwp3u2S0S-niiw1QRc4uPfzW8OyqgsTQbZRB4L6jJycz-Lu9MQUlM2WCKWoPhe3s7WIDhuOJeYSZY95lZFEmnk7x5SuWU0TX1d22Qz0eB7UVEcFJY6YFqELgi-o_tgfXGIP7FyYg1ZfMeOKvXbnCs6WPn35g-Ivj01eHtoHQDf88cyB1uHSyDEJ_2W_AUI55wmiw&sai=AMfl-YT6iN2ObPd-33MkeGlClAmmx1P5uqFpFkbaRYFEo17_wIyDO5u1YE0O8ipA5cKaLLuHJa3bfijJq8oOempPkEoEKXaIWa6-7YjJ8UkwzK4H3jv17MwEytOjrAwNofln-PVfk-De5zhk7JhCoTXe8oSnVVJp-8HhykxSnST2iJTgU4K8dMd7cFFgw2l4IgbvGqdg8RdZY_p35pF1GqgO538n7OL0jkKWoCP33J8J21PAlKp8oU0hstQ6n7_dB30XlLK56BxAHK1qgGvuZKr7M7xPqly2wM4ReCn2yA&sig=Cg0ArKJSzFPtkdWdvG67EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=490&vt=11&dtpt=366&dett=3&cstd=119&cisv=r20240122.50189&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 19CD 38 KB
13 KB 24ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:46:45 GMT
expires: Tue, 28 Jan 2025 17:46:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 393F 39 KB
15 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 85D3 236 KB
63 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:01:13 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 55CB 8 KB
6 KB 110ms
59ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7366f12d6bb3a487d5c57807d9594a6788ab0145612240db716c71356f15ac66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6047
x-xss-protection: 0

GET
H3 200 07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 55CB 35 KB
35 KB 30ms
29ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:40:46 GMT
x-content-type-options: nosniff
age: 12027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35612
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 23:40:46 GMT

GET
H3 200 Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 55CB 1 MB
1 MB 34ms
33ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:54:25 GMT
x-content-type-options: nosniff
age: 11208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396163
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 23:54:25 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 55CB 5 KB
2 KB 33ms
33ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 15:12:17 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 55CB 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 15:56:16 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/9813938113422845581/ Frame 55CB 5 KB
2 KB 32ms
32ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9813938113422845581/logo-d0d80991.svg

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 09:59:16 GMT
date: Thu, 25 Jan 2024 09:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 09:58:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4590557111927187076/ Frame 884C 15 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93873af7a813c879f0cf347e3766be979509b08ce5147646101e1a5fb1f6c84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 530847
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4973
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 23:33:47 GMT
expires: Wed, 22 Jan 2025 23:33:47 GMT
last-modified: Wed, 10 Jan 2024 13:14:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82A9 0
0 66ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJ5lGtRLjq_guAY70PoAMl8OHfFc0ijm1zKr8uU6VHBJjTLY0tnfHgSzXWuzyvVkP4M7PIy_Yn0KN4xLQMgYCvnPd0szVT_LMwJnxmeB0LK7R99swClcdc--DZt0OlZzdRd8evwxo_1quQBEdheEXGxoHidkhgqIRbx-vQFphyWwy5JzM9hbTjjukU-1fWHKe_Gh5FoAZoJpAxBSKFJgx9_KerKWg1P-VZ0-o-tQRbXR20wH9IpWaVXtsIUmRcOhhlnFkV8FiwP7AyCJ9Sv_Dig8rNvLffMaqSTEMJSqr5sOrUVgLT4SQ8gwUPDftdMMgtzygNUx-y0jEnxz5FaiOWEHHaZA1WMJt9HVxz8bRNpfrgkASro-ji-6CkTA0mtQQqZulv_ncqYYh4qi19tn2vyJApa7k72LQVpCJqlOiuYOmOVpFoilS_3YlDrwslm-fT3WqTZMzTsSdgEetKDe-Z_9FxPdPrt4YE3ICWjrM3thaguFlvFk4W_RkMOVA_Dagcq1gO8XSI_mtN9jq9AC7ApVP0eqK-XQrKAF0bTNlpVkZngcbswSTuSu06QEwKNcX6gxakI8n313k2q75XXrZ4x7ATg9bhpr3pWmu3wQTrJsyMK6olZkbUZ0ljL6fDbq-T6ZXLa5oApR-mYM6df8KHI5AVBCYB8QPbjcDvfGW13PrREuAeH0hquTphkezG1Cph5Wno1iLZJAUwyrSM3mGz3d9OisvtK9lDvE0aoPw8ab54dvMJygf3CVXlYi9cISsyTwAAETjjTW-AvUnibtVKBUcKAPx1D3W-YTiyM5zFDoSyAoGC2OtKWbPBbHZulUU2PfMjXfKlcoduWbvuEh9yD3rFcWLZMU9FXZ2G5aMH6BDNh6a5Fn9uUp0qctxrHGa3IhrSj_JbO5Zpkh2oQ09oM5xp1RZKeg5yikKUHqItk0QvRkUUUEk-5VuDkUS10EnxWHq_cYfBWGuo6v8r6szZWlodITOTz0fgp_u_2P796-4q-FO5GwlNp_pv9vJF8ZDPy_nPfLyNZmdgSUydyOwN5Gs2r_elNIrsdAap_42deN4jZgW62Y1p4YoXAxqOG1-bkfgKf3U1sNRIXQGu8jZCqhrhrBANho7XY4t4qK-6QV5wXhb8uSHnAXY_MuBEkJUNzNg-lzCn22HpwsYHnI66PgNC-aOYjAEE7HLDL5hnmhyGNDq5Gml2_Cs5STYHJar_mFHO3lA1h3cdJkpaxtxbCNsfkmaJXIQngmL91oivVgrJPFa9G3cIzRF4QQqBZ20bNYotDiDuD0-DIWO5plt55nFLGLLxJT6iayaXft5LwG4ffdBnKf0VrW4f-lG0GghcWr9nzzPxEYdi&sai=AMfl-YTJpiQnoOrjkh8N2Ll1V3_Fv4llVI8YmdAsxYqBpEOYZmNUTr7xd0z7AZ1Y94bK5--HUfi0_gWk--22yb11gjwTanqx6di0hC5A0VUYdiRAKByDeDLIn_aJ4iOZXYKCZ-ktSb-r_OGj0bVTZShDiSsFTLHoLpOe_dxnfG5Qnr4jcSZUely7BJz_WvPKv-FA6bGTYn4ct5O1kmRd01txJdyi0KyPs1ux5YVvWFUMUqta6kwwxXL_aSUiWcKFQRiPt54dIL66b5JZq-1XhKcpceQiX2mEgptc2_UekA&sig=Cg0ArKJSzAjFA5l8F7NFEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=109&cisv=r20240122.80702&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 82A9
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdp...

42 B
733 B

52ms
52ms

Image
image/gif

34.241.81.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

34.241.81.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-81-135.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-077de999d.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: CEq91bHOS8Q=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0994aa89c.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: gctg4616Tp8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208164940&d_placement=383396883&d_campaign=31049608&d_bust=2404865528&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 82A9 60 B
60 B 177ms
36ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015465496&extPm=538557575&extCr=20942784948&gdpr=&gdpr_consent=&rnd=2404865528

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 03:01:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 30 Jan 2024 03:01:14 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 923
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DD50 38 KB
13 KB 30ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:46:45 GMT
expires: Tue, 28 Jan 2025 17:46:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame EFB7 15 KB
5 KB 27ms
27ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4af2ce8e90181643100e35ec94552d8204110aa04999e3bc8930dad543735e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 42860
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4976
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 15:06:54 GMT
expires: Tue, 28 Jan 2025 15:06:54 GMT
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B21 0
0 63ms
62ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpO2zlvRRHLS7y7ApAL5nCOqBGyiJQ4dBOBUXqKyRf2mwBoGYU6whNcWp4otwPfd-wRYqAzMTUyT2Rk3s1zbQ0x03F3WCMhcI96bosA71X7DzQLpxsez1mE5165r-XYnd3-L3uDd2-gvHry9mauRO_L7TTZ_cVdYLWpN8nJrqdFVA5dm8taKM_80Xk_XLgmhMSmLTgmdFqMqhaHp4S_YvkZD3RF6aznoaRQKBYkAweogikZNcGijzEwlx_pHL_6ZZuDyfBXxHp4785HPYE9XNlqeIYl0LyMkDEnsgpdJJ6zFoqK79amwtm4CEPHYWISjuMz8n5bTaXHeXd4Dp0jlJVRNeyEK3UNmbGwpg0BSf4iUEPOW3OHxeU440a1PY-8DE5rhTn4YAojOxuvjqNIx-P1M4xrjocVmgZ4Vg5S9jc8yKhG1-XBvoSfhldC9OR-eO9kQGQ5J3tETvzmd0iqNxD39auqTsfT7-S-yUPaMsHPCP5bbuZg2cq9dH28Gzk-ByaEk9kfU7aKD3TIEnaVZj8lrPJEW20y_7aMXhhlLbI0Utm-HLUeZIyDdcf4e3eUfh7qk9OnmSgRq_0AZnlXOcxJakkIGwoS3gjzHSinQroXskC0-9Zlsx_WuSjyI3rT0KwGo92wzCAUCATgTMUOFpO32c53UsxxNggnauW42mi4bamBGmeO9-CLNUODCUPqLUcLN07Mb1NMwK7R297whMVxpTegQgjYONnNtSJv6CSK75IIStHVkLFumR6nfRZG6kNXxdLkOw82jzUZ9bsF1LAIRfC3_Hwi5ddI62voltSm8wfYb2iZTqxOvT6w8U6H1Drf3oRCU0rA2reZ_yKA7mPE-Oa5Kuay3MMWYmVeMynoNjhRdbfLeCS_HA9ZuAA0ZAvgOvPBB_clYyAtIIfywlVp4dqH66CiUrLl5phfmhDO1rIKF1VXxM96tU8YWnr6gx3IwzDfYlRUdESc9ikT8a4_2n0OmVD973pvDv9Bt3oEjNYAd9_YnS2Dn8wrWVlxLxJcbu4jupM4SWMh5moQpDNK76evhcYibTpiUbbjjSueSSsD6-5389PNSk1OjJnpKurvvVHpz54ZUj2WRz5dfidBJ1XyP9aOAqHUbNRDLn3b0ruJL5uzNalkUQnDeId1cDZiJhIzXCSF-sZFqyHG8g1roVd0HT_lwwoZ1VliYQYhlLxAa3WAGtp6JSLWSo_mgsJCKGh56T5MXDnOQ2thfU1S9DuuAyf_ES2Q_TFNsDFqwCuds_W03FoPKxB4ROuRaAYRyrqitqMiLhlAJD2EhWtWJzi28cHZBRvZOCR5kYP8AOFQTeVVmi5p7IgJw23Rp_RgE392_1LKko&sai=AMfl-YQOXea_QA7V3-XCZE905XobtfTohy0uj7Xg9BtRiPG77ONM-MXlRVXW1xhCuqwNfX1ksAdqO2PF-tJrrXL98nBnkWJmo0NV-zki7H4D851g3dQQ0zxCoz_RusYzQ0zc9To0j_lHfDub0_zl5wa-SgzYL8Jt9GzksbzwFv9yx7wEcFRJC9gjP_UkKJdpJHs7brsOwTx_0saKxqPXhS5sxAbpo-_QJNG2pOkPIuZGIwrscTLMQ67rSpHIT05O-gGLwq5L_LESjN5AdB3pKYdAFZdFyXbCTgE_1UmwOA&sig=Cg0ArKJSzFJw0lsqpkzeEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=80&cbvp=1&cstd=79&cisv=r20240122.11264&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 7B21
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2971903421&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2971903421&gdpr=&gdp...

42 B
733 B

126ms
125ms

Image
image/gif

34.241.81.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

34.241.81.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-81-135.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-08513f95b.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 0dUOkG4NTu8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-097c24447.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 7Ge9NE4eSeM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=208391189&d_placement=383665388&d_campaign=31081045&d_bust=2971903421&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 7B21 60 B
60 B 152ms
34ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1015808167&extPm=539824499&extCr=20952930895&gdpr=&gdpr_consent=&rnd=2971903421

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 03:01:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 30 Jan 2024 03:01:14 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 923
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 51BC 38 KB
13 KB 31ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:46:45 GMT
expires: Tue, 28 Jan 2025 17:46:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF06 0
26 B 122ms
122ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bq9DFeWa4ZczWFqbw9u8Phoax8AUAAAAAOAHgBAI&bg=!ysmlyYbNAAa8BdJLnAU7ADQBe5WfOOX-fmQY7sTXz5A5jWqGl8kS9rCrKphGTvZEeHDOT921KlcosPCRr7YoXUhIEVeWAgAAAUNSAAAAAmgBB5kC6WDDVxcLSXgjoF_85GO1iDL3HrEdQ_nUE_HttPnSUTZg5Ji1nT6fYkCpL-2i82c6MKB5l7t4JQKI_tL0m3kqeeYS74CVVWMC9XinXPCktnDw2aL1H2cM6wXzjsY6lTE89qN7pU-tdN8w6x8ldNJU3LKrEnFK_ubvuTQnbR4oomsqi3SK3qTPQrvrAOzZKlcUtf5e5rasKFsC2f2K8XeLcWjrV0b2zQQBL9F36kHaQ339e8kgZEM3jfo2jFHWWAJrSp6lf0w8GDCNrRUiVy_VfF7hRdEtootj3DRcXtgQY98pt38dQN-lq9T56ibpJBvbzal6hAIGHAkvtqbcvrEkYayZ5aUXFPJcJVo5HAPIRwTBrYF62uaY2oy6JI2cud-z85ijPbrpuumtPcsbW9rkn8SEzwGtDBV4fNby4YoIRykCRq2o_lMhi219yuFGm-LvF_H3F0humtuSDRD06tmMo3ucACQiRgzvzjRL2F5Oh4WWPrJ_PUs64yKBkCV3W8xSWXR6e756w8Rm02gw52a9DPxJtin1LqvRE4VTCw0tZbQUJHFxuu3NJQFrwlZrS-v8QVrM1Z8_ci1wgtVxwRSHplh5AEIVjDiyXxon9e-BQZHTz1cJ1HyAa3rxC_7owLq2DPQuUvicRsNsAieFp9uXBv4rdHS6FmK7_9xFa9WtUR8j-O2u7wScQqymv4FCS4Ozom-l0DerAsUjhzd3E4-PgAFczUXWqZ-DudbbwfUNaDLTuH1nxMGeApphJCtG-CbU8IpviZONmHU78LFFlnkpYZ-NN6CozGXJMfdIm3hdOwNiGewTdQOn8xAiM5dZn8_-3uRnOhCBQohrRhfL8TzSYqYZLwPDh6P2Twm-3BXKjttYPic1VPt8y_jPL09SCqezAcFFZb42rdXYoP-Ew7IY05sHuLyqlBr85Mp8NtMDJNYH_iuuYiPnn12mLFn0zUN5A-H9nhUnc9HxYHHR01rK01udrYCxsniJYPM

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 55CB 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 19CD 39 KB
15 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 90F6 0
0 65ms
60ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXe6LmNtANFmr1ttbtwNnDcj2w3a5Pb9J0O5A6SJlHNLzxt49sassRghAdXtgRXQKMeA_MPdW96tLPZ90PglQCJvAvx_AR0y4hvy9PpTDBBDd0rqAK61RB7QlyhuQNzVZL5BNXDimttVBtBNHjO3Dbvl-YHi_kcFmcazb87C1CZbeMQiRg8_hDvpgoEjTgZ2R5-Eq7JTUO8wWd_oI-b1-fd9UlqpiRe4oo8TTfHLvxF5KZYZwihcNFUU3-FwnpZw6Tc1Dn8N_VK2c5AA29HavNUktqyTpmhUrp32jfz0Dc9zoB2eJK6P0fNLaj80yLJvAXwKCRo9FPimXfdjHHS3ggrxhzAuH7ljsf0ijS6v7prT4fSOfowe1SSEeRjQDKGwOck0QdgPeYyQm9Sm71ZceFB_Fh9iDkx_dv3EaUyKHxP2NoK3HxFqHytfjJBUsXNlhakBlqqTrPLpPXJUyQpgmb854cZc8cLuXycRnE9X0iJbZIntGzXWdEIl5NbBTeg5P6JoR_ODKUTV6vYn_3gtN9vq_YIxDE6-qPKhjTckIBLPWc7erVMnVMbfdnZ_9tK33a6N3MwMzxk6PTConoKIx_djIlRBH3URsUGtPmnPORuRZB2u1Kz8HIT4o0jvsVppX7y0JGVLh9C5FK4Uq9k9fuNN1a_fmeu3R2-cK8cTfG4NskGbfPocU8SiUsi1cPojnqKhCHmjP2CsK25o9o4zuPDTXkup9VT7iBjO6lv4KLIcEszFOm9VNUmM2NL3PPE6EZE5a1CbPgq3oWdDs83JzHs9w2FBobBxt9AHL1uPrB_pIDzpEhLEQAYZBIBXOh4-LtGXjMR1piqurs4RRH-2R7Ohj3x16KOvFxbIIw4x5MxRkYC60uhoXl9vXq2QsFegFqV_p2jrwCbTWrYERuworFKZ0nlGIsaqDklFk1AqrafLMXtlRh7wD-xS-DxngZlVK_abtHcf692khsXCnwzmUIiNKZIG3a0ijAmN4pO0GAS8gqVA2J3iUX_Pn9ojKufvHOurgxDdlG_j40vkQ5WKA8TostonxF6n1BRbw6kmHA22mUdjenpTgHguUhoFXyQi7IRLd5Bn-ZFvGj3LT84e4i7EKf5IFQigbVx4WKQS9CMrmzir1M3bSZzhoXHV5DeCk_rUlzT07cOTIpCZqnmEpvcmL-eOzOBGsXlKG3gA6ij1nMOoF8gupBGx94V1YnbqzgnY7fh37pqFMgJIUdaCEG-3jPtU7C5YyWUmxLhc6EhZU6utQFChXeVaaZAjINI1j1y3q2nLJz8HlHrwuXpsDdaaHhRdqT8whbIwSC47zs7m76d1L2axWI9RH8Qps49D1YovC9TcPol-s&sai=AMfl-YSSU0twXjbOvIZCKFiHrK0K3tyV8UWR9MQRz0Ijj58UZrKW7qM4VfP5K4KRlpeuYF5VmtHTIRl_sfbC19OrxQIrIdBlOlLmW6B4r5tZo_egIxnXpo7xNBzRUodB88xogMEHs2-5vifEko0TbtCqiXBJTde-EAJuaizwytruWLXF85FG8yvOIaFwrCoEDSPSRDWM_XPccz2a2sCx_Ne_7c2Am2pyn3JEmXPb3cdtpd_hGUlJpTh4iI0QrwAH2UTzqd-fIx9Fhz1NQz7o1bNzfDm1OkuDdS8vc0ssXA&sig=Cg0ArKJSzLJdyo08KCXJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=345&vt=11&dtpt=189&dett=3&cstd=154&cisv=r20240122.88968&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 393F 0
26 B 64ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZVRLeWa4ZbP2GODhjuwPsZuN2AsAAAAAOAHgBAI&bg=!IiGlIW7NAAa8BdJLnAU7ADQBe5WfOPRv8mH4_cuF13IgpmAgloEjCdGQQMXMdPg4hRtjXez75gMyV_3Hv-kcTyo7BwxDAgAAAEJSAAAAAmgBBwoAU-_m376wKK8BDJf1muP8lwkUZJ-JiIQBpNaR5Xhu_qkWQXRmYi_IV7qaWUxIF_FKmoOmjWF2BDaOs1rhtJlN9QB4nhZF2_1_hYdKXRvmRX8rvaW3mQMN4xrZ3pR247Kn7LpbML9giPGGaEDfaYzh5NgSxc3kM5QAANgCl2kDyL0Ts5t841VOoT8sviMtLAC1RgZwUbApalcJKK3iHEvDpY8zaG6HkQC2lle2YoizmNU6DSvuhqIKEuXCGIkCe0KCVi18p92_1Ey9mwufs2V5_hmY795JKZ3QdTFoJF4fvQUZaQ_Y1h8iupnJtHcDT4ELEkLZuw1XeMTFOivKteCyEuqG0GNk8nddwQdErBhAJMQq18NTlIKBsA10W0DMytX3LDHhhWVP937tSH8qRVhmSewA_q5z5q3J2nhJ9_VjRrk-fY1U4WAeH3hIW7owNl5K_LC8saWoNDczEPPw0hD37Wb0aU6Ivj-sTLAn9L9tDwlCc0nwHDiPNNSZAuSdmUGeudMzn8-lv7Bvn9l8m4Svnpv6nE7OOwycdHcYWf4T0sc3_qskQGAUAIy20Qi8EdpkxtoZgI0ckI_lpQVxnB0twgqvtPkCIajbGeDWlZK33T0eERGjIEvg9cuz2Y75clXekyV7fDGM4pFiJ3gRxkp2kl00GJeI94i5ifiHNuZa_q1Mm-ZujK1uCgtUNkaccG90f_cP72tDWRGAiDK5qjO5WMYb5SoLc5lF5lKZLmMXk4BaptmHNbeXe5qVN2aHx3FqEh5U9JFsbS57MhhIVPlMoQOZfsvmbyvCaC1jYkmebbkezJZVz68pAVVLgrClviOYaNftuyg5KsZ4Oy41xG9ICRS5dpxcp6O5p91M3pfw57f8Q3QC8dZ7dGhIlpGbeE5guw_KVjY5uqDYVNqKxeBF8jW0Lj5B_7DPocTB6g7ArdRP3gaEYFhmJ5BC7pLHMM9RuUWG0PfDJEYK9t0mER7f7bNVp83rm7KZH_g7eOCJHCZlKbxxaAhtnYd9hrTnWt3-WNDABiHsXqXEgtXmr0MYuIMyfNXcqBcjG0KuACnKvlssnIDtiBbWUdThI6Gm9pLiqYnNFBLOhwYIxJJAYZq432iEmu4GvoVEdc48N3XGL6dSa_im_bJUgU7THuz0yTVrd4cD2A

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 884C 236 KB
63 KB 32ms
28ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EFB7 236 KB
63 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 200 InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 55CB 29 KB
29 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:58:53 GMT
x-content-type-options: nosniff
age: 141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29232
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:13:53 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 55CB 14 KB
14 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:56:34 GMT
x-content-type-options: nosniff
age: 280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:11:34 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 55CB 28 KB
28 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index-66cbe3b0.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 02:52:21 GMT
x-content-type-options: nosniff
age: 533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 03:07:21 GMT

GET
H3 200 07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 55CB 35 KB
35 KB 27ms
26ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:40:46 GMT
x-content-type-options: nosniff
age: 12028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35612
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 23:40:46 GMT

GET
H3 200 Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 55CB 1 MB
1 MB 30ms
30ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 23:54:25 GMT
x-content-type-options: nosniff
age: 11209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396163
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 22:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 23:54:25 GMT

GET
H2 200 dc_oe=ChMIjPeFzY-EhAMVJrj9Bx0GQwxeEAAYACCt2oNdQhMIzaPvzI-EhAMVZKODBx2iBgkk;dc_eps=AHas8cAgqRl1vXgbv-2deG9SabbGZB39txzY1jzY8jR3vOsX1itKPOK1kW6EaNNEHAdUvi-Ps0fXFpw;stragg=1;&timestamp=1706583674144;s...
ade.googlesyndication.com/ddm/activity/ Frame 78C2 42 B
401 B 134ms
59ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjPeFzY-EhAMVJrj9Bx0GQwxeEAAYACCt2oNdQhMIzaPvzI-EhAMVZKODBx2iBgkk;dc_eps=AHas8cAgqRl1vXgbv-2deG9SabbGZB39txzY1jzY8jR3vOsX1itKPOK1kW6EaNNEHAdUvi-Ps0fXFpw;stragg=1;&timestamp=1706583674144;str=nextSlide;strtype=1

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame DD50 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DBF 39 KB
15 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 51BC 39 KB
15 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82A9 0
0 59ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstJ5lGtRLjq_guAY70PoAMl8OHfFc0ijm1zKr8uU6VHBJjTLY0tnfHgSzXWuzyvVkP4M7PIy_Yn0KN4xLQMgYCvnPd0szVT_LMwJnxmeB0LK7R99swClcdc--DZt0OlZzdRd8evwxo_1quQBEdheEXGxoHidkhgqIRbx-vQFphyWwy5JzM9hbTjjukU-1fWHKe_Gh5FoAZoJpAxBSKFJgx9_KerKWg1P-VZ0-o-tQRbXR20wH9IpWaVXtsIUmRcOhhlnFkV8FiwP7AyCJ9Sv_Dig8rNvLffMaqSTEMJSqr5sOrUVgLT4SQ8gwUPDftdMMgtzygNUx-y0jEnxz5FaiOWEHHaZA1WMJt9HVxz8bRNpfrgkASro-ji-6CkTA0mtQQqZulv_ncqYYh4qi19tn2vyJApa7k72LQVpCJqlOiuYOmOVpFoilS_3YlDrwslm-fT3WqTZMzTsSdgEetKDe-Z_9FxPdPrt4YE3ICWjrM3thaguFlvFk4W_RkMOVA_Dagcq1gO8XSI_mtN9jq9AC7ApVP0eqK-XQrKAF0bTNlpVkZngcbswSTuSu06QEwKNcX6gxakI8n313k2q75XXrZ4x7ATg9bhpr3pWmu3wQTrJsyMK6olZkbUZ0ljL6fDbq-T6ZXLa5oApR-mYM6df8KHI5AVBCYB8QPbjcDvfGW13PrREuAeH0hquTphkezG1Cph5Wno1iLZJAUwyrSM3mGz3d9OisvtK9lDvE0aoPw8ab54dvMJygf3CVXlYi9cISsyTwAAETjjTW-AvUnibtVKBUcKAPx1D3W-YTiyM5zFDoSyAoGC2OtKWbPBbHZulUU2PfMjXfKlcoduWbvuEh9yD3rFcWLZMU9FXZ2G5aMH6BDNh6a5Fn9uUp0qctxrHGa3IhrSj_JbO5Zpkh2oQ09oM5xp1RZKeg5yikKUHqItk0QvRkUUUEk-5VuDkUS10EnxWHq_cYfBWGuo6v8r6szZWlodITOTz0fgp_u_2P796-4q-FO5GwlNp_pv9vJF8ZDPy_nPfLyNZmdgSUydyOwN5Gs2r_elNIrsdAap_42deN4jZgW62Y1p4YoXAxqOG1-bkfgKf3U1sNRIXQGu8jZCqhrhrBANho7XY4t4qK-6QV5wXhb8uSHnAXY_MuBEkJUNzNg-lzCn22HpwsYHnI66PgNC-aOYjAEE7HLDL5hnmhyGNDq5Gml2_Cs5STYHJar_mFHO3lA1h3cdJkpaxtxbCNsfkmaJXIQngmL91oivVgrJPFa9G3cIzRF4QQqBZ20bNYotDiDuD0-DIWO5plt55nFLGLLxJT6iayaXft5LwG4ffdBnKf0VrW4f-lG0GghcWr9nzzPxEYdi&sai=AMfl-YTJpiQnoOrjkh8N2Ll1V3_Fv4llVI8YmdAsxYqBpEOYZmNUTr7xd0z7AZ1Y94bK5--HUfi0_gWk--22yb11gjwTanqx6di0hC5A0VUYdiRAKByDeDLIn_aJ4iOZXYKCZ-ktSb-r_OGj0bVTZShDiSsFTLHoLpOe_dxnfG5Qnr4jcSZUely7BJz_WvPKv-FA6bGTYn4ct5O1kmRd01txJdyi0KyPs1ux5YVvWFUMUqta6kwwxXL_aSUiWcKFQRiPt54dIL66b5JZq-1XhKcpceQiX2mEgptc2_UekA&sig=Cg0ArKJSzAjFA5l8F7NFEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=300&vt=11&dtpt=190&dett=3&cstd=109&cisv=r20240122.80702&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7B21 0
0 56ms
56ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstpO2zlvRRHLS7y7ApAL5nCOqBGyiJQ4dBOBUXqKyRf2mwBoGYU6whNcWp4otwPfd-wRYqAzMTUyT2Rk3s1zbQ0x03F3WCMhcI96bosA71X7DzQLpxsez1mE5165r-XYnd3-L3uDd2-gvHry9mauRO_L7TTZ_cVdYLWpN8nJrqdFVA5dm8taKM_80Xk_XLgmhMSmLTgmdFqMqhaHp4S_YvkZD3RF6aznoaRQKBYkAweogikZNcGijzEwlx_pHL_6ZZuDyfBXxHp4785HPYE9XNlqeIYl0LyMkDEnsgpdJJ6zFoqK79amwtm4CEPHYWISjuMz8n5bTaXHeXd4Dp0jlJVRNeyEK3UNmbGwpg0BSf4iUEPOW3OHxeU440a1PY-8DE5rhTn4YAojOxuvjqNIx-P1M4xrjocVmgZ4Vg5S9jc8yKhG1-XBvoSfhldC9OR-eO9kQGQ5J3tETvzmd0iqNxD39auqTsfT7-S-yUPaMsHPCP5bbuZg2cq9dH28Gzk-ByaEk9kfU7aKD3TIEnaVZj8lrPJEW20y_7aMXhhlLbI0Utm-HLUeZIyDdcf4e3eUfh7qk9OnmSgRq_0AZnlXOcxJakkIGwoS3gjzHSinQroXskC0-9Zlsx_WuSjyI3rT0KwGo92wzCAUCATgTMUOFpO32c53UsxxNggnauW42mi4bamBGmeO9-CLNUODCUPqLUcLN07Mb1NMwK7R297whMVxpTegQgjYONnNtSJv6CSK75IIStHVkLFumR6nfRZG6kNXxdLkOw82jzUZ9bsF1LAIRfC3_Hwi5ddI62voltSm8wfYb2iZTqxOvT6w8U6H1Drf3oRCU0rA2reZ_yKA7mPE-Oa5Kuay3MMWYmVeMynoNjhRdbfLeCS_HA9ZuAA0ZAvgOvPBB_clYyAtIIfywlVp4dqH66CiUrLl5phfmhDO1rIKF1VXxM96tU8YWnr6gx3IwzDfYlRUdESc9ikT8a4_2n0OmVD973pvDv9Bt3oEjNYAd9_YnS2Dn8wrWVlxLxJcbu4jupM4SWMh5moQpDNK76evhcYibTpiUbbjjSueSSsD6-5389PNSk1OjJnpKurvvVHpz54ZUj2WRz5dfidBJ1XyP9aOAqHUbNRDLn3b0ruJL5uzNalkUQnDeId1cDZiJhIzXCSF-sZFqyHG8g1roVd0HT_lwwoZ1VliYQYhlLxAa3WAGtp6JSLWSo_mgsJCKGh56T5MXDnOQ2thfU1S9DuuAyf_ES2Q_TFNsDFqwCuds_W03FoPKxB4ROuRaAYRyrqitqMiLhlAJD2EhWtWJzi28cHZBRvZOCR5kYP8AOFQTeVVmi5p7IgJw23Rp_RgE392_1LKko&sai=AMfl-YQOXea_QA7V3-XCZE905XobtfTohy0uj7Xg9BtRiPG77ONM-MXlRVXW1xhCuqwNfX1ksAdqO2PF-tJrrXL98nBnkWJmo0NV-zki7H4D851g3dQQ0zxCoz_RusYzQ0zc9To0j_lHfDub0_zl5wa-SgzYL8Jt9GzksbzwFv9yx7wEcFRJC9gjP_UkKJdpJHs7brsOwTx_0saKxqPXhS5sxAbpo-_QJNG2pOkPIuZGIwrscTLMQ67rSpHIT05O-gGLwq5L_LESjN5AdB3pKYdAFZdFyXbCTgE_1UmwOA&sig=Cg0ArKJSzFJw0lsqpkzeEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=257&vt=11&dtpt=177&dett=3&cstd=79&cisv=r20240122.11264&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gta.nafaixa.com.br
URL: https://gta.nafaixa.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
DATA 200
OK truncated
/ Frame E82F 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26839c3a87243255c0dba2864b70604c5ff0c24da6f137db82fa0853c808b1fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12439
x-xss-protection: 0

GET
H2 200 btn-down-completo.png
gta.nafaixa.com.br/images/ 90 KB
91 KB 158ms
157ms Image
image/png 192.185.215.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gta.nafaixa.com.br/images/btn-down-completo.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.215.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv22-ip23.prodns.com.br
Software: Apache /
Resource Hash: 92a1fc442ce1d2fa4f682a76c60afb3e62e1fd818983cb11648e15a1a902f17b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
last-modified: Tue, 25 Aug 2020 18:00:08 GMT
server: Apache
accept-ranges: bytes
content-length: 92648
content-type: image/png

GET
DATA 200
OK truncated
/ Frame 90F6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ee03171c8ce3e193a2bf63d8494788bd7b3120603169c5ee42e8ae78b950325

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7B21 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3984ce7490287ec00b97c8adc42e0f0aa2c76749d89dddeea8938274c1c273e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 03:01:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19CD 0
26 B 56ms
56ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfWfPeWa4Zc2UKZ7K9u8PkJas-A0AAAAAOAHgBAI&bg=!cHOlczzNAAa8BdJLnAU7ADQBe5WfOFOnYcj3xk65-i31PY2Dt6bHPNp2Fjb7AfV69CdVFZe44RsXettz6WL4Xs3AhKmjAgAAAPhSAAAAAmgBB5kDECCyEfrMfvSbOJtpQO-D8EYaMuwO-WX1X-lKfw3gBLsrh5nfU3457LV5ca2CWnQlYo-d-2PydUHjq9ftEB6MbK1EHvOBgJ-gy7VzBy5-Ws_Q80iD7DPJJXT0y-lJL95Bv2jgpoYz8bAVsU8oCiTjdr7FJcc2LKcdUfgNu9kMZpDaB3qy5L0_rV6ve7oeG5o702l1BuhaLy7O1612nb3lfem_BA7gdtLV1s2_ha44xEy_FSO-RYZr8DTbhuIgYwKJG8tLjsJlLQJdeU-1RY2Tv_rpf9GiFRwXeKxMBc0xBIMTwGv6anCsRV8mz9__f1IYxDJJ58IHkNObx5L-tEwibrhDJGdqUZ9vVvwG7mxrUKA8QiQ0GK9fobuy_EwsFPLa3lbfPTk1pmlfr_VIb18jsw5EKIKByFgsWPXqqTL3-4a9cD6H5goBbtnCnPs5DaJDegG3LR0kfp1BzUGMPUKEGZuHR1xWtikxB47gzfF2tAUIDYfeq8iBGuKZ6H8lU0PA8ngYxG-7GfYLsSjpTlWCvdGZVz2HD0N2kdxK5GR0mSfwSqpxCycCGIAEaC7QvmlvIPW94F6p9UZvhawzQgco2eeUiq0Dvj-QjtYhNWZ4oEIzOJ7BivII-WyhATNmokl3KCW8gH9NdmrUdTeO3dw56HqqLcO3KzX8oTPy0s_JiJq8MZg34XCbydywwOFjoE75uDz76XqmtPZsd-N3UEl_yUsXyhIQ_1XaTeRFxiLluCdwiC3beAMvLRiSRAL32Y7jhBCFjTovjnGs0sDv_toHGrhZ0s3cBB_1mMxOMrSVxDI-JuDvpIuwAK0SkdpQHYxeDZQQ-iHfQYNAwhK-gAIW66cAOHLRcLUfLF3TJ0UsDwKzC-UuC0sG4dKRAz3rYnFYihgu-GK7tL7dUNdAj85P1Y0qBN2Pvmucy_Vbz9ltAMOLQyuZQGmADK0hCVD0akY4DT8hNo4E7PJBTvY7mo88O6nPey2MAn1f4CHpTy0oTtydbq2tjOnWzKNJORnA_1Zc92txCsQKVTZeGs35Bnr5BUY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B7B2 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 02:28:07 GMT
expires: Wed, 29 Jan 2025 02:28:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5F31 829 B
559 B 33ms
32ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df028aa5ffb1ca9505018c4f1444d9c69561b3933859b1c265084c14da26dc7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y3ATmoAT-jxehtUK4uXdFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gta.nafaixa.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y3ATmoAT-jxehtUK4uXdFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 03:01:14 GMT
expires: Tue, 30 Jan 2024 03:01:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD50 0
26 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgAhFeWa4ZeyxLsCt9u8Ph-yM4AEAAAAAOAHgBAI&bg=!Dg2lDULNAAa8BdJLnAU7ADQBe5WfOFoUY6rthHIdJM76Fvb3bRbFJAyOnGAnZf6dj09nt4qFTc9zPxAZRwYuPyLPC9hZAgAAAOBSAAAAAmgBB5kDC-TjkzBv3af3YwR8xLX975VviLdEcfIdNtYOoM5j5RyWBRqD4JKWS83vALqjkg3NblRTEptU9pQ8sOHqFJlU-PlQQF4pcHJAYYEALFoF1kgWKHPbiabxa6cL64gC5gS4pEMbXuxUELYZUhiexfPx-sSXJ5HVpZIfe8KMnspL-Rbcw7qeNZs0-DFG8xJpylqwVSut4IhVOzFLTEAXYWe4zWZQAaTZBDC6-ApQrVDk6szLM0j3CFLimCW4tb6U4W0Zp4Ndv5qBkxdjQv5Jfngc2pcQbQbCbPe1TrTupPjkbvQ2j8oxygW1hlmSyp_LoxphVXJ7qPjvYTRiEqkOWjp8f2x3_bUA9glEXpYyftjin3qo5j81MLeZpCIWMVNOuoEgLYQZVMVZVwozHMiY225PchLYT6XIt_55DxRwnddCk56r5-l1j12eQ0H8_bfOoArF70HCoQYZ-06xv7OOGMUNM-h0oXOzd-vI-kVgAacyVa40yppvTDbxQpsHA62agwzEOrPhrjspac0rlbTcBxsyVHwhGcWQepIof2twYUqHJ488iNpSDsVAmvoFAXfkisT8jZm1oFHE_N00RYhN9IlPQXaLH4lxDRTE1oQhEnTeQGfcXmpdcIlIRmCOZTEWplMhXJa1UvCPknHpFj-sqOcR1xQLnmj_UkTHDN95SepFM4lUePo_TUTrpWzjNPiM36kJ7H4vomwkBmIMzTNo5T5V2C-qmIWeV1PvHOCMpiA4BtUhLyrET-jinZtM2QK__lbneYqA2A5Aryc36yptF-TGL1v9Kk96OlByvHhMAmW2O9fYnNf8F4BAV3CHF0_-XiHrJ7pg5LIJhMcvuapALq9pdlsrTNvqVCT75-F4P4fmwcDMMwOz6-w0lN22SExHkMqTVomBMehbMzpOEXPXjPX4WOr0YNHwyX9KuGL3awaGhAZv4wVF87W67iF0MJtXZn-2U_ATfpwLb2noefF33t8ZjgSfNm9zsPqCbRAbfxCx2Vxj4Wmb4D4JjNXC1TSD5JGQMzr6D0qMpJL8BuG7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 51BC 0
26 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bjl-beWa4Za7CMMXB9u8Py6un-AQAAAAAOAHgBAI&bg=!srGlsf7NAAa8BdJLnAU7ADQBe5WfOAYBkspjKtYAQVoo6gRYzt16yr4xvwCcD0egDPEB0eofSCpUVozmyd2xw_N5u_o3AgAAAM9SAAAAAmgBBwoAgvID44HkeA3D3XVLiKWqxNWqVmkeKkhP1RFqyuWO_XJOHGu3pospsq7LfK6HW7QbQuob0W72QQPqOgzjbrxHg-XjKXY-CH9Kw0NuR0kqgLP9e5c3oLR-O3RwMcAM0-c-q8p6ntvOY6hu36PTYNxRY4ZfXMmMfr2nihxj47ReUC65GDWZAwz3FdC7nDkpkflndOdvY5jvr6CBqpgh7bMSQzJv1Be1_nsjzuxkSaFTjjQO6RKNfShi4kKIJ4bTiQIzSAFMJhwbgp64CNStZtUfvSCnRjLdboGm9SwjQFiETFafF421ZlbgCt0CNOzYQwee55eXmGfrSIUaoOpexSMqt29rPiNZH9uhTlUvawlbbaHMNCHE51QJ9gw3fhCXOdHuj0RfSU6G-LYVm42uAlxDwAETabKN4jXCN_VxxNBz72xCkJuEqinnehwCC6CxHwmpn0GkAgnEKo71ikpsN6LeLu-NoulyclPMcDrjBkJCvcvHvY5H0aUXDdA2u5Ktu4tEClRAqnZWri5KklK2JzXRTAJVUefFc_eK1x5UKMm0d-plJPyLe_546DDbDx89c0moTI2S8RByvvItIKmgNacuEx1Wxpk3DnwazhpL8MjVOJOTt5i6GwEQDOlBShQrZIAxN_he-BQYMipKNOX3k0FkvoEvEdr5eu1GngYXimsHAdbJGo-nK5CwQWo3WNf9y0nVu46M-HzhSw72_tLypySKQUVsjJV35yBdPEb2u81U_eygBYX5_nYj0teBRo9KF91YKSjUzR5VdYDfc75jGWz__pMPuQzdrHEAtOGHu6KM9vmzVbIWLAcVPV2mjuWg0JN3CWVE59QEib6TUmtJ-Oph5_ADXktzgLA2txpLpYQdk1E2JKbM3C91OrOV_2WL0fj7VvC-OPND0qIXALKE35eLG9rJuda9WhDex2tdacxp-xdGfe73V0kVGXa7h8YeRKTsTK25Fhk6oa0wXJRVo_KTawEMHfIfDXq8dpIz9KeuLZdb-AVBY79CfR978RwcDiIPty6ACXQuqP0ROUvlavpRX6uSnE3coo3j0eXUIa78YL23Z_-1lnr1LVCeSpn1E5go9Sx0MpZUm4nfY3BFTpy6kflEpbF8crSm3_FXfm60CtNQWLbxc4avcTE9B-ygCqCAdXZhuz1gMVySMkKPiSWUYg1GMIyMWNGztOUFRYjFlHzjXs0ggz5beAPg4d148gb1XSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame B7B2 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F31 0
0 53ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=999000826269301&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B7B2 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?quoHuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 03:01:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78C2 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumyGaIGF6DKPlNOTtzl6OoTuVN_A3WdisV5DL6VjQLzFoVcUjS4mYj_80siUXBdJvCVHaryfDC5urOtzSp5nYyrd6WgmsbW-mW43nGRmviEBx4cNBLlayRFN5FWIxO_1ZW1APchFGOP7okR9UkF-NdE5oq&sai=AMfl-YTUzxfJN84KSnmHqwBaM04s0Z5Bn-UmBvKKDIroL3BDWNQPVD3ru3LZB9GY2UWFxX0-1c3m_r7_AVDq-jSxp96k45A2Cr0-QLUzJQiT3c97_F-S0lI0b9GVj_XtBjDJMv4zn6tRQBYa0DZC8Mys&sig=Cg0ArKJSzE8lEfE-dmjTEAE&cid=CAQSTgAvHhf_pSrjwG-2H0XIKQQfbvJNJ3AfPacNA9MlLMIXdrEd-qjzpXZL4KcTeHG7PGJ3keyk3HB1y7S1Y0ptmfaK3qU9RET_EI9KlUw7XhgB&id=lidar2&mcvt=1004&p=0,0,200,200&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3456574893&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170658367300&rst=1706583672976&rpt=602&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82A9 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR1NsIfTri2AMBgNdz3rYwFSko9AF0r8VXaWxu3Wslb7GSfDTe9nvLiuIJz9SWMWYW2UKi_RSwmhAbpxTqP3dbaL04Smo68cZSiUXzI5CAQLHLE22fOGvYbp2otGefUxjtMaeeg5TGdbAPIcDoKI4h3LsS&sai=AMfl-YTLIYjs9olOVrYtwy3JVqISFXHHqKqTaoFJB1gs-wlVqNDG8Xg69fg54Um5e5iYeon3wCE1w64EeCBpyZ7QutcHh56T5KQzgwIb4JcroMqAR9vNesKMcIYV6bk45SpL9xNRb-zFiuixMcENeyqP&sig=Cg0ArKJSzOat_0Ms9mqWEAE&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=452,944,1000,1000,1000&tos=452,492,56,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706583673548&rpt=335&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78C2 0
26 B 56ms
56ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2496562767227&version=m202309260101&ct=76&x=1&cor=213993297965491170

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A476 28 B
54 B 34ms
32ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706583675068
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/ipR0bMOmF2o
X-YouTube-Client-Version: 1.20240123.01.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2cndkVE9jSFZ5NCj4zOGtBjIKCgJERRIEEgAgaA%3D%3D
X-YouTube-Ad-Signals: dt=1706583672576&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C500%2C281&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 30 Jan 2024 03:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Tue, 30 Jan 2024 03:01:15 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame 85D3 52 KB
11 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda5aba191e5dc24473aa8b36c989c8a29dc98e0cc87c1672007dc7c7dc3ba09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 11:57:41 GMT
date: Mon, 29 Jan 2024 11:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11690
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=999000826269301&bg=!rq2lreLNAAa8BdJLnAU7ADQBe5WfOEey3nrQZGPGvOBy92fj_ofI7kurd7FiYHBBAyBNtg3V2kbUmHimQOESGDyexKhEAgAAAERSAAAAAmgBBwoAIrV9piSDqIOYsUaTo7fvPjMYG4N8e368ZFBcxQoqGUlFRcOZAsc5uqu9FvTNfarIwFe4nt_PMhE71mF_zp_BDo_nQac3m-Fi3cO8q2dS8_TnzNX31ePbvEMIMCEq4GCUmdQskEEZg94tohYPOivPEmOKSdfjqsEeWOlptN9cuJpjvw7X4hcWAEdBTAoSfShbEtwdIXw1vsAdP-kKuKcIokowPHqy_NQGvrBDsCPL-9bJwDNK7TSCiNfc2bqDXI7k5QlBcZGhbPjU4wR8utoP3WspPrLqCm0liQl6MWk-YdBaAJ_terLxtrnVQWCEMUIDpuwnj2dtHDXoQmly6eYocjiG9rvUBM5KQiGwRY1gztSN49j-JuNZTS7m9wLLAo96199PtLffVynlhnY1NKHVL5IhTtSEfwdGm7vDocBGJ-tydzybjuqKo2EjPt_wCXbsAOiNgMGNkIU35Ur9mZXmNQ4yVQnkf1D10oCnJBR8LvA1TDTIGZRqB60lOuG3o5W6_AIv-v6EAN3NLUFTrfRQQZAtoOPNduFEPVaPj6Jrmgw3K4zoe07ITUwHPE5iqoSPSjUbcJalnQ1xq2r4xXVb175vUDq0OG64rr8EMMNy1ArrYYoUj0ZUKzz5-DT-0mu4_Vp9HR1QHsF_wN93rsMZfr_Z6GQY-5DPh_jYF83rIjJoBGVk1DCbuO8KTtT4Of9tR02lXNAAcxB7eps_nM1yvpcrTDrZww7L2jv8fwdS9-kL1cB1ZMIrJbf25SW26CR-HvJHMqNd8m1qCoqLalyiF6ncgu60Vq8l1fP7TrRN8I2Y8xV_9u6EJ4KYZCSEZjdePGXod0eW62FQJXytNlOE4axHy5i_tt18FJb6Rl_VvIhC1U6CsPE9Sful0VOc3oZ3gy0ZWrb29AZgM77x6H6tfNWwX4PiBO_hKzBuI3YPqqGDn5ha9hklE3XDTDzwaCcJLyL-DZ1Jwa-R3QRJ50Qs3V-_YQ_bqpMdtGgv7zo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gta.nafaixa.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame 85D3 9 KB
3 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e68aced43cc5776e561bddf03ee9e3368efacb11d264a69202c2942ff10b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 01:20:38 GMT
date: Tue, 30 Jan 2024 01:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2749
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/17569895503432122895/images/ Frame 85D3 83 KB
83 KB 20ms
20ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15d20d4301f55fd69590f62e675aff9c16627aa99ccd1c54d2704db623eff37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:28:35 GMT
date: Tue, 23 Jan 2024 23:28:35 GMT
x-content-type-options: nosniff
age: 531160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85319
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/4590557111927187076/ Frame 884C 54 KB
12 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4590557111927187076/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c90a462a3a391bfd0634a8eff33dcb9486c10ce298c0c123cef43f51ea6aea44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 18:48:20 GMT
date: Mon, 29 Jan 2024 18:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12126
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 13:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame EFB7 52 KB
11 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bda5aba191e5dc24473aa8b36c989c8a29dc98e0cc87c1672007dc7c7dc3ba09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 11:57:41 GMT
date: Mon, 29 Jan 2024 11:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11690
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/17569895503432122895/images/ Frame 85D3 71 KB
71 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd131e9a7b29e769a4e027e6b044b5642a4a96a5d37122d3d44aa1e5b044b545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 20:40:56 GMT
date: Mon, 29 Jan 2024 20:40:56 GMT
x-content-type-options: nosniff
age: 22819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72347
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/4590557111927187076/ Frame 884C 9 KB
3 KB 22ms
22ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4590557111927187076/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1731e2c1d5172f0bcea8e99eb090cc786726d208801e495c92b02719ce80820b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 08:39:14 GMT
date: Mon, 29 Jan 2024 08:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2853
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 13:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17569895503432122895/ Frame EFB7 9 KB
3 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e68aced43cc5776e561bddf03ee9e3368efacb11d264a69202c2942ff10b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 29 Jan 2025 01:20:38 GMT
date: Tue, 30 Jan 2024 01:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2749
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82A9 0
28 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6181542734967&version=m202309260101&ct=76&x=1&cor=3652762468609138000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/4590557111927187076/images/ Frame 884C 56 KB
56 KB 20ms
20ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4590557111927187076/images/index_atlas_P_1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f8b019458776ac4ea8f6f78d021ae3687187f7b12e2a68182effee2047e6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4590557111927187076/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 22:46:09 GMT
date: Mon, 29 Jan 2024 22:46:09 GMT
x-content-type-options: nosniff
age: 15306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56859
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 13:14:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/17569895503432122895/images/ Frame EFB7 83 KB
83 KB 19ms
19ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/images/index_atlas_P_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15d20d4301f55fd69590f62e675aff9c16627aa99ccd1c54d2704db623eff37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Wed, 22 Jan 2025 23:28:35 GMT
date: Tue, 23 Jan 2024 23:28:35 GMT
x-content-type-options: nosniff
age: 531160
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85319
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/17569895503432122895/images/ Frame EFB7 71 KB
71 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17569895503432122895/images/index_atlas_NP_1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd131e9a7b29e769a4e027e6b044b5642a4a96a5d37122d3d44aa1e5b044b545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17569895503432122895/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Tue, 28 Jan 2025 20:40:56 GMT
date: Mon, 29 Jan 2024 20:40:56 GMT
x-content-type-options: nosniff
age: 22819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72347
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 16:17:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90F6 0
28 B 53ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2765487593934&version=m202309260101&ct=76&x=1&cor=15439319867648610000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B21 0
28 B 52ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3293331138147&version=m202309260101&ct=76&x=1&cor=9800913799140782000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B21 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn3PL9_NwyE0JgNXJJVRnXiAH6wpRNoZOeVJ3adC-qy20Qj25EXw3MgaBnsxefUljVjpHY6BngHpQjKjxSyBluwbooMy9OjqWMrH9GuDbB8iSpYSJDgrWu5niL1hf_URhTQ7xSGVImJUuokR1LyXgo2nyD&sai=AMfl-YQ7BV39NdMHuSPjXbpX4VRK8BhoPRJEXnY2G9XrVRqsBHMgEJ7Bm4rKZvdOinNC5wlLi0IgvF_k_kuULTztH0glpCx86O5c_RdfiFcxY_mayIQUiZlybgHRM-Cv1usGO96OO_hz11LSo3ANrvBP&sig=Cg0ArKJSzDa8RhkrieB6EAE&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&id=lidar2&mcvt=1007&p=0,0,618,160&mtos=0,1007,1007,1007,1007&tos=0,1007,0,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706583673537&rpt=395&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 90F6 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssknpICNkmR6I2kiHw3HxBI_LUZaSC3EhqN0C4CbyjpZmgVBSrb7Zl569EhwU0rXPNoOeOn66W4wF95oQXaJQSLYyqfHhfoJEwBR7i7jdePkdJDLqFyvL7abGGIdAr9HBJBG3n4H8LRyqidwHnjbj8o9sGj&sai=AMfl-YRmKzXRAPA2k3CesjRNnd2h4xZZ7kD3VukDOkp_nqVW62N8PzqIG3P5LiEeBfdl0JMMYO-yOmq4v9WpQ3L-iBLkKr0ChJq0kSWeNiM1y4UvCdzVz0MDHl-0xDsOd2YmPJu_RWAUwKyV6Ixp6oeQ&sig=Cg0ArKJSzCc4Do5Q-cLuEAE&cid=CAQSTgAvHhf_B-P4C96el0_F_OmUrETZcDNDSv4w6Yxu0x88egFc_F2xTTdUr4Zx5yZEPUqajFucRCOz1GUI64QvSJkO9P_QUP0nUJdgwbNKIBgB&id=lidar2&mcvt=1009&p=0,0,618,160&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706583673521&rpt=310&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 55CB 5 KB
2 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 15:12:17 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 55CB 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9813938113422845581/index.html?e=69&leftOffset=0&topOffset=0&c=Xcj3Fgzw7r&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Jan 2024 15:56:16 GMT

GET
H2 200 dc_oe=ChMIjPeFzY-EhAMVJrj9Bx0GQwxeEAAYACCt2oNdQhMIzaPvzI-EhAMVZKODBx2iBgkk;dc_eps=AHas8cAgqRl1vXgbv-2deG9SabbGZB39txzY1jzY8jR3vOsX1itKPOK1kW6EaNNEHAdUvi-Ps0fXFpw;stragg=1;&timestamp=1706583679141;s...
ade.googlesyndication.com/ddm/activity/ Frame 78C2 42 B
107 B 55ms
54ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Jan 2024 03:01:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: papeldeparede.gratis
URL: https://papeldeparede.gratis/out.php?w=small

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENT6Az7Kl5WMxw2t9iO5EMU&google_cver=1&google_push=AXcoOmT2P71WKWJMnwTfDbDwb8UjKSDZDwD-n8nIMj79YUU17yM73ECuIv2SonEuLrgF9vWIE8SjQBfmv-0OyuLvOziCuZebY-6qak6elA

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHAl-YZbi-y4KuUN6oxAsoA&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: f0kqzd4kmUw
.youtube.com/	1970-01-20 22:22:15	Name: VISITOR_INFO1_LIVE Value: vrwdTOcHVy4
.gta.nafaixa.com.br/	1970-01-21 03:39:03	Name: __utma Value: 128461018.242839724.1706583673.1706583673.1706583673.1
.gta.nafaixa.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 128461018
.gta.nafaixa.com.br/	1970-01-20 22:25:51	Name: __utmz Value: 128461018.1706583673.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.gta.nafaixa.com.br/	1970-01-20 18:03:04	Name: __utmt Value: 1
.gta.nafaixa.com.br/	1970-01-20 18:03:05	Name: __utmb Value: 128461018.1.10.1706583673
gta.nafaixa.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: honusf9889rrak9cnmnnvd9rg3
.nafaixa.com.br/	1970-01-21 03:24:39	Name: __gads Value: ID=7e29936ee97bba85:T=1706583672:RT=1706583672:S=ALNI_MYHn0DRybJrnpQJIYbDwv_7Bg4oqg
.nafaixa.com.br/	1970-01-21 03:24:39	Name: __gpi Value: UID=00000d4c83464712:T=1706583672:RT=1706583672:S=ALNI_MY4IsS3Uzb_tzlbiEagMAJrsghg7w
.doubleclick.net/	1970-01-21 03:24:39	Name: IDE Value: AHWqTUn2yu6m74efJXeYzL2TWo57CuF5nNt8aMUt_6HOFLBtvt5yFAOyTWzwatsR
.adnxs.com/	1970-01-20 20:12:39	Name: XANDR_PANID Value: OdA3WUH7AMslNSgXI-aHA95L5mKsy1eKpIsGHxts20YhQBzULBIciXFIv0aRJoCFzhgi-a21lEh2qUm111FrvZoaJHiaevGott1CKEquoPY.
.adnxs.com/	1970-01-21 03:39:03	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:12:39	Name: uuid2 Value: 6459355363746317857
.casalemedia.com/	1970-01-21 02:48:39	Name: CMID Value: ZbhmeZyr7swY1V1722FAawAA
.casalemedia.com/	1970-01-20 20:12:39	Name: CMPS Value: 3243
.casalemedia.com/	1970-01-20 20:12:39	Name: CMPRO Value: 3243
.doubleclick.net/	1970-01-20 22:22:15	Name: APC Value: AfxxVi4_odkKwr0okGM8KPL184hnZsr8Kv7aC8-uAwfXdtjp3Q1uvw
.doubleclick.net/	1970-01-20 22:22:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:12:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilfp5K([!]tbPl1M>e)ZlrFUfJ+tGXxo38d[UW?M8kzLa%9rS2rMoI2Q/Y]5-'?(*j-^3If)y3KL9D3I?+crm`+L
.quantserve.com/	1970-01-20 20:12:39	Name: d Value: EDABCQGDK4EA
.quantserve.com/	1970-01-21 03:33:18	Name: mc Value: 65b86679-c29fb-d5185-000df
.blismedia.com/	1970-01-21 02:48:43	Name: b Value: 65B866796D46AEEEAB9F4336BLIS
.ctnsnet.com/	1970-01-21 02:48:39	Name: cid_caeb366394404ac98697973fa578c51a Value: 1
.ctnsnet.com/	1970-01-21 02:48:39	Name: gid_CAESEL_YFkDFt82a4sMbZ5pWYuM Value: 1
.w55c.net/	1970-01-21 03:31:51	Name: wfivefivec Value: WiWjmjrm1RuEn75
.w55c.net/	1970-01-20 18:46:15	Name: matchgoogle Value: 5
.demdex.net/	1970-01-20 22:22:15	Name: demdex Value: 03004669842560974802958020147743306205
m.exactag.com/	1970-01-20 20:12:39	Name: exactag_new_gk Value: 1afcc0705120484c97521ce7c7806adb%7C30.03.2024%2003%3A01%3A12
m.exactag.com/	1970-01-20 22:22:15	Name: exactag_new_uk Value: ae62b8f636694287b1cecf2017090d90%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: c8912b0a452b446aacdae6cb
.skydeutschland.demdex.net/	1970-01-20 22:22:15	Name: skydeutschland Value: 03004669842560974802958020147743306205

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://papeldeparede.gratis/out.php?w=small Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://gta.nafaixa.com.br/(Line 574) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://gta.nafaixa.com.br/(Line 574) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHAl-YZbi-y4KuUN6oxAsoA&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
ad.doubleclick.net
ade.googlesyndication.com
ajax.googleapis.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
dis.criteo.com
dsum-sec.casalemedia.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gta.nafaixa.com.br
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
m.exactag.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
papeldeparede.gratis
pixel.adsafeprotected.com
pm.w55c.net
s0.2mdn.net
scontent.xx.fbcdn.net
skydeutschland.demdex.net
ssl.google-analytics.com
stackpath.bootstrapcdn.com
static.adsafeprotected.com
static.doubleclick.net
static.xx.fbcdn.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
whos.amung.us
widgets.amung.us
www.facebook.com
www.google.com
www.google.com.br
www.googletagservices.com
www.gstatic.com
www.nafaixa.net
www.omural.net
www.sopapeldeparede.com.br
www.youtube.com
yt3.ggpht.com
googlecm.hit.gemius.pl
papeldeparede.gratis
sync.search.spotxchange.com
104.75.89.75
142.250.184.226
142.250.184.230
142.250.186.34
172.64.151.101
178.250.1.9
185.89.211.84
192.185.215.135
216.58.212.130
2600:9000:238d:a400:8:48e:53c0:93a1
2606:4700:10::6816:4aab
2606:4700:3030::ac43:8e01
2606:4700:3036::ac43:8295
2606:4700::6811:180e
2606:4700::6812:acf
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2003
2a00:1450:4001:802::2001
2a00:1450:4001:806::2016
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::649
2a06:98c1:3120::3
3.33.220.150
3.71.149.231
34.192.234.205
34.241.81.135
34.96.105.8
35.158.172.152
35.186.193.173
35.244.159.8
85.14.248.72
0252a974157571f5f2df443ee25cb56a5361026fe0b1e6b90c540e56240b98c1
02a17e9cda73867dc8f97f8f1838da1f121fb536a1c4dd17e81f264728972436
0356f94bd972d01d4ab4eafac13ec868543806838573942a7e80269721706adf
0927d0eb1802a65f1b033034b2d947118d176148381dce25c885d9deb94b9d7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de263c3c05f2a5ee9657dbeaac67821e1fc7a25b80a481311038922ba5d1dba
0e5b4d1086775f98af3dee9fd1f720c00219cbe61616f93357c11c5b4d9b7726
0f1cce6c07f93a973b97053bff17d3644e8434c73268128fa3addc89d3da730d
0fcf23457b16ada64daf508a336c84c03f7ab793bb0b239a8e2b54ba49846524
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1523ba9db7cf2cd353fb51f0aff63a09854414b225565dee2c4cf8e46458faf4
1535de29382e81c71d550ef6f61f0419dfbb69585976381fc39951f5828d982e
15ba2974c32cfc90c642bfaac913f8eb96d8df6ac12b9e7522d142b12f064fee
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1731e2c1d5172f0bcea8e99eb090cc786726d208801e495c92b02719ce80820b
176eb92da2823929c613b3e4a575bd0ba020e17204bcaeb4633baee026766461
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1bb13c81d4b001306c5a51a2e99f79146583f8e06f1e7431e3d19be3b4c9aef8
1eaecf5b2eb677b6603c6d3ab23264368b274a4809625692f18916d56fd2217b
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26839c3a87243255c0dba2864b70604c5ff0c24da6f137db82fa0853c808b1fa
27fc71dd7348757bd15d4dfce72998f230a8015b465ba3dcee6f1b7a3efd2632
2863b52bbc74d053b6415278249cb4258747dd6f355f6ba30739b1f84e76861a
2910a75fe798cbb18961bf9510620ee4edbc664b99037f2a9b0b0af70a8d9631
2c34e7b3dc4d43d22cd535f7410039db2b814879d4dda93be6fd00aa7e2efd15
2cd3c948557ad07e403d5b58c19749dd167913e975f3e169be1f34721482c700
2f4e61946b3d78d43b2d2ea2ae2429597f3fd7084d129c82cf982c97c49b3235
2fe4c951f0f708ce916e10fcdb3fb82bb8f8e6ab9078bd7905906c33f4083097
30c2e9b324ca92a7627339f4de3e104bc105a3f92bcff3159dd408d75c9461b3
3120bfc2df6ec34e0a0a5242f1da88cbd9a075596ba0fe6c87d1a3338fb22802
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31db9762ae58bbbb3f0ceb5ca8a2623c6745a53c99bfaa67a8c616f0b129916b
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
382e6848add219885bfe21f4b41d565c06449e5a2ff4420c439b3485ca4b4b6f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39094fb21bddb795d6f9a42f85b399738d92439bfb8e0bae9fb1bb9657f19afd
3984ce7490287ec00b97c8adc42e0f0aa2c76749d89dddeea8938274c1c273e7
3b093f45e5a0f24e00632224aa29b30cfdcec8b7dcff628107a613005687b9d5
3b53fd241a73c57168fa336780e2deeb8c0e0643a8045d28c244f2288ab9aea6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ec9d42a1df331fd53f2b5ba74f6cb2182e478f4ae0f2f8fcb6633e919ff6457
42b2ed0ffd16a43f620208c61f13bd7a055fe9b8b6d525000e182fefd82d6337
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432cc6494e7403717ed1035e5ba24d50f7dfb9ea241580e12e5e9d8ff388357e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4590052c090e5cb760a4dd120c376536f2b4242470407aa12dcc487f3e9920dc
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb8829aa29254fcf51588307eaf1626e78ec6daf17d580b2415a527889340f6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5086540d1b34dd5765a5e28165f26deff7424e8b5fe83d0989c11553ccf7eaf2
5086f345895c2a7c688e209d0b85c3543e9b9c7fbe6787ef4aa70fd384111177
5108b497104c8deceeb582979e7d1c56e53e34bf87bf8d49f29325e06dcc5e69
510a48a6d3f99d71682c2ec24ead59e3c4eddce9ece3a6d9c7aea4b8507972d3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58243d95739ac4d776fbecbd43479de161fd6cf000e8314580f450bda86225c5
5904ac053ee5163169774e5563cc32a2c458a4ce0e8b4e76e173998f4d01d580
5a47bdddbab08875058c0fafcefdf6ce527782293d4a36c6dcd00b3c23e4f6c7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c628625cdc2eb7c1391c5da3affc0c87060620d8d24803e974995a69038389c
5e066ee8ffbf8841f9fb5b30930edee20b009fcea75424f6b1dc4f9488f935a6
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
614aa2d4fb5b6db49ca0cbbd331ae121a44501923322c7cb11931cc376ca6e07
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63b9eea7c09e1760b4e440e713ffb1f5d44cb9418caf5fa9353f02f59e0f9785
6493db57b6f5fe043866da62c20226e809ac78bc98359dc7ccfb50ccf50e0fe7
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
658cdad52870fc6477eda8311bc97deebd09ff837968e28e8578a6713b94f981
66cbe3b02faabbe4f4b649a9928e98d0828e817ef3d2b060cf4a9b9918166c41
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69a905db9ba1136cb83506b493889e8e7492f79749de4b5121b9f4896a56101a
6ac64e5d6f76ccb2e045537f017a83122eedb10a18e4cad23a8563df1e96d5cd
6b5673acd1e13107f22d7d4e90778df431aa153f3b46349d3b9b769484700603
6b74b3d3e291557a575307fc9a02ca67da2c2d4bb133409c6389bcc9bc54ddac
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
6db849638a3e050f79934e47922008ca0561a908ddf68eea633f2b7bf6c85d03
6fd975d141676d5c8d26b8f1df936fbcd6c50813f0be668d2914097634f642da
7366f12d6bb3a487d5c57807d9594a6788ab0145612240db716c71356f15ac66
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79f1a833212669cc4d6f917d41c0ee007b6532237447c903fc2c277a7489a9d5
79f8503281c4f56ddab54ae2417cf3c2ffa4356599b18615b523d35c94ee58cc
7c7ed004966c555c89686fbbb5282c204b7b14da3ee1ea81977e939e08a997af
803eed4b2ecb4d5cf3ad16dc822a83fe05bc0ac4780a525eb8fe00dd2e91d33b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ef43aa10e77b1f341a176cbe0eac005f06b46fdc5624ce489bd50bb9494bfa
877192bb794fbc5f97299c8ccb06a7a1cc2fde957931dfa3497888800c0fde38
88f8b019458776ac4ea8f6f78d021ae3687187f7b12e2a68182effee2047e6ae
8a3797e04b7b321c7d20c2f10043744ab4829283c89a62c73690682b3fbf9768
8ae389a5daf8a3cf0af4742ede3304801fb55d272726f8fab13254abaef80b50
8bb2d746b576e5aadcf547a28e44791719ec7560e0f34a22d9fe298fbf7d6683
8c485a9d427f24da84e50327e7fc83cc48983f84fa8db2810bec29eb7dbd8da6
8d5c4c66767efc5b6ebf27ca0b7594fe62ace64911b312bbfd6dade384f7c3aa
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7d8b3726360c1f5cc765cd084ed3234452d8ae76a993880174b69bc5e80e2e
8e67e70d58e851d3719d900b523047c2eaf4b4c5c4d15dcf2392fdb2f2fd38ae
8ee03171c8ce3e193a2bf63d8494788bd7b3120603169c5ee42e8ae78b950325
8f3ee7056717a02e8fcc53f148604af846c6938fa452a4e7a1765721772bdde4
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
92a1fc442ce1d2fa4f682a76c60afb3e62e1fd818983cb11648e15a1a902f17b
93873af7a813c879f0cf347e3766be979509b08ce5147646101e1a5fb1f6c84d
9419adcc1f13fd1ae3c0d347a3803311060a2d8d35759514019ceb545aa6d108
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
98bbe3733f5a1b8a3c2efdf5682f88ab35fa79b967ad46b1a089666fa8371ef5
99c0e47ca0215c84055f3a78ab99daf9ce339eab2b2786edb0c47d08b50d9da4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f386e76a0a479e152c9436ff9dbf890f7ec312ea3e6e883bafb8748c1a27fba
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a75a04b6f14b73aa716886456a2ed794d4073f02f1c94c3b02812fcfbaeb9c61
a7e68aced43cc5776e561bddf03ee9e3368efacb11d264a69202c2942ff10b6e
a937604a59ebe72ddb0809c39f077d81622f53828d7bd608b5b718884bf2e90d
ab63d796f41e5421e82ffd99f02edd55a8af2d8321f5af8becf08e8e54d17b4e
ad56af78bd5c1d822f256f4b3a40ea82d8b79c33a6e8e9b72c888a7e43355160
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4af2ce8e90181643100e35ec94552d8204110aa04999e3bc8930dad543735e3
b4bf10c750748950567c778de3c159398e361c4c236c4a235269d94d4eede288
b52efab6a7855cb6ceee71703a275e77807ddc0928c0daf70be9fd13a555da40
b5b671f18bcdb434e67bd89c4b57b669fb715f8364c942ac53e5a586453d88e7
b5c18ce042ef6f716d50b38525956b055ec83f7394b41b5c6b60090a6d67c3d1
b7a83d0e1767ce99fca9ad01d1b72c24213f3cf32f989f0d4e491e88ddb1346e
b918c397d1bd14a5cb4ba1bce1f86080b85af823cd0e2372c65044debccb6fd7
b9f4998d0c662df4b67e5fa6d21c96b3db13704267d47579239d9b4d0faccca8
bbd33a1b080c6df19a48980e9995a211639eddafcb9aa9fe978de436425a7370
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd131e9a7b29e769a4e027e6b044b5642a4a96a5d37122d3d44aa1e5b044b545
bda5aba191e5dc24473aa8b36c989c8a29dc98e0cc87c1672007dc7c7dc3ba09
c15d20d4301f55fd69590f62e675aff9c16627aa99ccd1c54d2704db623eff37
c2406e350ae14cae80c7c56dcbabfd407697574ea9ac44aea5dc8c4a3d44103b
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c3ecd346a5e0a181b18f82368d44e781f0ffbd6e0b275faf5035a9602f529b57
c5ac10327a3e74f4ba69fcb71d359cf84cf71fb13bbf27b14a3a10d257d450fb
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c90a462a3a391bfd0634a8eff33dcb9486c10ce298c0c123cef43f51ea6aea44
cca4f820059d5f2f7e9e36fa536915de1f94b00e7e5872ce6cf5cd9d1f8cda5e
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12ac3b79c97d538cf08c1e1b754b230510d23528f82e2d2cfdcfe41550bcb29
d268b67074247d5ba23883e661f46e7c19d63a72d5548e5364a6cadc556ac50a
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d718215ae7e8b69f3776b645c4882df30e5029f3efabc73ed159ce10a607a805
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d817ab56de71bd486482f78ada2901e701061823f70c4524625a5cf6c2b99d85
d84c753118947c2fd0503a0f67769a68622bc65f07fe73099eb080840d9de72e
da5b59f4a50e519456e12d0157b8aade77ffc031832490356eac05315d24face
dd643cb575e4bd00eaafb3ea019dfd1ddd367212e9b8e506522822b0754fb035
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3f46dca331927f2acbc7d48b7270deeb22462cc596fc17813f445040a6e266
de70bf4abfa316d41f9328274697a68ac32256b626d6114d5eff055a5c6563a9
df028aa5ffb1ca9505018c4f1444d9c69561b3933859b1c265084c14da26dc7a
e020ccafd2bbea30d09cfc8f9561aad86ea2f142c531412a0c40d572fd5c9401
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d51883c8a3663c2a1d2b14aa22d83b9fd9ecf5c5f04e1f2475cc33ae684e91
e820a60a340f04b84a76387761eb056bea4e03ec91b316dabb50814c520e9afe
e8620d33fe5d5fa5e09f5fbf814677efd2bc21d0e95e336fe88b0ccdb32361db
ea4188db75d76610fba765f87d9b5044c2f6188f8abd633209360dd8c5337a8d
eb3f6742973b3e269670d5a0371b0b1816b5951bc6c8a0e1ff3af2591e9a77d9
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0563dbb4bb81c6b1f745145ff4ca39c3d63daf31952c521dbb689dda5b26ff3
f2b52b71e5e53c942d4bfad7d3ffa9852252da9f311dcec8d8369dfb156b4c48
f3e9629433f58593a1263aaa2081aac96747d73420e555fd364c52c53b4747ea
f45c21b100a667bec4887d1b2abe2631220b7a3829dde40fe522002c084243b8
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f547cd28c1eadf884987c75c11890f44bddaafe491f80b6032b26458b188ce2a
f60fcc93c3aba081966086a59e80e70b01beabd22f24afa6039cc908c72ff989
f6c7a099ba81b11434bc82d72609d2951c6ce46141a96a042a02bc1b5ca500f4
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f70489e29f511ef3bcda52713636f6c870381b628b59c0db78eb9d62d84a56ec
f7ac07b5c532b28a45e8245ab333330a3013c72192b38b6a385f9cb2ba1d6c0e
f7ad1a381127ab78c6842aac3b416b42d1165f8be5fd9745dba092f3dfb481d3
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fb893435e56c37059d9ec34dad184006bfeb5ac694099fcd2f4c7149cb70bbaa
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
fdf75db464a2338a06fada278c7b12a6a809ae573934294f3060436642f7913d

gta.nafaixa.com.br Open in urlscan Pro 192.185.215.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

317 Requests

92 %HTTPS

60 %IPv6

42 Domains

56 Subdomains

42 IPs

4 Countries

9336 kBTransfer

16665 kBSize

32 Cookies

98 Outgoing links

Page URL History

Redirected requests

317 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gta.nafaixa.com.br Open in urlscan Pro
192.185.215.135 Public Scan

Screenshot
Live screenshot

Full Image

317
Requests

92 %
HTTPS

60 %
IPv6

42
Domains

56
Subdomains

42
IPs

4
Countries

9336 kB
Transfer

16665 kB
Size

32
Cookies

317 HTTP transactions
8 data transactions