urlscan.io logo urlscan.io
SecurityTrails logo

www.belasmensagens.com.br Open in urlscan Pro
2606:4700:20::681a:64c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.belasmensagens.com.br/
Effective URL: https://www.belasmensagens.com.br/
Submission: On November 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 63 IPs in 7 countries across 36 domains to perform 215 HTTP transactions. The main IP is 2606:4700:20::681a:64c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.belasmensagens.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 25th 2023. Valid for: a year.
This is the only time www.belasmensagens.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
37 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
10 2600:9000:245... 16509 (AMAZON-02)
11 35.186.238.232 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
10 139.45.240.92 57304 (RUBY-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 217.182.178.224 16276 (OVH)
1 35.241.45.217 396982 (GOOGLE-CL...)
3 3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 184.30.17.243 16625 (AKAMAI-AS)
1 2607:ae80:4::26 26558 (FREEWHEEL)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:245... 16509 (AMAZON-02)
5 2600:9000:201... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 193.108.153.21 20940 (AKAMAI-ASN1)
3 52.222.181.100 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.102.243.38 396982 (GOOGLE-CL...)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 34.102.185.99 396982 (GOOGLE-CL...)
3 185.89.210.46 29990 (ASN-APPNEX)
1 185.86.138.32 201081 (SMARTADSE...)
1 34.149.50.64 15169 (GOOGLE)
1 3 52.85.92.104 16509 (AMAZON-02)
1 54.230.206.115 16509 (AMAZON-02)
1 13.32.119.77 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:201... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2804:49c:3104... 15201 (Universo ...)
6 2404:6800:400... 15169 (GOOGLE)
6 3.33.220.150 16509 (AMAZON-02)
1 142.250.185.134 15169 (GOOGLE)
1 54.230.206.46 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 15.197.133.55 16509 (AMAZON-02)
1 2600:9000:209... 16509 (AMAZON-02)
1 142.250.186.130 15169 (GOOGLE)
3 3 3.125.147.173 16509 (AMAZON-02)
1 1 172.217.16.130 15169 (GOOGLE)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 142.250.186.34 15169 (GOOGLE)
1 54.81.39.196 14618 (AMAZON-AES)
2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 184.30.22.30 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
2 3.212.211.43 14618 (AMAZON-AES)
1 69.173.144.138 26667 (RUBICONPR...)
215 63
1    2606:4700:20::681a:74c (United States)

ASN13335 (CLOUDFLARENET, US)
www.belasmensagens.com.br
37    2606:4700:20::681a:64c (United States)

ASN13335 (CLOUDFLARENET, US)
www.belasmensagens.com.br
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2600:9000:2451:7c00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.jsuol.com.br
11    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)
notix.io
5    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
2    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a02:26f0:3500:11::215:14c6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
monetize-static.viralize.tv
1    217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu
www8.smartadserver.com
1    35.241.45.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
3    2a02:26f0:3500:6::17d8:4da2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-global.smartadserver.com
9    2a02:26f0:3500:6::17d8:4da0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-eu.smartadserver.com
1    184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    2400:52e0:1e00::863:1 (Germany)

ASN200325 (BUNNYCDN, SI)
widgets.getsitecontrol.com
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2600:9000:2451:9400:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.uol.com.br
5    2600:9000:2016:7e00:1e:82d4:d9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
privacy-sandbox.uol.com.br
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a02:26f0:3500:6::17d8:4daf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
me.jsuol.com.br
3    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ced-ns.sascdn.com
3    52.222.181.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-181-100.ham50.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10162-1.seg.t.tailtarget.com
m.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
3    52.85.92.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-104.ham50.r.cloudfront.net
sb.scorecardresearch.com
1    54.230.206.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-115.ham50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2600:9000:2016:b000:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
udr.uol.com.br
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)
tracker.bt.uol.com.br
6    2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    54.230.206.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-46.ham50.r.cloudfront.net
choices.trustarc.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:f::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5edn6y.c.2mdn.net
1    15.197.133.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4b61a47cf5978487.awsglobalaccelerator.com
de2-bid.adsrvr.org
1    2600:9000:2093:5000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
3    3.125.147.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-173.eu-central-1.compute.amazonaws.com
red.vtracy.de
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
ade.googlesyndication.com
1    54.81.39.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-39-196.compute-1.amazonaws.com
choices-or.trustarc.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    3.212.211.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-211-43.compute-1.amazonaws.com
logger.uol.com.br
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
38 belasmensagens.com.br
www.belasmensagens.com.br
5 MB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
196 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
ade.googlesyndication.com — Cisco Umbrella Rank: 293
329 KB
14 smartadserver.com
www8.smartadserver.com — Cisco Umbrella Rank: 8428
csync-global.smartadserver.com — Cisco Umbrella Rank: 6924
csync-eu.smartadserver.com — Cisco Umbrella Rank: 22266
prg.smartadserver.com — Cisco Umbrella Rank: 1657
60 KB
13 uol.com.br
tm.uol.com.br — Cisco Umbrella Rank: 74647
privacy-sandbox.uol.com.br — Cisco Umbrella Rank: 131827
udr.uol.com.br — Cisco Umbrella Rank: 87784
tracker.bt.uol.com.br — Cisco Umbrella Rank: 80132
logger.uol.com.br — Cisco Umbrella Rank: 121452
11 KB
13 viralize.tv
ads.viralize.tv — Cisco Umbrella Rank: 26184
monetize-static.viralize.tv — Cisco Umbrella Rank: 22526
301 KB
11 jsuol.com.br
tm.jsuol.com.br — Cisco Umbrella Rank: 70701
me.jsuol.com.br — Cisco Umbrella Rank: 85996
269 KB
10 notix.io
notix.io — Cisco Umbrella Rank: 17476
44 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com
174 KB
7 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 557
de2-bid.adsrvr.org — Cisco Umbrella Rank: 13814
match.adsrvr.org — Cisco Umbrella Rank: 331
26 KB
7 tailtarget.com
tt-10162-1.seg.t.tailtarget.com — Cisco Umbrella Rank: 102126
m.t.tailtarget.com — Cisco Umbrella Rank: 159651
b.t.tailtarget.com — Cisco Umbrella Rank: 60259
t.tailtarget.com — Cisco Umbrella Rank: 15832
2 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
71 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
119 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
70 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
392 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
19 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
imasdk.googleapis.com — Cisco Umbrella Rank: 487
fonts.googleapis.com — Cisco Umbrella Rank: 29
405 KB
3 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
14 KB
3 vtracy.de
red.vtracy.de — Cisco Umbrella Rank: 113854
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
gcdn.2mdn.net — Cisco Umbrella Rank: 1193
r1---sn-4g5edn6y.c.2mdn.net
7 MB
3 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3003
10 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
384 B
2 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 875
choices-or.trustarc.com — Cisco Umbrella Rank: 3869
1 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
517 B
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1888
feed.pghub.io — Cisco Umbrella Rank: 2194
6 KB
2 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
784 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428
638 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1795
581 B
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1600
377 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
2 KB
1 getsitecontrol.com
widgets.getsitecontrol.com — Cisco Umbrella Rank: 20012
863 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
496 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4166
372 B
1 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 8693
10 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 857
2 KB
215 36
Domain Requested by
38 www.belasmensagens.com.br 1 redirects www.belasmensagens.com.br
tm.jsuol.com.br
11 ads.viralize.tv www.belasmensagens.com.br
ads.viralize.tv
10 notix.io www.belasmensagens.com.br
notix.io
10 tm.jsuol.com.br www.belasmensagens.com.br
tm.jsuol.com.br
tm.uol.com.br
10 pagead2.googlesyndication.com www.belasmensagens.com.br
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
9 csync-eu.smartadserver.com ads.viralize.tv
csync-eu.smartadserver.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 csi.gstatic.com imasdk.googleapis.com
6 tpc.googlesyndication.com cdn.ravenjs.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
5 insight.adsrvr.org imasdk.googleapis.com
5 privacy-sandbox.uol.com.br tm.jsuol.com.br
www.belasmensagens.com.br
5 www.google-analytics.com www.belasmensagens.com.br
www.google-analytics.com
5 www.googletagmanager.com www.belasmensagens.com.br
www.googletagmanager.com
me.jsuol.com.br
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 ade.googlesyndication.com
3 red.vtracy.de 3 redirects
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 sb.scorecardresearch.com 1 redirects www.belasmensagens.com.br
3 ib.adnxs.com tm.jsuol.com.br
acdn.adnxs.com
3 tt-10162-1.seg.t.tailtarget.com tm.jsuol.com.br
3 c.amazon-adsystem.com monetize-static.viralize.tv
cdn.ravenjs.com
3 ced-ns.sascdn.com csync-eu.smartadserver.com
3 tm.uol.com.br tm.jsuol.com.br
www.belasmensagens.com.br
3 csync-global.smartadserver.com 3 redirects
2 logger.uol.com.br tm.jsuol.com.br
2 eus.rubiconproject.com tm.jsuol.com.br
eus.rubiconproject.com
2 gum.criteo.com tm.jsuol.com.br
2 b.t.tailtarget.com tm.jsuol.com.br
2 fonts.gstatic.com www.belasmensagens.com.br
fonts.googleapis.com
2 www.google.de www.belasmensagens.com.br
2 www.google.com www.belasmensagens.com.br
tpc.googlesyndication.com
2 udr.uol.com.br tm.jsuol.com.br
2 region1.google-analytics.com www.googletagmanager.com
2 securepubads.g.doubleclick.net tm.jsuol.com.br
securepubads.g.doubleclick.net
2 monetize-static.viralize.tv ads.viralize.tv
monetize-static.viralize.tv
2 imasdk.googleapis.com ads.viralize.tv
imasdk.googleapis.com
2 polyfill.io ads.viralize.tv
www.belasmensagens.com.br
1 token.rubiconproject.com eus.rubiconproject.com
1 acdn.adnxs.com tm.jsuol.com.br
1 choices-or.trustarc.com imasdk.googleapis.com
1 match.adsrvr.org
1 dsp.adfarm1.adition.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 secure-gl.imrworldwide.com
1 de2-bid.adsrvr.org
1 t.tailtarget.com
1 r1---sn-4g5edn6y.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 choices.trustarc.com
1 ad.doubleclick.net imasdk.googleapis.com
1 tracker.bt.uol.com.br www.belasmensagens.com.br
1 fonts.googleapis.com
1 region1.analytics.google.com www.googletagmanager.com
1 m.t.tailtarget.com www.belasmensagens.com.br
1 aax.amazon-adsystem.com cdn.ravenjs.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 s.seedtag.com tm.jsuol.com.br
1 prg.smartadserver.com tm.jsuol.com.br
1 s0.2mdn.net imasdk.googleapis.com
1 feed.pghub.io pghub.io
1 cdn.jsdelivr.net cdn.ravenjs.com
1 me.jsuol.com.br tm.jsuol.com.br
1 widgets.getsitecontrol.com www.belasmensagens.com.br
1 ads.stickyadstv.com www.belasmensagens.com.br
1 ad.yieldlab.net ads.viralize.tv
1 pghub.io www.belasmensagens.com.br
1 www8.smartadserver.com www.belasmensagens.com.br
1 cdn.ravenjs.com ads.viralize.tv
1 unpkg.com www.belasmensagens.com.br
1 ajax.googleapis.com www.belasmensagens.com.br
215 72

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
br.pinterest.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-25 -
2024-02-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.jsuol.com.br
Amazon RSA 2048 M01		 2023-08-03 -
2024-08-31		 a year crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2023-12-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
notix.io
R3		 2023-09-15 -
2023-12-14		 3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-11-12 -
2023-12-12		 a month crt.sh
monetize-static.viralize.tv
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2023-03-07 -
2024-04-07		 a year crt.sh
*.uol.com.br
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
www.uol.com.br
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-05-10		 8 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
uol.com
GeoTrust TLS RSA CA G1		 2023-09-11 -
2024-09-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh

This page contains 24 frames:

Primary Page: https://www.belasmensagens.com.br/
Frame ID: 0E8F9E4C7292DF286626121FD6202241
Requests: 114 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 388467D7DEDE4221B680A1A8E5AC4AB9
Requests: 25 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2058/CookieSync.html
Frame ID: 675646FBD2AD8CB1A9BDF1CCC318FFE2
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2161/CookieSync.html
Frame ID: 2D20FB5059A1CB4335B724625774ADD3
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/3668/CookieSync.html
Frame ID: A20F88A420FBCE543FC2AA626C9608CA
Requests: 4 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1701388618&type=h&gdpr=1&consent=
Frame ID: 3578048AE233B72D4CE13DA31885D7C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 18347614AB82973F48954C972F8E8351
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 0574E879DDCAE1DAEF48649BFE473B4B
Requests: 2 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 62EF993D1C27D7EB1ADF9C816123386E
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: EB5CDD4B579C28C99B102363EE0F4618
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 8DB86BF5342E9420DCDB520336641335
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 51710645E3ED91D9ED2F3B20E752D33F
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 6A5C3359DB902CBF777B5B54E8D84D86
Requests: 1 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: 16478C4DAEF389C709FCD1E85486148E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4546623105289528&output=html&adk=1812271804&adf=2712904484&lmt=1701388619&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701388619003&bpp=2&bdt=232&idt=447&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3666162543597&frm=20&pv=2&ga_vid=1319914837.1701388619&ga_sid=1701388619&ga_hid=2034210189&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532523%2C44809314%2C31078301%2C31079889%2C44807753%2C44806139%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=4179707446146285&tmod=1119044132&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=459
Frame ID: 1704F82F29D9EF92537A34A5387571AB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: DCC922DF75DD5E3B58A57FAE8E9F8BE7
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 82B597CD10D091476F9C2E60EEE13AFF
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: E66DA3EDFFA9F002529151D9450833FA
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 7125C8DB40B60E0A07F56375ACE95BEF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 540AFA14F7F8315660DBE94BE89939B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA19723E11C85A5DD7742585F080B912
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 215D0B1AF022E3592471986DFD04C001
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DA156E78C898BBA7260E6F943549E84D
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CDFD6DF4663DF343535D615FE2841E72
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Belas Mensagens

Page URL History Show full URLs

  1. http://www.belasmensagens.com.br/ HTTP 301
    https://www.belasmensagens.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

215
Requests

98 %
HTTPS

57 %
IPv6

36
Domains

72
Subdomains

63
IPs

7
Countries

15712 kB
Transfer

21367 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.belasmensagens.com.br/ HTTP 301
    https://www.belasmensagens.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://csync-global.smartadserver.com/2058/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/2058/CookieSync.html
Request Chain 49
  • https://csync-global.smartadserver.com/2161/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/2161/CookieSync.html
Request Chain 50
  • https://csync-global.smartadserver.com/3668/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/3668/CookieSync.html
Request Chain 114
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 174
  • https://gcdn.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7E4C16BA4CA6C23F9C7B200DF300BFEE5BD6FF86.6B170F1E49CB0AE3CBABE7AA4DF031B651EC8DA4/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-4g5edn6y.c.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7BC765618A0902C08476B1CED3401E1DE1ED034D.7769B2565454C5B79EC647FA1FA0DF775F97947A/key/cms1/cms_redirect/yes/mh/yP/mip/2001:ac8:20:3d00:1011:868f:14fa:940b/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701388349/mv/m/mvi/1/pl/49/file/file.mp4
Request Chain 183
  • https://red.vtracy.de/img.tr?tr_adid=k30120998_s8521416_p369508313_c194887612&tr_mid=0&tr_sync=true&tr_uid1=DC&gdpr_consent=&gdpr=&t=4005649175 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701388620652&tamgdpr=&tamgdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI HTTP 302
  • https://red.vtracy.de/tr_cm?v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701388620652&tamgdpr=&tamgdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI&google_gid=CAESEKe748O3gwzrp-l9CkTOUnA&google_cver=1 HTTP 302
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c%26adid%3Dk30120998_s8521416_p369508313_c194887612%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1701388620716%26tr_run%3Dfalse%26tr_ttd%3Dtrue%26tamgdpr%3D%26tamgdpr_consent%3D%26request_uid%3DZWkhTHEDXa4LFm7Tsm1J0AAAABI HTTP 302
  • https://red.vtracy.de/tr_aa?v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&userId=7307408480699152527&tr_timestamp=1701388620716&tr_run=false&tr_ttd=true&tamgdpr=&tamgdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&gdpr=&gdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI

215 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.belasmensagens.com.br/
Redirect Chain
  • http://www.belasmensagens.com.br/
  • https://www.belasmensagens.com.br/
53 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98807266801be7195c508a22c35dd78afe4dc828569e2de39c1b5974a078f8b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate, max-age=0
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-ray
82e707b22d3d5d8b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 30 Nov 2023 23:56:58 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://www.belasmensagens.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYbKlQivj%2FGIiko3njGoxgG5s34rpkfAIpESiPqnMZx2rYpUjltMApdKZ9Ez2XH7muIv594kQbrTiwUNUresfJNqNmAsVPNq%2FQyF70UhIYZ%2BRxYaYpSyR80IH5IOBTU0GqLWFjV2S5np2Tz6xCI5uWhDDSqc7J8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-Cache-Status
BYPASS
CF-Ray
82e707b108a13641-FRA
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 30 Nov 2023 23:56:58 GMT
Location
https://www.belasmensagens.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLylX8xhtk9uuuyfpBu4ByqEK6yZzKQrh%2FLr5EehEC7GrkQIcimdxCd2sNi7%2FWEIAB8K0hun3nO0SkawlbKEuU6sBWvQk0vz9L5BrHWx5TxNqTutKmKjmsbnZmuTOA%2BAtyPy7LVFCv2%2FjldOGqvkuP80YK3ZbeA%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
cf-apo-via
origin,no-cache
bootstrap.min.css
www.belasmensagens.com.br/wp-content/themes/bm/css/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/css/bootstrap.min.css
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
095225d09c00e48fae10190c77136bfad208993dc708cc436416627b0fb320c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Jan 2021 15:32:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
235767
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVMje4dZYvql%2FZsQDmjI4uzjHmgSocWw3RyjS%2F9ovdbStzw%2FhF3ppEcsdpUbvtYk3OhXfVWlzFkQxArCmhWerBJquiJB06ertVHl20hkH6m3OAwaxGwPibzkg4qWgPVkOGJQPG5H%2FqYk8PGI%2Fot0tZNo1paMb4s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
82e707b35dc85d8b-FRA
expires
max-age=A10368000, public
style.css
www.belasmensagens.com.br/wp-content/themes/bm/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f75ec7cf5732e66f445fc8bce027a9bb8c97c6d580aad80e0a8d635e209abab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Sep 2023 17:56:20 GMT
server
cloudflare
age
1976962
cf-polished
origSize=23531
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgqIEL67RqcUVdeny3vbj20Oun9HZg4FLYThs3wuR3zh6d8Q3QRhITd9%2BoPs2o8c5xwpAr5gf3yiblB3MFQYtjqgKBvv2iTddnylSwsaTyOEawtrlmFsUb7O1%2BDrbJ8YL8%2BAUD9foqvHS2jveprVufLinRNG4O4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
82e707b35dc95d8b-FRA
expires
max-age=A10368000, public
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51c10b2f9a35649edd695639c24fead958f89c3359a7293d151b36bf206507b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51978
x-xss-protection
0
server
cafe
etag
9108351636388491698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:56:58 GMT
uoltm.js
tm.jsuol.com.br/ 		525 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/uoltm.js?id=taljro
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
2282944e32da085e7450b47ad272376aca3c4ed07201627663a4b0a88b4e667f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:00 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Mon, 06 Nov 2023 13:17:13 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
58
etag
5b75ba30fca01f68d19adaca5367212a
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
82907
x-amz-cf-id
ibhRNmJdalLPzhUeNlYQMEefFCh-ts3FwAQYAQq-gNM4VPFXfJoXIA==
expires
Fri, 01 Dec 2023 00:56:00 GMT
style.min.css
www.belasmensagens.com.br/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 Aug 2023 12:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1439250
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YFt4o9Bbp6nqt7E%2BkHk%2F4%2BzAHKeZShB9SVXe9S%2FIzUTVRApWzBDfC8k%2FstETf9Q97N%2B4B0jqOFXbMV%2BlMnWXcvpIVp%2BPuV9GaC0D6fepiXfefKmUhiI4nCW6exarFkfG%2BIopyIFccEJ%2BtGx6tUgP2lWSaGpaho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
82e707b35dca5d8b-FRA
expires
max-age=A10368000, public
styles.css
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 16:52:25 GMT
server
cloudflare
age
1879803
cf-polished
origSize=2859
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=syqgAZV65gKFx3HU3O5f7iU438k4jGQNHT2%2FfiW8wFsS8Nycg0f%2F5VCf%2B580LUig3AZstXF5P8ln4o3EDfU3wRrFDvSuHJbOpj7Pb7ybDlp1or0hL292YkG7z965%2B7Wf2AAV2vM8WB%2FAz6uCa%2FRZq2xirD2ATXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
82e707b35dcb5d8b-FRA
expires
max-age=A10368000, public
/
ads.viralize.tv/display/ 		106 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
ad7e8384bae6bf7047f599fe7e7003a59a213991c92964b6b77b8f3ba6e03132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
belas-mensagens.png
www.belasmensagens.com.br/wp-content/themes/bm/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/images/belas-mensagens.png
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4be0d0585d4c0866551f173ca8a2e18562a1a6a6e45c17f7438d09173e0026e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
614080
cf-polished
origFmt=png, origSize=2272
content-disposition
inline; filename="belas-mensagens.webp"
content-length
1644
cf-bgj
imgq:100,h2pri
last-modified
Sun, 24 Jan 2021 15:32:11 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGrC5oxONCiXd2Sf95DwDIVmmeC%2BiOk9JIx32T%2FWsPa084WMR%2FFxP11qfrYB6EEldzdGit%2FMVQs2hCEZh%2Fe4HwzUytiKWZbXjYkSM%2FQM%2FhpPlUKrtdusOlUzt7CivHXtp%2FtlXXlp0yYkZAIDZH%2FzvHRit0oqDO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e707b35dce5d8b-FRA
expires
max-age=A10368000, public
frases-de-feliz-natal-em-ingles-4.png
www.belasmensagens.com.br/wp-content/uploads/2023/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/11/frases-de-feliz-natal-em-ingles-4.png
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e803638c382783d304ec5a2fbd5377d562da1b62e46e0b21ea9983f18756af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
MISS
last-modified
Tue, 28 Nov 2023 16:17:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycv66oBc7fDbbGPCwNq%2Fg1jkHtWf2%2BwZ5IXNWL2v4B7mbykU%2F%2BXfsjc0QMPEOpqBQTdA08J3teeObqZwiurjhC3JJL4j%2BZ7F6tf%2FEuX6YzxG0rps8sXrG0uBj6dVP02d8gZI%2FKNCxF4lCtix56IPCNBdf8yyoa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
cf-ray
82e707b35dcf5d8b-FRA
expires
max-age=A10368000, public
frases-para-bio-do-whatsapp.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/11/ 		390 KB
391 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/11/frases-para-bio-do-whatsapp.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e860fc5f5f098b92d48f5f37e09722a5328a77846e0296777c3e2c54c36c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
MISS
last-modified
Mon, 27 Nov 2023 19:27:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmhOqdxKM0zHz7FjWOwcfXTX5aKXRhZwScZJFae3iyEczuoPy06bve6sLovt3kUo8lEx%2Fa87XyL0o2B1lJV36%2Bhy0d9BWP%2BVz6ci6hAxW6Tr5ybMvx6q4PNrXLbxdIKj0nR%2B0RV%2FT0XAXt8%2FuD6NihfbD%2FJqcgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b37de55d8b-FRA
expires
max-age=A10368000, public
mensagens-de-aniversario-para-pastor.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/11/ 		229 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/11/mensagens-de-aniversario-para-pastor.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78b33112f2a1302295a15c73782bb54146585677dda7834deb3dde888d888b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 27 Nov 2023 17:00:19 GMT
server
cloudflare
age
217874
cf-polished
origSize=259581
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRFnxIH69NaHA9Ro0E%2B%2FDQmbDuxnm3wP7w9TcZIvqBJJ2jipchbVEbc7%2BRhP9RqMJUhxzK1i7qnCrh1cV3gY6uGEOdZJ0hZ57cJjbIgZO0PEU8x0ONFuMS%2FGB%2FnZKS7CJZ43hkJsV5c33PoieuCI4fcertAELmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39df25d8b-FRA
expires
max-age=A10368000, public
mensagens-de-bom-dia-com-carinho.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/11/ 		598 KB
599 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/11/mensagens-de-bom-dia-com-carinho.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ba5883154f7b26effb061d106c3fa8d8f08cbc136c33e73b946e271c006d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 27 Nov 2023 15:17:47 GMT
server
cloudflare
age
217874
cf-polished
origSize=681346
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdKCWHrXHSw0ZvxC5RtD8vTlW40SYxnXlWk5RCUoqfKXJHVnXLbcpRwQ37E%2BSvzcMtYilVQ7vkeOeZn61KoDJEyonQwOeeScnrZ6Doc89k%2BGW1u%2FoGtC6iSsHz6AvjpjLEqKjy6tF1nHpOozO1YdAS0hAgUgpm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39df35d8b-FRA
expires
max-age=A10368000, public
mensagens-de-aniversario-para-neta.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/11/ 		579 KB
580 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/11/mensagens-de-aniversario-para-neta.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3df9bfdad525834443ea3664c5cad6b72c2449ad4d02e750e8f6ffdb37c5632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 27 Nov 2023 14:29:57 GMT
server
cloudflare
age
217875
cf-polished
origSize=637940
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TusUsS%2BCuzJ%2FdxrVqxPGVCKFH1kk%2BHo06d7CEy9OB7Wfppkn69ccCiezhHuNMBdSnfQCBrMw7nzC2yfo5keACgmNIcrneQIosM1FvByf6s2OUkiPx%2BTI45rKFCTM2HitFMbMcv%2FOmR5jcZCFS9T1%2BkuOOWVM0WI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39dff5d8b-FRA
expires
max-age=A10368000, public
frases-de-elogios-criativos.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 		361 KB
361 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/10/frases-de-elogios-criativos.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d6da90f097a7760687e0c9d2405d2803b9983a5644b60f1d4dcc17eadd39ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 27 Oct 2023 12:14:25 GMT
server
cloudflare
age
217874
cf-polished
origSize=402659
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20P4SjQgne6%2BPVi3ugvqp%2BaR2TS9QYWB27pqkh45roeKV9yT%2Fp5YaR1RCBroj7wAxrkY3F%2FZV3p9Uy7vnfCTRLZrgXG%2F7HOgaXoQXaURRyty7MDqdd51bQWdiPKM682%2Bm7rrU7reOTvDU63KYtj7wN0JedwXOSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39e005d8b-FRA
expires
max-age=A10368000, public
mensagens-de-bom-dia-para-whatsapp.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 		678 KB
679 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-bom-dia-para-whatsapp.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91d66ac18bafe8a50ebbeb8fa9de825ebcf04adf038a0b715835c25b6e5019be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 27 Oct 2023 11:40:21 GMT
server
cloudflare
age
217874
cf-polished
origSize=751928
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r52ye6LUwKkrkEshlR6F%2F%2FRmZgXlqR1ISlczmoAVWdb8wQaUYCBnr7DIz6xHNDsAufJT%2BWSPSrK8apwIWKOxGUKnR2qNFJWKBjLGnK4pJ8BLY%2FZZCYRf%2Bm%2F2XQz7stARGINbHz9lKrsMJK0HvvMy8TlIvQUV1Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39e015d8b-FRA
expires
max-age=A10368000, public
frases-de-poemas-curtos.png
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 		531 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/10/frases-de-poemas-curtos.png
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11eae72fd819f6d784f244bb49543e904f3a1bf5db32f7a3d0353adda4d6bbc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 25 Oct 2023 18:54:15 GMT
server
cloudflare
age
217874
cf-polished
origFmt=png, origSize=867355
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y8ZgoZCjqLhaHYkxAflrf%2BsJOQk2nXaOM5Dgp1VFdtNRs3WhAJRbOiJot1pzbdKWrgBqTBpszxnbSB8jplFS%2Fb2Fp9AOt5TWRrr29qWhFwb9Rm2V615TAzGY%2F6KFVSIMrkTkz8%2BHGs2X9kQcIPyofvuhQ7rrMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
content-disposition
inline; filename="frases-de-poemas-curtos.webp"
cf-ray
82e707b39e025d8b-FRA
expires
max-age=A10368000, public
mensagens-de-aniversario-de-filha-para-mae.jpg
www.belasmensagens.com.br/wp-content/uploads/2023/10/ 		473 KB
474 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2023/10/mensagens-de-aniversario-de-filha-para-mae.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6d947bb851044dd79bdf5bd7716c3fb29b6cb44dc659f49fd86c224ef9e653

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 23 Oct 2023 12:44:42 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=518652
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZWa3H0nALHcjXkAIxKtcDuzeHo1lrpyi6hgOauf2o8aSX0pKjTkU6K5uJ8hvGnmsFutMdkv156OwPG39ksjEvyUrrNEQNmiWrQcHbR8jaS2rE6YE7Zt%2BLCtnnYRemq3Qm61iLDru2%2Fpb0r0%2FvVJBq3xnyo5xFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39e035d8b-FRA
expires
max-age=A10368000, public
cordeiros-recem-nascidos.jpg
www.belasmensagens.com.br/wp-content/uploads/2022/05/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2022/05/cordeiros-recem-nascidos.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90e4eea987761228cca6f2c5c21105484a4e28dd2929ca394d4b6e8c8a7e78b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 06:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe3dSDbuYiZvwoD%2FZPZcTpUHaR8CbbOFHEA1GW6Cvu0RBUgcHpVKSofVDHe5%2FIW8l2ZVZeOqFcolILfrK87CIiaCyiyA4EPYP35PeTFBO7mzdNNWzSkConUDBiB84kNUD9KBKEEqmHgJS5wDuQcuLRHDKCEZaHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e055d8b-FRA
expires
max-age=A10368000, public
o-menino-que-descobriu-o-vento-3.jpg
www.belasmensagens.com.br/wp-content/uploads/2020/08/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2020/08/o-menino-que-descobriu-o-vento-3.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b482e17c44b320366108a0e1859d02b0413541ab463b590afc3f8e60ff1c97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 24 Aug 2020 17:29:23 GMT
server
cloudflare
age
217875
cf-polished
origSize=83800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zyByoU1HqjCtuyn4spK%2Ff26ouzycYwYBi%2FJOhIBgLnAQ1GpJOvkSw6002S7S3eNbYC%2B3O0iTL1EloVlq80bFw6VU3yMrzyuBdDyBPGjYNLBhfBV7o2Ws%2Fwqdi3evWQa2FFjCBH%2Bn0o7PptHUtSeDwOKK6yaxBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
82e707b39e065d8b-FRA
expires
max-age=A10368000, public
jovem-tatua-bilhete-de-avo-2.jpg
www.belasmensagens.com.br/wp-content/uploads/2020/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2020/07/jovem-tatua-bilhete-de-avo-2.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eece30c2c835fb69fee6f366ab1685cfec2bb112c4f20799180268a546420f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 14:24:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwHd7Xi4n17iwoz4eU34U5Ru1TRl0RTI5N%2B38BRwPj48T79Kt33SB46KQT1FG%2FxBv%2BEH48tUNurZjlPmWDENJj1%2B6mEAWlPrvFP89ajj8kSBBzEkZ9%2BMMRFup8xFRFEHl%2BEqxRpCsX8W09ArC0Z5nGWQ2gmzCuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e075d8b-FRA
expires
max-age=A10368000, public
albert-einstein.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2014/03/albert-einstein.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729f41f5afe9a3a2da94c5a4bdd3448e5136a587594837174c90a04e0b8d79fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 15:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217875
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daXVOp5uikNWhGGc%2FTVl0iotvTFLE9owyipcDgZRyKPQofTPpBbo8lLevphyS8lUaPFin685jtjNApEuoAVyI2tj6ouuwaC7N3AXSawZ%2B%2F12se5fqF7B5xc2M0AmVGRueEiTV1Pf2xPi9Ro2382dLIbjylM3Km8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e085d8b-FRA
expires
max-age=A10368000, public
nietzsche.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/08/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2014/08/nietzsche.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e36cc8846e3595c046f4888caadba0c64ae31ae9e153d8cebbcfc28afeed34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 16:50:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217875
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfxDualicJ%2F%2Fwunv8XZjpNGds3nSztBZzFN1NN2cDVQcB1xzztdoJCAkG6aV91JRJ2QO6B%2BrlakmnQ375PUsPL0AacOA7jFHTz3KEIAJUaVRrYgWWfBjHTnoJgTyccG07MhjwtDpA52cdzCyi3s2vC18TpTek0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e0a5d8b-FRA
expires
max-age=A10368000, public
clarissa-correa.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/09/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2017/09/clarissa-correa.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0062cd1266d146c7b0bbbf4ae0b650e9a39e24a2833fdff87bd9bf5e9fc132ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Jun 2022 01:32:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217875
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHJUB2zjH84Ws%2Fn3qggqLLXOn%2FPlKfMBouSC2ytqFldlOaDvUrmsRx84wI3SdwBeihJH88%2FfeBhjY5CiV%2B%2FdRUypt5Z67XhFeW3A075dab48KFHpV8T3Vc9mj%2FNr3RqagOtm4ivf81vgHiNB%2F4GtA%2B57zO6scCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e0c5d8b-FRA
expires
max-age=A10368000, public
william-shakespeare.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2014/03/william-shakespeare.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19155aa67da5a92b18923455bd3445857e3872b776d3843dcf5507d96c617be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 15:30:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2YrFtX7g2LWZeAI4Y4U%2F1l%2BWxWSQUFUvJa%2BqhedW2Qa8pnKOCEUGRr%2FaKvt5DuXi1RMnq6cGH0i1bjgsJgyst6%2BuQXcWytviUXFa3oom5Scvx7qa1OAgNU8cNrBy327tAVtHK5%2FQzY4H6jl3zm3f1AMAX5HZ%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e0d5d8b-FRA
expires
max-age=A10368000, public
charlie-brown-jr.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2017/12/charlie-brown-jr.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66ab1c2a5411b1f4ca3043d9ccdb4a5964cfd0522a6e36eb26cad5dea4afd93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
217874
cf-polished
status=not_needed
content-length
19015
cf-bgj
imgq:100,h2pri
last-modified
Fri, 13 Nov 2020 17:38:43 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTgODcBmB9Lf1uYL5gh4FQ8W3aXjJTmEe11LT58Sqj%2F2ypJOqPuXijVaxiEYzvkQX9xLYZhViKspnW8AUUE8CraIjLkv0FnCFbuh18SUIWKlkwIt1KYUkyFjs9w4YkekkE9GLpsfI4%2BJ1Mo2nApDakdEnRfzc%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82e707b39e0e5d8b-FRA
expires
max-age=A10368000, public
clarice-lispector.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/08/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2014/08/clarice-lispector.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc7ae3e7254890159b0be1401fcfb597c1ab415463f95951dcf3b28ab3d8a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 16:50:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217875
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzcA%2Bjf5%2BpxKsAVQQPg%2F4egyiXrLNc5mzPv%2BdhccBacQgxYPb58jyWCFcQIZ4%2FFXWi%2FevhZ%2BO7HJ6Lg4%2FceZeSG%2FwEwWRG1%2B4uNFCYczrPT1x2Tad%2B0tZ2FSbdFMayiqVh57XO5Fb4Nyc773Yt%2FuTDoEKJ2Xu80%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e115d8b-FRA
expires
max-age=A10368000, public
cecilia-meireles.jpg
www.belasmensagens.com.br/wp-content/uploads/2017/12/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2017/12/cecilia-meireles.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f928ea00f343ee7408675e8c150c74f9e9322a2ba6708d16317510105f165c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Mon, 20 Jun 2022 04:26:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217874
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JKhu99gpRJLChpL5N5HSD3ja9rZMIwHVP2QE8FskXgM1K9LVge6pPAOSoiTJQZG6HfS%2BVyf9v%2FyqweXg5NM1UEsk0s5M5gOqSMheBULVT%2F2%2B%2FZLufP0AKwsj8zrBdzlroDdqFdMO6Ks4dJtSUv8twXMBluBHKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e125d8b-FRA
expires
max-age=A10368000, public
augusto-cury.jpg
www.belasmensagens.com.br/wp-content/uploads/2014/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belasmensagens.com.br/wp-content/uploads/2014/03/augusto-cury.jpg
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c38322d16f3f50bed9d5118f55a3f2482b107d2f7768cf34fb9d691b00dc8bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Fri, 17 Jun 2022 15:30:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
217874
vary
Accept,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pc4pt%2FJ8BWNYSu4c1JId8ZcS8zuxm3c1WdEUh0QChj5OrF%2FZnCgNOT%2Fi9t5fsOEGS7Uh5oeYjHfakkMTSwVy3pVMyzlqWtUL%2FTTgwXi5a4zTb7UaCo3ZtZ7o8vBDbr1gvbdVagNEYul0GTlIhGVwleN34Mo2EGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
cf-ray
82e707b39e135d8b-FRA
expires
max-age=A10368000, public
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 12:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Nov 2024 12:30:21 GMT
bootstrap.min.js
www.belasmensagens.com.br/wp-content/themes/bm/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/js/bootstrap.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c915ff050126424c92d7b9a1b0472e430ef495f89bff63e2f5692f6a6f2e956

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Jan 2021 15:32:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1980936
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoyHvVcAKmqiv7jx%2Ff9KFph95BL0TvsdwHUwEAmQZu1o8XGq0TdEWa5cPGEE68vBaWBiQt5nD2%2Fl53UO2r%2FrjpKIKuZ6QwiwFEoDDrHfQtEsWiSYiL2sz8UaqQzCZzu%2BUftSqbqgCMeLL8LRKVOFNszNJ6h%2FMq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39df45d8b-FRA
expires
max-age=A10368000, public
masonry.pkgd.min.js
www.belasmensagens.com.br/wp-content/themes/bm/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/js/masonry.pkgd.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Jan 2021 15:32:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
903390
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DOPIlkC5crEm2SowozspHc9Qjp03hUngba%2BhLkfBJBUDqVUcYXn1alAPdsKfeLAyqoNbgPUEx3OZwYUk0LYjygwDhmW6NkLyyCzksC3OcMtGeoGl9lh4QNa9zrrCe6D60J2cPlh9X%2BnGcWiTpGAQVFGkB7Ocus%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39df65d8b-FRA
expires
max-age=A10368000, public
imagesloaded.pkgd.min.js
www.belasmensagens.com.br/wp-content/themes/bm/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/js/imagesloaded.pkgd.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Jan 2021 15:32:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
740941
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgUbTN7fs%2B1E0inKlgxoSNczzMSzd%2FmIDn17201t0Kocq7oGUQFiQuFNu5GnNsqN1fb0TdTPev6AlT5U905mnKSd4j1iLDfgB3QuRI8FWpX4p5n0bC0j1liiZGYn6geBQ9R0MSWWIi82DTPSSUEJeG0enmhhTAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39df75d8b-FRA
expires
max-age=A10368000, public
scripts.js
www.belasmensagens.com.br/wp-content/themes/bm/js/ 		1 KB
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/js/scripts.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bbd2803f99d45e9b364c4e31cfbd21201229bef54766227389a97ea30abcf31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 21 Jun 2022 08:38:31 GMT
server
cloudflare
age
149766
cf-polished
origSize=3088
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6b8Ec6jviYSyIV0Hw82lmRSAgjeQBKkOxIZdHt%2FOVeg%2FpW1zpgJszwCtA5XRe74%2Fjn3ZcEJ6Hyu2Nxc3n7gCJaNwNxo%2Bek35TV9hm6jgvFZ%2BxQkRF93Oe0kcTT5qNHxCQle2fwLyInGzMS7rSLnlNhGj08nc3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39df95d8b-FRA
expires
max-age=A10368000, public
index.js
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 16:52:25 GMT
server
cloudflare
age
1682511
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUsw7E44IU9vjAJYDuv2KEcHtOMWYNDaYGs48K0Lq7ZYe5Vtw3Z3QFpTftcHqqdMKqq87tR7gK3GiZZYCNbK5Iu5eTYy7CT%2Bp5HfjVFq9HotE%2F0gcRjruk7o4sfQGruPZgzdnGxHAbidN2bi6sRlszrzJ9A7YrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39dfa5d8b-FRA
expires
max-age=A10368000, public
index.js
www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 30 Oct 2023 16:52:25 GMT
server
cloudflare
age
65157
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H36sSnK6KnJVIdsDmckb123pVz%2FtfURQQEuYT7EvQNEHPkGTX6ojCpTcuKyiRdyq4D6HvBBWftLCfka%2BI7UVoZ9wRfiQUb7h70lExtAZFE8LoMVrJkFx7zrn2DodtUFzfv92E9W%2B5qhfFO4J8SaABzD2vQ7pcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b39dfe5d8b-FRA
expires
max-age=A10368000, public
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6adedeef8fb21ff1634a97faebc622cc5deef5a83ff483303a20490b5821582a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52612
x-xss-protection
0
server
cafe
etag
1656279571181051146
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:56:58 GMT
web-vitals.es5.umd.min.js
unpkg.com/web-vitals@0.2.2/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@0.2.2/dist/web-vitals.es5.umd.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d267db333e9a17b07c0dddb57e772fd638b27a466881aceee2e4e3e60b0843e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1464339
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HF5P3XFTTCQGRHQJVXQ2HC5R-fra
server
cloudflare
etag
W/"d85-nmRVQsTupJw/x4ubrBBWgsznhFE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
82e707b3b9fe382e-FRA
gtm.js
www.googletagmanager.com/ 		166 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTFD
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0808f59e12c3c7fb20aa338303890a622fe30a88fa430da250bae7eff7ac191b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61226
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 22:01:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Nov 2023 23:56:58 GMT
enot.min.js
notix.io/ent/current/ 		141 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notix.io/ent/current/enot.min.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
last-modified
Wed, 29 Nov 2023 20:55:06 GMT
server
nginx
etag
W/"6567a52a-235f7"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 23:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
440
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 01:49:38 GMT
04795dfa-9d8e-4af6-aed0-543cc11dc6ec
https://www.belasmensagens.com.br/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.belasmensagens.com.br/04795dfa-9d8e-4af6-aed0-543cc11dc6ec
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
/
ads.viralize.tv/player/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AAEn2iG_Bt_nZPrQ&sid=01ee8fdc25fe5762629f74de23bb0cb2&activation=onload&experiment=ops.&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ahd=1&player_session=%7B%22page_id%22%3A%22018c22aa0c5ab191d1869d4edfebb220%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A0%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A400%2C%22height%22%3A225%7D%7D&sc=1&gdpr=1&cmp=unavailable&dd=belasmensagens.com.br
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
980d73383d7a619e59d99761121c25986d5f34d9dfd3462e25cf9d958bd5f290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 3884 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
77459
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 3884 		101 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 23:56:58 GMT
age
2627833
detected-user-agent
Chrome/119.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3884 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Thu, 30 Nov 2023 23:56:58 GMT
viralize_player.min.b9d7f43b.js
monetize-static.viralize.tv/ Frame 3884 		408 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.b9d7f43b.js?e=ops
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ed175d840b9b9dc5801b8e7a2772f7722d85af16d6000acc6d36a96399ceaeaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqFIxQy_GEML3A5r_vy4W1M3ZZpivCsZfYYn-K3lBTaYSqNd1Ib87nSeM3UISL7ZNuJf2nn-4oe2g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
118774
last-modified
Thu, 30 Nov 2023 11:44:08 GMT
server
UploadServer
etag
"b9d7f43b1380ceb2839c496b7ecea5e8"
vary
Accept-Encoding
x-goog-generation
1701344648079894
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JXjm6g==, md5=udf0OxOAzrKDnElrfs6l6A==
cache-control
public, max-age=2592000
x-goog-stored-content-length
418208
accept-ranges
bytes
expires
Sat, 30 Dec 2023 23:56:58 GMT
ac
www8.smartadserver.com/ 		208 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=9837710134&out=js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
x-smrt-i
5733718
cache-control
no-cache,no-store
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:10:51 GMT
content-encoding
gzip
age
2767
x-guploader-uploadid
ABPtcPo95RsjeTKGizq35Aq8uM3bdEeXOkt_m3TS1vC5gJGeTwINJjiBB0PN8XY_0V695wK0fsI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
CookieSync.html
csync-eu.smartadserver.com/2058/ Frame 6756
Redirect Chain
  • https://csync-global.smartadserver.com/2058/CookieSync.html
  • https://csync-eu.smartadserver.com/2058/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/CookieSync.html
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 30 Nov 2023 23:56:59 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Fri, 01 Dec 2023 00:56:59 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Thu, 30 Nov 2023 23:56:58 GMT
Expires
Fri, 01 Dec 2023 23:56:58 GMT
Location
https://csync-eu.smartadserver.com/2058/CookieSync.html
Server
AkamaiGHost
CookieSync.html
csync-eu.smartadserver.com/2161/ Frame 2D20
Redirect Chain
  • https://csync-global.smartadserver.com/2161/CookieSync.html
  • https://csync-eu.smartadserver.com/2161/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/CookieSync.html
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 30 Nov 2023 23:56:59 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Fri, 01 Dec 2023 00:56:59 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Thu, 30 Nov 2023 23:56:58 GMT
Expires
Fri, 01 Dec 2023 23:56:58 GMT
Location
https://csync-eu.smartadserver.com/2161/CookieSync.html
Server
AkamaiGHost
CookieSync.html
csync-eu.smartadserver.com/3668/ Frame A20F
Redirect Chain
  • https://csync-global.smartadserver.com/3668/CookieSync.html
  • https://csync-eu.smartadserver.com/3668/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/CookieSync.html
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 30 Nov 2023 23:56:59 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Fri, 01 Dec 2023 00:56:59 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Thu, 30 Nov 2023 23:56:58 GMT
Expires
Fri, 01 Dec 2023 23:56:58 GMT
Location
https://csync-eu.smartadserver.com/3668/CookieSync.html
Server
AkamaiGHost
2x2
ad.yieldlab.net/d/6846326/766/ Frame 3578 		61 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/d/6846326/766/2x2?ts=1701388618&type=h&gdpr=1&consent=
Requested by
Host: ads.viralize.tv
URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
de-DE
Content-Length
61
Content-Type
text/html;charset=UTF-8
Date
Thu, 30 Nov 2023 23:56:58 GMT
Expires
Wed, 29 Nov 2023 23:56:58 GMT
Pragma
no-cache
auto-user-sync
ads.stickyadstv.com/ 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Nov 2023 23:56:58 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1701388618806078-575
icomoon.ttf
www.belasmensagens.com.br/wp-content/themes/bm/fonts/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-content/themes/bm/fonts/icomoon.ttf?vuvm34
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5d4f4059ddadc8ed73873385780bc73385ae4cb38680220331f5c33b82c1d2b

Request headers

Referer
https://www.belasmensagens.com.br/wp-content/themes/bm/style.css
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jan 2021 15:32:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1976962
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCHI4Oskn3iYcAysIyMnk03XNOGrhO2jlSMkgb3bQc%2BUh%2FAKO%2BOr8OEBoK6z4W9Uxfaia08Ga3RsfyAOIfDGnxmvqlL7hkP4VmxVgyWUqQ0lBAasEnoN1cuv2xmW2p2n41iKi4G95TfgeWJyGfmleFPCFGQRaJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
cache-control
max-age=31536000
cf-ray
82e707b3fe435d8b-FRA
expires
max-age=A10368000, public
script.js
widgets.getsitecontrol.com/108212/ 		52 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getsitecontrol.com/108212/script.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::863:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-863 /
Resource Hash
5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
cdn-edgestorageid
865
x-amz-request-id
M810PKT0Q66X37N2
cdn-cachedat
02/22/2023 20:43:51
cdn-pullzone
44619
x-amz-id-2
wnZncFZTdmCJ/5cGL7Fz+5sUs4A3+bwpjQtzNuJX4HaDc2ubf202z3NwSbKfY0vphWKo9C5BAaM=
last-modified
Mon, 23 Oct 2017 10:06:07 GMT
server
BunnyCDN-DE1-863
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"2886c07e313e735c9c3b5f8c650b5f37"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
6285368c356d547b37d1567a139220d2
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
wp-emoji-release.min.js
www.belasmensagens.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 14:25:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1534887
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOGn61Cw%2Bg9bxq%2BLz74RH1yV79Cy1NyfD8zx2pyA8Klyf29e0SPylzVhGhitL09SumToJ0FHHLRSYp5g2TOda%2FBJU39ntncv14CBqjXE8JuqVGvNbTuXcScS3uoSWbmS9PwjESaFR2kZix2B7hjuTZSDsiuyuJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
82e707b42e565d8b-FRA
expires
max-age=A10368000, public
KFOmCnqEu92Fr1Mu4mxK.woff2
www.belasmensagens.com.br/fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

Referer
https://www.belasmensagens.com.br/
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
cf-cache-status
MISS
last-modified
Wed, 11 May 2022 19:24:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgE%2B9Fp%2FhdUshYUvioMmYtPq6ROg0k9klP8arioTjylqU%2BoX85wKYmytGQ%2FWrRAZWkkCPPzOh3ziWG0%2FWNWOWrANgYCmt3JkKBPsn2BmCl6TzZXf6PaxpaN5mJpepvz7n9KbquVh0Igl7qH4d%2FU%2FbKB4D4JVsb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
82e707b46e6f5d8b-FRA
content-length
15744
expires
Sun, 24 Nov 2024 13:37:09 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
www.belasmensagens.com.br/fonts.gstatic.com/s/robotoslab/v34/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
84735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
34328
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:54:50 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
82e707b46e735d8b-FRA
timing-allow-origin
*
expires
Sun, 24 Nov 2024 04:02:47 GMT
collect
www.google-analytics.com/j/ 		4 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2034210189&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ul=en-us&de=UTF-8&dt=Belas%20Mensagens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABQAAAACAAI~&jid=1042561141&gjid=881859338&cid=1319914837.1701388619&tid=UA-4872125-1&_gid=1903914101.1701388619&_r=1&_slc=1&z=1609323720
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		128 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KK2WM5X&cid=1319914837.1701388619
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71838837e3f646c54a5fb892935715f7fcefd36510e7cf604f860d4f184b1f33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50672
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 22:01:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Nov 2023 23:56:58 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079889
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c67c6631ff2b6a6c5d99870dfcdc36f5a6e3ac360531079e99859c0aa1ced7fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137521
x-xss-protection
0
server
cafe
etag
6733834393970183124
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:56:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 1834 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4546623105289528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10650
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 20:59:29 GMT
etag
12051592065903069241
expires
Thu, 14 Dec 2023 20:59:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BET9P2RY3W&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ebbcc58bf4fc1fc467932c5b22cbb59cda9f0ad6afbfab24ca35e36f38550a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85864
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 23:56:59 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LH8HHLTZNN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0da06dc3986059bdc913514c55cd6974b28c17130cd6cea109ce1308829a5185
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89748
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 23:56:59 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4872125-1&cid=1319914837.1701388619&jid=1042561141&gjid=881859338&_gid=1903914101.1701388619&_u=IEBAAEAAQAAAACAAI~&z=325354855
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
polyfill.min.js
polyfill.io/v3/ Frame 3884 		101 B
179 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 Nov 2023 23:56:59 GMT
age
2627833
detected-user-agent
Chrome/119.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
settings
notix.io/ 		106 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://notix.io/settings?appId=1005700a463e142b6147f331b0b8a98&ver=0.15.19
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
106
mercurio.html
tm.uol.com.br/ Frame 0574 		197 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/mercurio.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:9400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
173
content-type
text/html;charset=UTF-8
date
Thu, 30 Nov 2023 23:56:02 GMT
etag
ba5203ce522cc70a434e9a70452ca145
expires
Fri, 01 Dec 2023 00:06:02 GMT
last-modified
Wed, 28 Jul 2021 19:15:10 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.16.6
via
1.1 4c6cae2fc798878bd6b9da38fe5208f8.cloudfront.net (CloudFront)
x-amz-cf-id
HwZUQxkoeANtOXAPdqX1eC73D1Uq5JNQJaJR7TfmKmfKwbG-uZwmKA==
x-amz-cf-pop
HAM50-P2
x-cache
Hit from cloudfront
Prebid.js
tm.jsuol.com.br/modules/external/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:01 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Fri, 03 Nov 2023 15:14:56 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
58
etag
cdd1b84f0c29c6c8e530adae3955fe73
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
115718
x-amz-cf-id
WnLWVjeNcwX7nzXZGwRDKtQ9RBu1N1P0bkE47uDcojJtbfkw2YKuPg==
expires
Fri, 01 Dec 2023 00:56:01 GMT
/
www.belasmensagens.com.br/ 		0
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.belasmensagens.com.br/
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdmU21LaLRfEsd2SOSUVRRTVGT09iXoTpne4%2Fgo9sUGqrhUnrFqV1yFh9AR7etxHo6gbF3lpHkiUMIdt28SN8QxnVfZfDoZw9rIX%2FPJJ4OlHcAkQ42689YBd7w%2BdZwuVINaeBU1K0Ss%2FwiIkSJrcZJxEd1jjZWM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-apo-via
origin,no-cache
cf-ray
82e707b56ef45d8b-FRA
link
<https://www.belasmensagens.com.br/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 62EF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7e00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52253
content-encoding
gzip
content-type
text/html
date
Thu, 30 Nov 2023 09:27:05 GMT
etag
W/"07e6f374a305976ee993e8ac814c9914"
last-modified
Tue, 07 Nov 2023 16:21:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
x-amz-cf-id
n1hBEimXWswYeUYyqiT2Z6TD_7x1Kq533Jc3kMx89iD7JxHFqbJR2Q==
x-amz-cf-pop
HAM50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
766aca5a80cdd0d814d3faeee1ea9c19a0b248ac23f44f4fdeb570c0d4f2cda2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30038
x-xss-protection
0
server
cafe
etag
765 / 19691 / 31079808 / config-hash: 11152387477177976423
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:56:59 GMT
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame EB5C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7e00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52253
content-encoding
gzip
content-type
text/html
date
Thu, 30 Nov 2023 09:27:05 GMT
etag
W/"07e6f374a305976ee993e8ac814c9914"
last-modified
Tue, 07 Nov 2023 16:21:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
x-amz-cf-id
Z_7Yto2ZEukALcLm9AQBGT1Sc65hPwAIAw7Iy784aZP7AFx9bTmQqQ==
x-amz-cf-pop
HAM50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 8DB8 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7e00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52253
content-encoding
gzip
content-type
text/html
date
Thu, 30 Nov 2023 09:27:05 GMT
etag
W/"07e6f374a305976ee993e8ac814c9914"
last-modified
Tue, 07 Nov 2023 16:21:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
x-amz-cf-id
qfUo_FzuOfD5qTAeXflmgp3lO-s9I4bOLjNADcHyWpVpbx6da0aYXA==
x-amz-cf-pop
HAM50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 5171 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7e00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52253
content-encoding
br
content-type
text/html
date
Thu, 30 Nov 2023 09:27:05 GMT
etag
W/"07e6f374a305976ee993e8ac814c9914"
last-modified
Tue, 07 Nov 2023 16:21:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
x-amz-cf-id
8bosFn_z5ByBRIR1sBtHfZkajHnvzAA3mAAAvR05kaWZq2CVUf7gDQ==
x-amz-cf-pop
HAM50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 6A5C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7e00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52253
content-encoding
gzip
content-type
text/html
date
Thu, 30 Nov 2023 09:27:05 GMT
etag
W/"07e6f374a305976ee993e8ac814c9914"
last-modified
Tue, 07 Nov 2023 16:21:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42d6fa6bba37b1a120fb1adae0e0e8c8.cloudfront.net (CloudFront)
x-amz-cf-id
Zqwcov7Rbthof2wxdISt5W3uunW8zs9bBbR5ZAXhBKTTVwGPF_lUHA==
x-amz-cf-pop
HAM50-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
profiles.js
tm.jsuol.com.br/modules/external/tailtarget/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:42:04 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 03:04:55 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
895
etag
ecbae16720fa9548b931f719328b1c88
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
5277
x-amz-cf-id
wKAcJavKjBqe8IedrvAq8t9TT-0NKfQ7vn3YsYRZv6Ss6dYJdLI2Tw==
expires
Fri, 01 Dec 2023 00:42:04 GMT
CT-10.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 		156 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
bc943d99a17601269835433917f1efda0d67b29122939756712776a7bc4fdbb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:01 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Thu, 31 Aug 2023 00:29:36 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
58
etag
3ba5a00d1d7a002cf562eaf6ca619ce7
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
19104
x-amz-cf-id
36z-aIxC_8Q6GsXDpOukvQiyCQ8Ie5R6Zf7zkbLzmGvG5HVL2KHlFg==
expires
Fri, 01 Dec 2023 00:56:01 GMT
grupocontteudo.js
me.jsuol.com.br/aud/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://me.jsuol.com.br/aud/grupocontteudo.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4daf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
72ea0bf10921b8ef082b90bb41d8f9ac7377e5deecd6375e8e5c87d597f79a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
gzip
akamai-cache-status
Miss from child, Hit from parent
last-modified
Thu, 23 Nov 2023 15:23:28 GMT
akamai-grn
0.af6f1002.1701388619.3a445c80
etag
b5a8a93ce1d81bfc09f00551adcb43c5
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, must-revalidate, proxy-revalidate, max-age=1605
server-timing
cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1701388619409_34631599_977558656_1354_927_12_27_146";dur=1
content-length
9194
dmp-uol-sync-p.js
tm.jsuol.com.br/modules/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
971eff456f7ca816184f3e367803deb0c63686cf5a675b68350efe4a9f35ac5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:42:04 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 12:32:03 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
895
etag
e4115050cd463eaf21c96b5d6fb16f9f
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
2999
x-amz-cf-id
kmRiGzhpuwcUWP6RtFxyT4Tesmhm5af49y-KtHtJCUe05fjFBUafUQ==
expires
Fri, 01 Dec 2023 00:42:04 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 2D20 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/2161/ Frame 2D20 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:40 GMT
Server
AkamaiNetStorage
ETag
"c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Fri, 01 Dec 2023 00:56:59 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/2161/ Frame 2D20 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:41 GMT
Server
AkamaiNetStorage
ETag
"8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1942
Expires
Fri, 01 Dec 2023 00:56:59 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame A20F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/3668/ Frame A20F 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:40 GMT
Server
AkamaiNetStorage
ETag
"c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Fri, 01 Dec 2023 00:56:59 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/3668/ Frame A20F 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:41 GMT
Server
AkamaiNetStorage
ETag
"8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1942
Expires
Fri, 01 Dec 2023 00:56:59 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 6756 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/2058/ Frame 6756 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:40 GMT
Server
AkamaiNetStorage
ETag
"c1430567800a2cd191c5289a4ca46139:1700471429.892258"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Fri, 01 Dec 2023 00:56:59 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/2058/ Frame 6756 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:6::17d8:4da0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:56:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 08:58:41 GMT
Server
AkamaiNetStorage
ETag
"8a58c7020312411d6239d6e73a6c978f:1700471430.245669"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1942
Expires
Fri, 01 Dec 2023 00:56:59 GMT
prebid.min.8767321a.js
monetize-static.viralize.tv/ Frame 3884 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/prebid.min.8767321a.js?e=ops
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_player.min.b9d7f43b.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14c6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsm77dKEiebMzpG0voAWQBVjxLHObngxEYjiM1e9U7489IiYltO5mYtaS0st8StnDMmp1ZXX9u32fMyxbBppH-4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
149442
last-modified
Mon, 17 Jul 2023 08:34:42 GMT
server
UploadServer
etag
"8767321aa946fab11b7849c3c8cab276"
vary
Accept-Encoding
x-goog-generation
1689582882143487
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xXO4Yg==
cache-control
public, max-age=2592000
x-goog-stored-content-length
471945
accept-ranges
bytes
expires
Sat, 30 Dec 2023 23:56:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3884 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_player.min.b9d7f43b.js?e=ops
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-181-100.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:20:07 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, HAM50-C1
age
2213
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
KM45zvMo4rqj-alkk1hLjtO_FtkERGNrmGnlfsHwUEb_1603TrRZaA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 3884 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28570
x-jsd-version
1.0.1890
content-encoding
br
x-cache
MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230087-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63f-TNgfTrEmgU0kvSD/fpfRT6TRJJo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKhc%2Ff6XH2%2FXekPpQ7drRaLvGdltPV5jP0hfNs9%2Bapt8J8Q54nWY%2BB%2BOe1MYEUgRYMamoCdXw%2BjIjb14kHS8X2U4g6hw9Pl4kH2p0C67Dq6%2Fkjz3OckrcgjVTj%2FgTm0a3J5eX9GpYh0AkbWKEFU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e707b77803918e-FRA
ima3vpaid
tpc.googlesyndication.com/ Frame 3884 		902 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A//pubads.g.doubleclick.net/gampad/live/ads%3Fiu%3D/8804/parceiros/42frases%26description_url%3Dhttps%253A%252F%252F42frases.com.br%26tfcd%3D0%26npa%3D0%26sz%3D480x361%257C480x360%26cust_params%3Dcampaignuol%253D1%2526videoplayertype%253Dhtml5%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26ad_rule%3D0%26correlator%3D1701388618
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f745c02b1d52389311248a4b02d8830d11f5d6f6ff461bad71e663dea2c2aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.belasmensagens.com.br
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
510
x-xss-protection
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 3884 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AAEn2iG_Bt_nZPrQ&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee8fdc25fe5762629f74de23bb0cb2&item=YWRuXzEyMTI09JxFFwhAR-4%3D.1.1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tag
feed.pghub.io/ Frame 1647 		13 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=&page_url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Thu, 30 Nov 2023 23:56:59 GMT
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
/
ads.viralize.tv/track/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ee8fdc25fe5762629f74de23bb0cb2%3A0&player_session_id=0&label=activation&ver=12&reason=ok&type=event&category=player_session
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ee8fdc25fe5762629f74de23bb0cb2%3A0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 1704 		0
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4546623105289528&output=html&adk=1812271804&adf=2712904484&lmt=1701388619&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_r&format=0x0&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701388619003&bpp=2&bdt=232&idt=447&shv=r20231129&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3666162543597&frm=20&pv=2&ga_vid=1319914837.1701388619&ga_sid=1701388619&ga_hid=2034210189&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532523%2C44809314%2C31078301%2C31079889%2C44807753%2C44806139%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=4179707446146285&tmod=1119044132&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=459
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 23:56:59 GMT
expires
Thu, 30 Nov 2023 23:56:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2034210189&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ul=en-us&de=UTF-8&dt=Belas%20Mensagens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAACAAI~&jid=2086364524&gjid=1643178437&cid=1319914837.1701388619&tid=UA-4872125-86&_gid=1903914101.1701388619&_r=1&_slc=1&z=1216172395
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BET9P2RY3W&gtm=45je3b60h1v887490552z8533936&_p=1701388618799&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1319914837.1701388619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701388619&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&tfd=1114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BET9P2RY3W&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LH8HHLTZNN&gtm=45je3b60v877712674z8533936&_p=1701388618799&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1319914837.1701388619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701388619&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&tfd=1134
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH8HHLTZNN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame DCC9 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
467022
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 14:13:17 GMT
expires
Sun, 24 Nov 2024 14:13:17 GMT
last-modified
Wed, 15 Nov 2023 19:11:18 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3884 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 23:56:59 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82B5 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 30 Nov 2023 23:58:54 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4872125-86&cid=1319914837.1701388619&jid=2086364524&gjid=1643178437&_gid=1903914101.1701388619&_u=KGDAAEADQAAAACAAI~&z=1676164092
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
mercurio.js
tm.jsuol.com.br/modules/ Frame 0574 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/mercurio.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:40:07 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P2
age
1012
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
1065
last-modified
Tue, 05 Jan 2021 19:38:04 GMT
server
marrakesh 1.23.0
etag
bed0a7a707f166936e5aaac09879d050
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
-kVzm0SsP3YJbzUfSQ9yYYY-VFpRcnUDgR415fHkugtqR0f7V35ToQ==
expires
Fri, 01 Dec 2023 00:40:07 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 07:59:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
57425
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138259
x-xss-protection
0
server
cafe
etag
16445146976575771301
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Nov 2024 07:59:54 GMT
/
ads.viralize.tv/track/ Frame 3884 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A13%2C%22type%22%3A%22event%22%2C%22category%22%3A%22player_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%22%2C%22player_session_id%22%3A%220%22%2C%22label%22%3A%22viewability_available%22%2C%22reason%22%3A%22ok%22%7D%5D
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
profile
tt-10162-1.seg.t.tailtarget.com/ 		92 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		144 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0d474f0712da434fcbbf5234d5590789f7f0d763923d6e5fe121a2b667aa5535
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
an-x-request-uuid
cf7d4bd4-21d4-43c5-8cd6-1c786991e750
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:58 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.belasmensagens.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
s.seedtag.com/c/hb/ 		11 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.googletagmanager.com/gtag/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99
Requested by
Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/grupocontteudo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce67e129ff4831e87b9292570f67f4cf3268224aa51bcac9ecec406f7f7b3ddb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 23:56:59 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KTFD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b072dc22fcab1380f89ec00cbd0019a77d93f3ed95c3544de177162c3f988c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82154
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Nov 2023 23:56:59 GMT
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Server
52.85.92.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-104.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 10:14:16 GMT
content-encoding
gzip
via
1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 09:10:12 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-C1
age
49363
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
qgKuD7NPDCB4A_zE46lTnHFcDeuT5UGHb7MP4YqC2v3CPJRTatIV7A==

Redirect headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
TjNN9agCcpfQTBO_yNYWPduHOtnPx7CEcbmOL3jbigAHtu4_AZqu2g==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2034210189&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&ul=en-us&de=UTF-8&dt=Belas%20Mensagens&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEADQAAAACAUK~&jid=1958066821&gjid=797363949&cid=1319914837.1701388619&tid=UA-93502642-54&_gid=1903914101.1701388619&_r=1&_slc=1&cd1=Parceiros&cd2=Grupo%20Contteudo&cd3=Belas%20Mensagens&cd11=normal&cd4=1319914837.1701388619&cd66=1701388619608.212qnzcw&cd85=none&cd87=none&cd88=none&z=2021668847
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
5044
config.aps.amazon-adsystem.com/configs/ Frame 3884 		505 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5044
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-115.ham50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5446cc6aa910e2194375c9d372ac468148bcfe63eb395a6b05a18a4b86093ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:21:33 GMT
via
1.1 b72dcd96a79949bc37276fd2465dc998.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
HAM50-C3
age
2126
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
qyUK30xQu8mHBuIg1kubMtDLg7Qa9h_yD3IrTw-8ioj0RjuGjj2BLg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 3884 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5044&u=https%3A%2F%2Fwww.belasmensagens.com.br
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-181-100.ham50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 20:14:41 GMT
via
1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
HAM50-C1
age
13337
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
eNiGn-1vKdsUCbeTu_oEEqi_R_fgJvEC86AVMQ7Ml-bYn5EzDNvN-w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3884 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.181.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-181-100.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
date
Thu, 30 Nov 2023 12:02:10 GMT
x-amz-cf-pop
HAM50-C1
age
42890
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
uzH9IwmdipHWk6zfaSM9LWRDR66OZ0SEeE-b_onz7enS2RyMCXUwAg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3884 		23 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5044&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&pid=jBzaOMnupVDBc&cb=0&ws=400x225&v=23.1108.2350&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!viralize.com%2C6772%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A1000%7D
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
JEDF0DJK66N5QYG3BGHJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wyUXx4NCL_YsLkEhSq4uQWj9ZxBMMsUunDZdxsisZXdEYogr4WNZzQ==
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-93502642-54&cid=1319914837.1701388619&jid=1958066821&gjid=797363949&_gid=1903914101.1701388619&_u=6GDAAEADQAAAACAUK~&z=373569179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame DCC9 		46 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F8804%2Fparceiros%2F42frases&description_url=https%3A%2F%2F42frases.com.br&tfcd=0&npa=0&sz=480x361%7C480x360&cust_params=campaignuol%3D1%26videoplayertype%3Dhtml5&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&ad_rule=0&correlator=1988180825336202&vpa=auto&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&sdki=445&ptt=20&adk=1893717916&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&sid=276E4397-EC5D-40CA-859D-24F5B3A6B0B3&nel=0&eid=44752657%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=1701388619730&cookie_enabled=1&scor=1121104723787426&ged=ve4_td1_tt0_pd1_la1000_er1190.1190.1344.1490_vi0.0.1200.1600_vp6_eb23275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
30c18c4c223fc6bd29ede7bafed8b56b1ea47774918f049bf1dbf66609473f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7189
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
udr.uol.com.br/ 		142 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://udr.uol.com.br/
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:b000:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
12699c91de1365667067d29835c6055e0f63bcc5e8e7aac490a2baecff58e42f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
HAM50-C2
vary
Origin,cache-max-age
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://www.belasmensagens.com.br
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
content-length
142
x-amz-cf-id
W7Zx_n_QLAc5RLY2y4PEfS__v0j2nnb0TENE5EHQKu9GV7rO-2phlw==
getuidj
ib.adnxs.com/ 		29 B
713 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
2c84bfcd0dd39a91b211fd5572d329d8048d29c36e3d6e917efa2e1e64779c79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
an-x-request-uuid
b77cb7f9-39a4-4043-b534-59610c307e26
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.73; 45.141.152.73; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
8804
fundingchoicesmessages.google.com/i/ 		176 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/8804?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079808
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41f11c3fed43dff6efa2deec07321a386a39134e58a600b05b4f6916510082c7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PWdCz-DfZVbFq9ZqN9KEgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PWdCz-DfZVbFq9ZqN9KEgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
m.t.tailtarget.com/sync/TT-10162-1/ 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
content-type
image/gif
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93502642-54&cid=1319914837.1701388619&jid=1958066821&_u=6GDAAEADQAAAACAUK~&z=1201118460
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-93502642-54&cid=1319914837.1701388619&jid=1958066821&_u=6GDAAEADQAAAACAUK~&z=1201118460
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XWCHXHCC99&gtm=45je3b60h1v882792760&_p=1701388618799&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1319914837.1701388619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701388619&sct=1&seg=0&dl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&dt=Belas%20Mensagens&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=302331462&ep.publication_type=normal&up.cookie_consent=none&up.login_widget=deslogado&tfd=1400
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XWCHXHCC99&cid=1319914837.1701388619&gtm=45je3b60h1v882792760&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XWCHXHCC99&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XWCHXHCC99&cid=1319914837.1701388619&gtm=45je3b60h1v882792760&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1877785247
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:56:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_fpcu=0957193a041f439ab259da0c86e06d2e&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1701388619779&ns_c=UTF-8&cs_ucfr=1&c7=https%3A%2F%2Fwww.belasmensagens.com.br%2F&c8=Belas%20Mensagens&c9=
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-104.ham50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
via
1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
F6xsmgQL9UDykNZNAcc9EirWBDtd53sctOqIUugp_1WJatsRlF_k1A==
x-cache
Miss from cloudfront
store
udr.uol.com.br/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://udr.uol.com.br/store?scope=xandr&sid=2984046154705942480
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:b000:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
HAM50-C2
vary
Origin,cache-max-age
access-control-allow-methods
GET, POST
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache
access-control-allow-credentials
true
x-amz-cf-id
S2WX5L4wF0VOustPHIXeE79Y1hLg_jAz-M3nDJls8Rt7SI5UvPTuSw==
event
notix.io/ 		15 B
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 30 Nov 2023 23:56:59 GMT
server
nginx
event
notix.io/ 		15 B
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 30 Nov 2023 23:56:59 GMT
server
nginx
event
notix.io/ 		15 B
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 30 Nov 2023 23:56:59 GMT
server
nginx
event
notix.io/ 		15 B
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Requested by
Host: notix.io
URL: https://notix.io/ent/current/enot.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
15
event
notix.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://notix.io/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 30 Nov 2023 23:56:59 GMT
server
nginx
AGSKWxXMFKxqG5nounlZgCv3SHG00pBVv1q_VsNvcIL802B4DEHOgDVsmjx_Z5F40wX4roHzofsmqroFA7xRnIQHDT_BocIzTUU2RNe70uxNPSsKt5b_BPSWP5bBYnTo-8HwjVyND5gwuw==
fundingchoicesmessages.google.com/f/ 		365 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXMFKxqG5nounlZgCv3SHG00pBVv1q_VsNvcIL802B4DEHOgDVsmjx_Z5F40wX4roHzofsmqroFA7xRnIQHDT_BocIzTUU2RNe70uxNPSsKt5b_BPSWP5bBYnTo-8HwjVyND5gwuw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMzg4NjE5LDg1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuYmVsYXNtZW5zYWdlbnMuY29tLmJyLyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImRlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMytfF6m19eh4g6bfBvkWRwpynfzCw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af129ae83f412d45c31cf6ecc1cd8bdf33983cfd9179d9bd8d5467643cf51593
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tF3l2QfN6vA_VuWy48WlKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:56:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tF3l2QfN6vA_VuWy48WlKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwlLW_mylTS11_htG8IL16Oj6Xnrw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 23:57:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Nov 2023 23:57:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:08:20 GMT
x-content-type-options
nosniff
age
532120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 20:08:20 GMT
AGSKWxXLvbBIskTr0hYnbQkQBGgzcNhE5gK5dytb6zU6fYXPk8Vh2lxDP3Vif5nbBPcnFFZnBvJB1NFAcpyK58sK3v212z-BTx6FmMUthSejCkE-yShc0BhiuIt5VbSoO-GPNrF7WWqhrg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXLvbBIskTr0hYnbQkQBGgzcNhE5gK5dytb6zU6fYXPk8Vh2lxDP3Vif5nbBPcnFFZnBvJB1NFAcpyK58sK3v212z-BTx6FmMUthSejCkE-yShc0BhiuIt5VbSoO-GPNrF7WWqhrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMytfF6m19eh4g6bfBvkWRwpynfzCw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ObmdGEovZV8q4SoxaDZXGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ObmdGEovZV8q4SoxaDZXGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.belasmensagens.com.br
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
552452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 14:29:28 GMT
partner
tracker.bt.uol.com.br/ 		0
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:57:01 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache
Connection
close
Expires
Thu, 30 Nov 2023 23:57:00 GMT
purge-clients.html
tm.uol.com.br/ Frame E66D 		213 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:9400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
182
content-type
text/html;charset=UTF-8
date
Thu, 30 Nov 2023 23:57:00 GMT
etag
8b30191927f0982283d45c76292da712
expires
Fri, 01 Dec 2023 00:07:00 GMT
last-modified
Wed, 28 Jul 2021 19:15:09 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.16.6
via
1.1 4c6cae2fc798878bd6b9da38fe5208f8.cloudfront.net (CloudFront)
x-amz-cf-id
n1drhYnHYuCnBKUmO2oaTV6Ur1oZ5sMLh93-0VP9lad92oNj2GzX2w==
x-amz-cf-pop
HAM50-P2
x-cache
RefreshHit from cloudfront
purge-clients.html
tm.uol.com.br/ Frame 7125 		213 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:9400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
182
content-type
text/html;charset=UTF-8
date
Thu, 30 Nov 2023 23:57:00 GMT
etag
8b30191927f0982283d45c76292da712
expires
Fri, 01 Dec 2023 00:07:00 GMT
last-modified
Fri, 03 Nov 2023 16:23:28 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.23.0
via
1.1 4c6cae2fc798878bd6b9da38fe5208f8.cloudfront.net (CloudFront)
x-amz-cf-id
WfXQkOqc8xXH4d8xlAA9LOmsdMUcD3clpWgVKPZ5-1K8aduW_6PD3Q==
x-amz-cf-pop
HAM50-P2
x-cache
RefreshHit from cloudfront
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a421acab41dff3c077cc5d8a5918b07a8efd7c0332d9f9c0b68082d655a7f5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12281
x-xss-protection
0
conversion.js
tm.jsuol.com.br/modules/external/tailtarget/libs/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by
Host: www.belasmensagens.com.br
URL: https://www.belasmensagens.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:42:09 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Mon, 12 Jun 2023 17:37:29 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
891
etag
f7a535aa8ca1d0acd1bff039eb80acff
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
6125
x-amz-cf-id
KrNpE3A6nHp6ZsAXpIlpEIkcMQNMkuBeSSesvhzM8ZEG6jraJRYQKg==
expires
Fri, 01 Dec 2023 00:42:09 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4546623105289528&plah=www.belasmensagens.com.br&bust=31079889
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 23:57:00 GMT
base.js
tm.jsuol.com.br/modules/external/tailtarget/libs/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:42:10 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 15:55:52 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
HAM50-P2
age
890
etag
aeb8806857f0c1b9f7f6b8d4ff48230f
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
8357
x-amz-cf-id
WSf0tGtdEtrchoEGrwn0xCPmDig0EuNJw9CMh1fxjj3zHFwbbT1h9w==
expires
Fri, 01 Dec 2023 00:42:10 GMT
trk
tt-10162-1.seg.t.tailtarget.com/ 		70 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:belasmensagens:1&tK=1701388620&tM=direct&tL=direct&tN=direct&tY=3&tZ=468205800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
u
b.t.tailtarget.com/ 		71 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
51f5e64917b1e3ee86f99c4f22986d2cf893884c31c4d3d98d59a87a8b98a377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi
csi.gstatic.com/ Frame DCC9 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpluusu1&c=3666162543597&slotId=1833081271798.5&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/vast/ Frame DCC9 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/enduser/vast/?t=1&iid=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&crid=e3i2642k&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&aid=1&wpc=USD&sfe=17a0a14b&puid=CAESEGIRNsUvW-03DT74-e-i8Fg&tdid=&pid=bjvqtx2&ag=um4l7c6&adv=z4d7gvf&sig=14f6XOb8cu49nOPWBgIKjHuDBU2DNc3CSGmd5M8r5rQg.&bp=6.58337959986218&cf=5813616&fq=0&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=120&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=en&svpid=pub-6330791094260149&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=2.1000000000000227&daid=&vp=0&osi=&osv=&bx=70&bffi=41&vpb=PreRoll&dc=96&vcc=EA8yBAgCCAlAAUgBUAJ4AoABAqABrAKoAZoByAEB0AED6AECgAIDigIMCAIIAwgFCAYIBwgImgICCAKgAgKoAgLAAgE.&sv=google&pidi=3382&advi=430767&cmpi=3502888&agi=15888325&cridi=31573171&svi=1&tid=1&cmp=t83ycn6&vrtd=14,15&srca=1&rurl=https%3a%2f%2fwww.belasmensagens.com.br%2f&tsig=4QKTCC6e7y2oE5fbd2MTT_Pgdx5baXJCPGeE_QXoWTY.&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&fpa=184&pcm=3&grdc=CAEYASABKAE6mAc4MTcsMTY1MSw5MzIsMTg0LDQ3OSwxMzEzLDEwNDcsMTk2MCwxMjQxLDExMjYsNDE0LDE5MTcsNjIsMTIwNSwxMjQ4LDEyMTIsMjQxLDI1NzEsMTA5Nyw3MjMsMTUxNCwzMTMsMTYyLDI1MDYsMjcyNywxOTAyLDE0NDksNDg2LDEyNiwyNzc3LDQ0MiwzNjMsNDQ5LDI0NDEsMTc2NSwxMjc2LDE2MSwyNjc3LDEyMTEsMzQ4LDIyOTAsNTI4LDE1NCwxODU4LDIzMTEsMjY0OSw1NzEsMTUyMCwxMDY3LDEwMzEsMjM2LDI0MTUsOTgxLDI3MDYsMTE3MSwxMzYyLDI3NzgsMTUwOSw0OTUsMjI5LDEyNTAsMTYzMSw1NzQsMzUsMjE5MiwxMDYzLDIzNTcsMTc4LDk5MSwyMTI3LDE3NTMsMTQ1MSwyMDEyLDEzNjUsMzU4LDE0MTUsNTg4LDIxNzAsNTk1LDkzMyw3ODIsMTYxNiwyODk4LDQ5MiwxNDksMTY1MiwzMzYsMTg4OSwyMjEsNDE1LDQ5NCw3MCw2MDksMjI5OSwxMzQsMjk3NywxMTcwLDUzNywyNDY0LDk3NiwxODk2LDI3NzYsMTA0OCwyNTg2LDE4MzEsMTIsMzUwLDQ4LDI3MSwzMTQsMjU3NSwxNzE2LDE2NjksMTEyNywxNSwxMDI5LDMxNywxODkyLDIwNzksNTQwLDI3NCwxNzkxLDQzMiw4MCwzMzgsMTg3MCwxMDgsMTk4NSwxMjAxLDIzNzMsMTczMyw0ODIsMjU5LDI3MDksMjIsODI3LDIwNzgsMjgxMCwzMTYsMjUzMSwxMTAwLDg2LDIwOSwxMTcyLDcsMTAyOCwxNjUsNTc1LDE1MTcsMTIyLDIxMjEsMTgzNCwxNTAzLDEzMDEsMjQzNywyOTQsMjYyNCw3NzYsNDM4LDI3MTAsMTM0NCwzMjMsMTQyMywzNTksMTIzNiw5MywzOTgsMjA1MiwyMjUzLDIwNTksMTg3Miw4OSwxOTU4LDI3NzksMTkyMiwxOTYsMTU3NywyNjYzLDM0MCwxNTMsMjM0NiwyNTI2LDEwOTUsMjM4MiwxNTcwLDk4NywxNzM1LDE1OTgsMjIwMiwyMzEwLDE2NywxNjg0LDMxMSwxODc4LDIzMzEsMzAzLDEwNTEsMTg4LDQ0MCwxNTQ3LDg2NCwyNTY4LDI3ODAsMjA3MkABSAI.&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&im=1&mc=3bb27477-3768-47ff-86ff-19f9400c9942&abr=b5a467cd-ad02-4bd8-9e65-5894608af25b&tail=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
bbe1d941d9cc4f6f39fb04fe60bd68d7a8e400465a882e09d39239d8602861e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Thu, 30 Nov 2023 23:57:00 GMT
access-control-allow-credentials
true
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-type
text/xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 540A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6031
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 22:16:29 GMT
expires
Fri, 29 Nov 2024 22:16:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FA19 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52f2c1b1a7080f9b0c52afaab7fd4f033f988d3537dd015c03f0e16f9de20d98
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y66yzrskt-0M17HpmAzGaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Y66yzrskt-0M17HpmAzGaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 Nov 2023 23:57:00 GMT
expires
Thu, 30 Nov 2023 23:57:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 540A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 22:16:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
6031
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 22:16:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FA19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=4179707446146285&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
b
b.t.tailtarget.com/ 		147 B
149 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=1&tU=0100007F4B216965DD061B0E02723323&tX=b.52&tZ=290218537&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a0d7ee37dabcc4b3ef7a6e7155fc595fb08f6190423071b5c0cc56cf509fe6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame 540A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?A9LEgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
csi
csi.gstatic.com/ Frame DCC9 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpluut8i&c=3666162543597&slotId=1833081271798.5&ghmsh_eids=44752657%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&vast_v=3.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=15x77
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B30120998.369508313;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=2%2C7%2C8;dc_omid_p=Google1%2Fh.3.605.0;gdpr=;gdpr_consent=;dc_mpos=-1;ltd=;...
ad.doubleclick.net/ddm/pfadx/N238002.3485567APEXGUARANTEEDVID/ Frame DCC9 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/pfadx/N238002.3485567APEXGUARANTEEDVID/B30120998.369508313;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dc_tdv=1;dcmt=text%2Fxml;dc_sdk_apis=2%2C7%2C8;dc_omid_p=Google1%2Fh.3.605.0;gdpr=;gdpr_consent=;dc_mpos=-1;ltd=;vpa=auto;dc_osd=2;dc_frm=0;vis=1;dc_sdr=1;dc_sdkv=h.3.605.0;dc_sdki=445;dc_eid=44752657%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291;nel=0;unviewed_position_start=1;is_amp=0;hl=en;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;u_so=l;ctv=0;mpt=videojs-ima;ptt=20;dc_adk=1893717916;sid=276E4397-EC5D-40CA-859D-24F5B3A6B0B3;eid=44752657%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291;url=https%3A%2F%2Fwww.belasmensagens.com.br%2F;dt=1701388620280;dc_rfl=1,https%3A%2F%2Fwww.belasmensagens.com.br%2F$0;ord=674278
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
38bae433bc98bd250ab581c6e2e4549c537184a0c8669cb75c1227c84a08626b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16099
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
client-purge.js
tm.jsuol.com.br/modules/ Frame E66D 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:50:53 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P2
age
367
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
9152
last-modified
Thu, 17 Mar 2022 17:50:21 GMT
server
marrakesh 1.23.0
etag
827b2a3854d3757c0264519acafab901
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
tgYzmiZMrGGaEgmYHOxvSAVTTs1I6-8OmD8-nqnEm0zV_CSt6LxkSw==
expires
Fri, 01 Dec 2023 00:50:53 GMT
client-purge.js
tm.jsuol.com.br/modules/ Frame 7125 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2451:7c00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:50:53 GMT
content-encoding
gzip
via
1.1 4ca183c2610619d28671590d4fd6b380.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P2
age
367
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
9152
last-modified
Thu, 17 Mar 2022 17:50:21 GMT
server
marrakesh 1.23.0
etag
827b2a3854d3757c0264519acafab901
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
FTdxCcN9ZOIeUq0_e8G76YotREyLwtQGGqjVQD-sM4wGgWRkDl27Bg==
expires
Fri, 01 Dec 2023 00:50:53 GMT
ca
tt-10162-1.seg.t.tailtarget.com/ 		78 B
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=290122701&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
d71c3ffa26873d46cb0efb1b948378a7b1f13e06d77069ab2f17cc6155a7423f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi
csi.gstatic.com/ Frame DCC9 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lpluutbr&c=3666162543597&slotId=1833081271798.5&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/t-bid-done/ Frame 3884 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-done/?zid=AAEn2iG_Bt_nZPrQ&hcid=c3RhbmRhbG9uZRpujSbK2oF8&u=https%3A%2F%2Fwww.belasmensagens.com.br%2F&t=adn&gcid=YWRuXzEyMTI09JxFFwhAR-4%3D&bid_opportunity_id=1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1&l=ima&sid=01ee8fdc25fe5762629f74de23bb0cb2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi
csi.gstatic.com/ Frame 3884 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpluusn2&c=3666162543597&slotId=1833081271798.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
choices.trustarc.com/ Frame DCC9 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tl.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-46.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
public
date
Fri, 03 Nov 2023 01:20:11 GMT
via
1.1 a432ddebfd10465526f121270421362a.cloudfront.net (CloudFront)
last-modified
Thu, 26 Oct 2023 03:20:37 GMT
server
nginx
x-amz-cf-pop
HAM50-C3
age
2414209
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
content-length
739
x-amz-cf-id
iWdJbxsJ6koN9HWTQDeoyE1wgib64-81JRoM2PG8nYEYa9TaGr2KWg==
expires
Sun, 03 Dec 2023 01:20:11 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=show_ad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame DCC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Col8eSyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgT_AU_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXR5MdFJq-rdqatSQ6-xPr_eaB2ITE-PNB2CuGdTKldLIejVcvviu-AEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IIDgAoD-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcBshccChoSFHB1Yi02MzMwNzkxMDk0MjYwMTQ5GN7oFA&sigh=WIrAMvkoTW8&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSPADICaaN0P_vxcudmdDA39CNF65j1QBO3s5K_HqUZRkP2lGuJb4dKYN4prTZpY6BX2GrkbGrYN6O8NfgZhgB&vt=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
file.mp4
r1---sn-4g5edn6y.c.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3884
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-4g5edn6y.c.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/acao,ctier,expire,id,ip,ipbits,itag...
7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edn6y.c.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7BC765618A0902C08476B1CED3401E1DE1ED034D.7769B2565454C5B79EC647FA1FA0DF775F97947A/key/cms1/cms_redirect/yes/mh/yP/mip/2001:ac8:20:3d00:1011:868f:14fa:940b/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701388349/mv/m/mvi/1/pl/49/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:f::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:57:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 12 Jul 2023 14:43:04 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-7788492/7788493
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
7788493
Expires
Thu, 30 Nov 2023 23:57:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-4g5edn6y.c.2mdn.net/videoplayback/id/6a5a405b9789ad1c/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3833621085/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7BC765618A0902C08476B1CED3401E1DE1ED034D.7769B2565454C5B79EC647FA1FA0DF775F97947A/key/cms1/cms_redirect/yes/mh/yP/mip/2001:ac8:20:3d00:1011:868f:14fa:940b/mm/42/mn/sn-4g5edn6y/ms/onc/mt/1701388349/mv/m/mvi/1/pl/49/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 3884 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A3%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_done%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%22%2C%22bid_done_id%22%3A%220%22%2C%22label%22%3A%22bid_selected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
__tt.gif
t.tailtarget.com/ 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1701388620290_764254281&tJ=&tQ=belasmensagens&tU=0100007F4B216965DD061B0E02723323&tX=b.52&tY=1&tZ=626336503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame DCC9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 22:32:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Nov 2024 22:32:49 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame DCC9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=Col8eSyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgT_AU_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXR5MdFJq-rdqatSQ6-xPr_eaB2ITE-PNB2CuGdTKldLIejVcvviu-AEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IIDgAoD-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcBshccChoSFHB1Yi02MzMwNzkxMDk0MjYwMTQ5GN7oFA&sigh=WIrAMvkoTW8&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cid=CAQSPADICaaN0P_vxcudmdDA39CNF65j1QBO3s5K_HqUZRkP2lGuJb4dKYN4prTZpY6BX2GrkbGrYN6O8NfgZhgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
google
de2-bid.adsrvr.org/bid/feedback/ Frame DCC9 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de2-bid.adsrvr.org/bid/feedback/google?t=1&iid=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&crid=e3i2642k&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&aid=1&wpc=USD&sfe=17a0a14b&puid=CAESEGIRNsUvW-03DT74-e-i8Fg&tdid=&pid=bjvqtx2&ag=um4l7c6&adv=z4d7gvf&sig=14f6XOb8cu49nOPWBgIKjHuDBU2DNc3CSGmd5M8r5rQg.&bp=6.58337959986218&cf=5813616&fq=0&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&uhow=120&agsa=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=en&svpid=pub-6330791094260149&did=&rcxt=Other&lat=50.110000&lon=8.680000&tmpc=2.1000000000000227&daid=&vp=0&osi=&osv=&bx=70&bffi=41&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&fpa=184&pcm=3&grdc=CAEYASABKAFAAUgC&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&im=1&mc=3bb27477-3768-47ff-86ff-19f9400c9942&abr=00000000-0000-0000-0000-000000000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.197.133.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4b61a47cf5978487.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
content-type
image/gif
cache-control
must-revalidate, no-cache
x-connection
close
m
secure-gl.imrworldwide.com/cgi-bin/ Frame DCC9 		44 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn516114&cr=creative&ce=TTD&c13=asid,PB2FC349E-3FB8-479E-801C-1D8A735330DA&pc=um4l7c6_www.belasmensagens.com.br&c9=devid,&uoo=0&ci=nlsnci1614&am=4&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=145984
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:5000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 376388af58845ad0897ba599cce4d92e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
P3HGdqBpAY_xggHjZewK_sLgpp2LEYfz_Kh2-Q-LVO7xAjc-3BIA8g==
expires
Thu, 01 Dec 1994 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DCC9 		0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1nT0z-Y6GN8sPG9CrRaVraC0wMMQ2LMRcw0CGwe1XSzMQSBJI2-FHCPnSs2QHvYRCS22dUDxZOlLBWpQKoaL_zw0bofmMI0AFKj25aEbNKn3mihpnI6rjhCkUg4ylTwLOQFPO8wjlaOovqQc6oRiwkJtugKgLnoSQy0RS5ChnNtUHdwIMqlW6AA&sai=AMfl-YQzRbV9fgUyjhocVvTCSmrMfebvNBaGEDQWqOJldGJPJUxAigpvU7W78FiQ2Zu0PoFciaAuK9zdWJm1rnq-kDzoDo4FJ4XyaaCzAg&sig=Cg0ArKJSzLFWr0Z_KjYEEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&sdkv=h.3.605.0&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame DCC9
Redirect Chain
  • https://red.vtracy.de/img.tr?tr_adid=k30120998_s8521416_p369508313_c194887612&tr_mid=0&tr_sync=true&tr_uid1=DC&gdpr_consent=&gdpr=&t=4005649175
  • https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&tr_aa=true&tr_ttd=true&tr_run=false&tr...
  • https://red.vtracy.de/tr_cm?v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&tr_aa=true&tr_ttd=true&tr_run=false&tr_adf=false&tr_timestamp=1701388620652&tamg...
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fred.vtracy.de%2Ftr_aa%3Fv3%3Dvi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c%26adid%3Dk30120998_s8521416_p369508313_c194887612%26userId%3D%25%...
  • https://red.vtracy.de/tr_aa?v3=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&adid=k30120998_s8521416_p369508313_c194887612&userId=7307408480699152527&tr_timestamp=1701388620716&tr_run=false&tr_ttd=true&t...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&gdpr=&gdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&gdpr=&gdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Date
Thu, 30 Nov 2023 23:57:00 GMT
Server
Apache
Vary
negotiate
Content-Type
text/html; charset=UTF-8
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c&gdpr=&gdpr_consent=&request_uid=ZWkhTHEDXa4LFm7Tsm1J0AAAABI
TCN
choice
Connection
keep-alive
Content-Location
tr_aa.tr
Content-Length
0
/
insight.adsrvr.org/enduser/video/ Frame DCC9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=creativeView&imp=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&ag=um4l7c6&crid=e3i2642k&cf=5813616&fq=0&t=1&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=120&agsa=&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6330791094260149&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=2.1000000000000227&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=184&pcm=3&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&grdc=CAEYASABKAFAAUgC&sfe=17a0a14c&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=vast_creativeview&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame DCC9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame DCC9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=start&imp=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&ag=um4l7c6&crid=e3i2642k&cf=5813616&fq=0&t=1&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=120&agsa=&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6330791094260149&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=2.1000000000000227&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=184&pcm=3&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&grdc=CAEYASABKAFAAUgC&sfe=17a0a14c&vp=0&ast=https%3A%2F%2Fgcdn.2mdn.net%2Fvideoplayback%2Fid%2F6a5a405b9789ad1c%2Fitag%2F37%2Fsource%2Fweb_video_ads%2Fctier%2FL%2Facao%2Fyes%2Fip%2F0.0.0.0%2Fipbits%2F0%2Fexpire%2F3833621085%2Fsparams%2Fid,itag,source,ctier,acao,ip,ipbits,expire%2Fsignature%2F7E4C16BA4CA6C23F9C7B200DF300BFEE5BD6FF86.6B170F1E49CB0AE3CBABE7AA4DF031B651EC8DA4%2Fkey%2Fck2%2Ffile%2Ffile.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=part2viewed&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame DCC9 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame DCC9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=mute&imp=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&ag=um4l7c6&crid=e3i2642k&cf=5813616&fq=0&t=1&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=120&agsa=&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6330791094260149&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=2.1000000000000227&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=184&pcm=3&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&grdc=CAEYASABKAFAAUgC&sfe=17a0a14c&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=admute&ad_mt=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3884 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e2026eee9d16bad733c157a3ffb5e8a96f0452a6443b82978c8c7f6cf395407

Request headers

Referer
Origin
https://www.belasmensagens.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
font/woff2
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 215D 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
475505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 25 Nov 2023 11:51:55 GMT
expires
Sun, 24 Nov 2024 11:51:55 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
pagead2.googlesyndication.com/bg/ Frame 215D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 13:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
37511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15254
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Nov 2024 13:31:49 GMT
/
ads.viralize.tv/track/ Frame 3884 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22impression%22%2C%22reason%22%3A%22ok%22%2C%22adsystem%22%3A%22DCM%22%2C%22aspect_ratio%22%3A%2216%2F9%22%2C%22content_type%22%3A%22video%2Fmp4%22%2C%22creativity_id%22%3A%22560458673%22%2C%22creativity_width%22%3A1920%2C%22duration%22%3A15%2C%22format%22%3A%22thumbstream-autoplay%22%2C%22linear%22%3Atrue%2C%22loader%22%3A%22ima%22%2C%22wrappers_count%22%3A2%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22start%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_start%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22play%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:00 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 215D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.605.0&bgai=BvhzTTCFpZdihFPeRjuwP576cyAMAAAAAOAHgBAI&bg=!bm2lbSLNAAaGYW-ApmE7ADQBe5WfOIeUud938o2eF2BDmHA5ZjJI85hEHYdzTIVGwfuYVyY94z6bRioWGt4w97V534KUAgAAAC5SAAAAAWgBB5kDF7e4ESVkMqq74C0fZel-FXIJ1--O1MP02EnSlHjJhuYmw4PeG_XHjCv8A0gfD08Y1RXOIodkzmZxYt4CHxTNJET_vimuvL6Cvt1Vv6FneGoDb7FYrtZoTdPhcPOQBaHA1UD5nXLZiQarG1i21kEQ5e-8cjEZhnZAQn-TBPXo5rdv9oTqwmsoVKeg3sywZRPiSqVFNgdXecdPDi3UUY0gXYmfPcZ1EZtdKyXQpzW7sXBLwJco-m_jVxfAsaXjn4-rSIOgGcgHIZMfmiyqNHHSj2Fx_gXNezAiJTRQZB6XGGquHA2NGG2l951tSWxHUKKe1UNcAS47rhWJhLb-6l1otAlWXtZwwxlF5_EByvXrFw6rrkEBBQf8vYPIom70qDwtRzP9dxACMdLFew2GwDs1pLCSAGT6FV5Q63Slv4gzuEebtzPUoVp1u-nC6z1K-BM4x7PKxPYc_1dchcDQfJf6lBh8sa8krn1uzXn-ebnxLJctqmqd0Pok81WDgki6CydaSEJgwrHz3cehPFw1eVon62_D2HL012d32MHZPsvqkqjSvWPKCEYvRSgXMuUo2vuTAKyB2L7Fj5alhGZBm6U-typkwChhSWttik4mIe8u9FQwrddZjJtDdC1f1WH9uBJJQs69pFMdl0Z4VUxbW4FT_1e42BD17BYx6qJb9ZiUmroVS5H-B7tjarWH6AX6oBdA3ifwOrH2pxo6QcaKSh6k3P7A-orrF0Ivx1VpoSGJ_u6QzOhCofPOwNb9ltYF3UWlOsXlwb-_xtyvQJLXSFtBGmBH5M0CdGhEln3Shk_pDlCMlM8a8PDfwV6U3YrLnBxGgV7isIu6zbUku7Mvt2F9qnsYE6aosUfzc76tYWSUud3kcD98jJUv40gu3r8iIyuESItISkiBL6KGY62aXp45AIdTGhe_rOvft0A-XTZohOebRiS2sL7AWJAEkmMG8rXIyBrnUZjOWLdH-IPm7b7OwibsPedm4BmalRvqPMaBLuj_b6zN2jp5hJbaLnug598fjKnwmmBUrdo-o-RPy5ToArCNHAv8cKg-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=4179707446146285&bg=!AwClAE_NAAY3kmNgF5I7ADQBe5WfOOfsJ-j-ntaVIvNUU588jkuPxkADAlW_3HmsIYxrtnPeAPKi26FGk7unBG2ED_dWAgAAAC5SAAAAAmgBBwoAC4DVgNHCecnQRs_omQK7lK3Ji6LLam903aWACMsMy4UFXNLEs6OBIi0KPs25kH2fSvdfRLUrPwa_a_hb4ZlHJysrtQXhQDEhb7ulhyJ_1HQmQk4afSkwGc8KvueICA9554Bl9EJciGn4Fn3ipzYW8725Jvv8JzVMY_8sJrcJzDGevtzWhAdE3_pSAjnVP4Dhi_xvU9utcXPzENOhQcDNfp1PyKly6alPA_LimuHiepul4i027BOonIQdnWqAQQJ1Tsf6lz3zrEE0m41LjOXZi6tzZiNvtZxPCOSS2MHQRPmrzlwK-Vpq1abDTJxNOv6n6-e-FtHi9sKRMEc8y1BrfHR7pZ2xZgnfQY7ypCWIs_L-_9J0p9YRBvrKBUoALXyaqM75GotTPiQc9ZwCH9XBeCemh5OwIq7zObAdCEpWRFyWqjVq3CT1-kocHdNTM7w9De3t-KCjwu7gPqFeb3duKVaMDpWRRMi1Zi7s7mDeZsYzgtbG_vqhiA4EHcf9QNt7y4CFrxiMzQ5rouzQpQZxXJbse8OwERT5oPJiyXPi27uQquPOUux5lqhqm_l_2C7zhw6Q2Y33npTIsOy0GlTYEiiZD7efG1Y9RNwzBjTUe0s1VCt_rBXXz_O-6zpNYO6csvNlHIUCBLyJDdEl4RalqIyEE9rrN-8EiwiOGz-I18D8f8htwCy6SfuCmUOeGSvHGf8wV9ho28skJOZyCZHBnUqAZsU9S8RgE7bb16-zQdL3f_IJGUF1wW66bXC7jq5jtRgJANcfwI4c9e_1CYeN54ieXzidrqrukApWIlPgLEEJIekAqNT83MQ9y3Z6m6iiQX38I_AUI_Me20FnL2y83hKMSdUaF2mk6FmdOu-UwIw3wRyS4wTikvNLUQOFHj_2uAAEdm-6YYRiQ5v4-Wn4PZ0dbqjg43n3FQQ_zEyC5Y6AlpmTXBQtLJ9_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame DCC9 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lpluute9&c=3666162543597&slotId=1833081271798.5&qqid=CNvbvsL27IIDFQGTUAYd_aQAeQ&gqid=SyFpZfXaMdWLwuIP5IKLWA&fb=ima_html5-lima&sdkv=h.3.605.0&ppt=videojs-ima&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=11&smb=Infinity&br=3947&mt=video%2Fmp4&vs=1920x1080&ua_e=1&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=37&vsrc=web_video_ads&met.4=ff.lpluutkp
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3884 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpluutev&c=3666162543597&slotId=1833081271798.5&met.4=hvd_lc.lpluuteu~hvd_src.lpluuteu&ps=400x225
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:00 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cap
choices-or.trustarc.com/ Frame DCC9 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://choices-or.trustarc.com/cap?pid=tradedesk01&aid=tradedesk01&cid=t83ycn6_um4l7c6_e3i2642k&w=640&h=480
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.39.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-39-196.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
cross-origin-embedder-policy
unsafe-none
cross-origin-resource-policy
cross-origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=31536000
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/track/ Frame 3884 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable%22%2C%22reason%22%3A%22ok%22%2C%22share_screen%22%3A%220.0469%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:02 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
gum.criteo.com/sid/ 		2 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&domain=www.belasmensagens.com.br&cw=1&lsw=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
212990
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.belasmensagens.com.br%2F&domain=www.belasmensagens.com.br&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.belasmensagens.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 30 Nov 2023 23:57:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
176481
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DA15 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 30 Nov 2023 23:57:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CDFD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.belasmensagens.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
55141
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 30 Nov 2023 23:57:03 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4220, 370376
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230082-FRA
X-Timer
S1701388623.069994,VS0,VE0
usync.js
eus.rubiconproject.com/ Frame DA15 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Thu, 30 Nov 2023 23:57:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2023 23:38:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85312
Connection
keep-alive
Content-Length
13236
Expires
Fri, 01 Dec 2023 23:38:55 GMT
async_usersync
ib.adnxs.com/ Frame CDFD 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:03 GMT
an-x-request-uuid
6a139a14-519e-4bbf-b127-03dd6b467a9b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.73; 45.141.152.73; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
logger.uol.com.br/v1/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.uol.com.br/v1/?prd=98&gps=true&disp=true&mm=true
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=taljro
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.211.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-211-43.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belasmensagens.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.belasmensagens.com.br
date
Thu, 30 Nov 2023 23:57:03 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
server
vary
Origin
/
logger.uol.com.br/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://logger.uol.com.br/v1/?prd=98&gps=true&disp=true&mm=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.211.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-211-43.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.belasmensagens.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.belasmensagens.com.br
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Thu, 30 Nov 2023 23:57:03 GMT
server
vary
Origin
khaos.json
token.rubiconproject.com/ Frame DA15 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame DCC9 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2PfbwvbsggMV94iDBx1nHwc5EAAYACC8__Zc;dc_eps=AHas8cC9C39u-JQkdSYe4snmmBY7Ly0E47YKq-poDRvfEXpcGQ3-WAqdjnkOPPJsO9XummHuU0F4;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/enduser/video/ Frame DCC9 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/video/?ve=firstQuartile&imp=59f4dfc2-d171-46ab-9cc3-d14128ef2c27&ag=um4l7c6&crid=e3i2642k&cf=5813616&fq=0&t=1&td_s=www.belasmensagens.com.br&rcats=&mste=&mfld=2&mssi=&mfsi=&sv=google&uhow=120&agsa=&wp=ZWkhSwANBRsGUJMBAACk_Y441OG9u6sMKGuI6A&rgz=&dt=PC&osf=Windows&os=Windows10&br=Chrome&svpid=pub-6330791094260149&rlangs=en&mlang=en&did=&rcxt=Other&tmpc=2.1000000000000227&vrtd=14,15&osi=&osv=&daid=&dnr=0&vpb=PreRoll&c=CgdHZXJtYW55EgVIZXNzZSIRRnJhbmtmdXJ0IGFtIE1haW4wAjgBSAJQAoABAIgBApABAbABALoBBAh5GATAAcKfA8kBNDMzMzODR0DQAcKfA9gCtBDgAqwC6AIP8AIA-AIBgAMBiAMBkAMAmAMA&dur=CjsKImNoYXJnZS1hbGxJbnRlZ3JhbFZpZGVvQnJhbmRTYWZldHkiFQjm__________8BEghpbnRlZ3JhbAo7CiJjaGFyZ2UtYWxsSW50ZWdyYWxWaWRlb1BhZ2VRdWFsaXR5IhUI5f__________ARIIaW50ZWdyYWwKMAoMY2hhcmdlLWFsbC0xIiAI____________ARITdHRkX2RhdGFfZXhjbHVzaW9ucw..&durs=YhkTUj&crrelr=&npt=&fpa=184&pcm=3&said=ZollohwGmEPd9hb1ardbQw%3D%3D&auct=1&cxlvs=1&grdc=CAEYASABKAFAAUgC&sfe=17a0a14c&vp=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:04 GMT
server
Kestrel
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame DCC9 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C0G10SyFpZZuKNIGmwuIP_cmCyAeko4m3XOfCg9ztBcCNtwEQASAAYJXikIKgB4IBHWNhLXZpZGVvLXB1Yi02MzMwNzkxMDk0MjYwMTQ5yAEF4AIAqAMBmAQAqgSCAk_QifoGgNmvUAAWMzEfMP0KlERdgCMu56yYuayFKPZzt6eBqn4TJXzjPSw_20_szfGSXekirkvyeG2TD73a-CzJlItk8ia5eJGXufQS9zgstm6CKTIyjHjRrfr8Aodu0ye7sppuOpb9QfCByjjC-HWVwcdo0fWuCC0yJfQ3rlubOT8CAb_u7O-vR8cH_NWYaY7FKOBQHkrdBj67N-g-kfK8-NASRTUXkjpeYPQxpsGXnJFm0gGzyvrAJwAwbet6TnyDk0_TnoVHB9sgvPlT5iEWOMpLeHoOZXQ7M_DbND0moU2pF1R9TUA6cgmC5EWhLNxvbBSsxOVVDfBIgBjqXdLkruAEAYAGtuvWnbKQsIAfoAYqqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOPovML27IID-gsCCAGADAHiDRMIyJy9wvbsggMVAZNQBh39pAB50BUBgBcB&sigh=_xfFwQqFYc0&label=videoplaytime25&ad_mt=3918
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Nov 2023 23:57:04 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame 3884 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22first_quartile%22%2C%22reason%22%3A%22ok%22%2C%22in_view_time%22%3A4%7D%2C%7B%22ver%22%3A14%2C%22type%22%3A%22event%22%2C%22category%22%3A%22creativity_session%22%2C%22session_id%22%3A%2201ee8fdc25fe5762629f74de23bb0cb2%3A0%3A1hghak3kd-glufsab4qko-YWRuXzEyMTI09JxFFwhAR-4%3D-wp1sc1%3A0%3A0%22%2C%22creativity_session_id%22%3A%220%22%2C%22label%22%3A%22viewable_first_quartile%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.belasmensagens.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 23:57:04 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture object| dataLayer object| universal_variable object| uolads object| s object| _wpemojiSettings string| GoogleAnalyticsObject function| ga object| __VR object| vpt object| __vrInjectorPlugins object| c object| h object| sl function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded number| width function| addElement function| acceptCookies function| setCookie function| getCookie object| swv object| wpcf7 object| _gscq object| adsbygoogle object| webVitals function| sendVital object| jQuery112405487035892712979 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| a0_0x4d69 function| a0_0x4b95 function| Tapad object| UOLPD function| triggerUOLTM object| pbjs object| __configuredDFPTags object| googletag object| __dfpAsyncRenderingCallbacks object| _ttprofiles number| google_global_correlator object| sas object| twemoji object| wp function| google_sa_impl object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_optimize function| onYouTubeIframeAPIReady string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| TTTagManager function| TTTagManagerError object| _ttq_tt_uol object| pbjsChunk object| _pbjsGlobals function| uolAnalytics function| hitOmniturePhoto function| hitOmniture function| gtag object| _comscore object| closure_lm_337849 object| tickerAdManager object| COMSCORE object| ns_p object| zfgformats object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NmFkMDkxMGJhMmQ2YmJkN2xvYWRlcl9qcw== string| NmFkMDkxMGJhMmQ2YmJkN2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady undefined| _ttconversion string| n string| nq object| cmds object| _tt_uol object| ttcNamespace object| GoogleGcLKhOms string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| google_image_requests

41 Cookies

Domain/Path Name / Value
.ads.stickyadstv.com/ Name: UID
Value: 38c17c72bcad3e6957409418c33d20
.belasmensagens.com.br/ Name: _gid
Value: GA1.3.1903914101.1701388619
.belasmensagens.com.br/ Name: _gat
Value: 1
www.belasmensagens.com.br/ Name: TAPAD
Value: %7B%22id%22%3A%2228985661-eaea-401d-99ff-3fa06b78ba2a%22%7D
.belasmensagens.com.br/ Name: _gat_Contteudo
Value: 1
.belasmensagens.com.br/ Name: _ga_BET9P2RY3W
Value: GS1.1.1701388619.1.0.1701388619.0.0.0
.belasmensagens.com.br/ Name: _ga_LH8HHLTZNN
Value: GS1.1.1701388619.1.0.1701388619.0.0.0
www.belasmensagens.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.belasmensagens.com.br/ Name: _gat_uolMain
Value: 1
.t.tailtarget.com/ Name: u
Value: fwAAAWVpIUsOGwbdIzNyAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
.adnxs.com/ Name: icu
Value: ChkItqSKARAKGAEgASgBMMvCpKsGOAFAAUgBEMvCpKsGGAA.
.adnxs.com/ Name: uuid2
Value: 2984046154705942480
.belasmensagens.com.br/ Name: _ga_XWCHXHCC99
Value: GS1.1.1701388619.1.0.1701388619.60.0.0
.belasmensagens.com.br/ Name: _ga
Value: GA1.1.1319914837.1701388619
www.belasmensagens.com.br/ Name: _scor_uid
Value: 0957193a041f439ab259da0c86e06d2e
www.belasmensagens.com.br/ Name: tt_c_vmt
Value: 1701388620
www.belasmensagens.com.br/ Name: tt_c_c
Value: direct
www.belasmensagens.com.br/ Name: tt_c_s
Value: direct
www.belasmensagens.com.br/ Name: tt_c_m
Value: direct
www.belasmensagens.com.br/ Name: _ttuu.s
Value: 1701388620115
.udr.uol.com.br/ Name: UOLID
Value: 04c9a6a4-bf35-4170-8f17-b233adf32794|0
.doubleclick.net/ Name: IDE
Value: AHWqTUkOmDdst-qboLzJYKKRt0Z6XCjjsWuTxscjornxfLHmOdxNOa2tff6bU3N3khI
.tt-10162-1.seg.t.tailtarget.com/ Name: trk
Value: 3Lrt4RnhS/dw9RXrcrBYz+VQvTeqp7OP5wq7SMozL8o=
www.belasmensagens.com.br/ Name: tt.u
Value: 0100007F4B216965DD061B0E02723323
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1701388620290_764254281
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.belasmensagens.com.br/ Name: tt.nprf
Value:
.doubleclick.net/ Name: APC
Value: AfxxVi5q1G7Wjvg4cVQAwrED8KC2WzyBvjNgACwVQXBgHspmkpwr_g
.belasmensagens.com.br/ Name: __gads
Value: ID=a99368c94c14ec61:T=1701388619:RT=1701388619:S=ALNI_MZ6nmUBdUq8q336w0kwyIBTRd30nQ
.belasmensagens.com.br/ Name: __gpi
Value: UID=00000cff9226fd02:T=1701388619:RT=1701388619:S=ALNI_Mbjj6Q17nCZuLs5rAxGFkmmP7Xh3g
.tt-10162-1.seg.t.tailtarget.com/ Name: ttca
Value: _1701388620
.t.tailtarget.com/ Name: n
Value: 1701388620
.adsrvr.org/ Name: TDID
Value: 23693369-d676-4f01-b309-b773786ef31c
.adsrvr.org/ Name: TDCPM
Value: CAEYBTgBQgQiAggB
.vtracy.de/ Name: tr_id
Value: vi-c7875f7f-d13e-46b1-8b4b-2d0d259d2f0c
.vtracy.de/ Name: tr_dt
Value: 2023-12-01+00%3A57%3A00
.vtracy.de/ Name: tr_gsd_pm_dach
Value: 2023-12-01+00%3A57%3A00
.adfarm1.adition.com/ Name: UserID1
Value: 7307408480699152527
.vtracy.de/ Name: tr_aasd_pm_dach
Value: 2023-12-01+00%3A57%3A00

1 Console Messages

Source Level URL
Text
other warning URL: https://ads.viralize.tv/display/?zid=AAEn2iG_Bt_nZPrQ(Line 2)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.yieldlab.net
ade.googlesyndication.com
ads.stickyadstv.com
ads.viralize.tv
ajax.googleapis.com
b.t.tailtarget.com
c.amazon-adsystem.com
cdn.jsdelivr.net
cdn.ravenjs.com
ced-ns.sascdn.com
choices-or.trustarc.com
choices.trustarc.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
csync-eu.smartadserver.com
csync-global.smartadserver.com
de2-bid.adsrvr.org
dsp.adfarm1.adition.com
eus.rubiconproject.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
imasdk.googleapis.com
insight.adsrvr.org
logger.uol.com.br
m.t.tailtarget.com
match.adsrvr.org
me.jsuol.com.br
monetize-static.viralize.tv
notix.io
pagead2.googlesyndication.com
pghub.io
polyfill.io
prg.smartadserver.com
privacy-sandbox.uol.com.br
pubads.g.doubleclick.net
r1---sn-4g5edn6y.c.2mdn.net
red.vtracy.de
region1.analytics.google.com
region1.google-analytics.com
s.seedtag.com
s0.2mdn.net
sb.scorecardresearch.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
unpkg.com
widgets.getsitecontrol.com
www.belasmensagens.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www8.smartadserver.com
13.32.119.77
139.45.240.92
142.250.185.134
142.250.186.130
142.250.186.34
15.197.133.55
151.101.193.108
172.217.16.130
184.30.17.243
184.30.22.30
185.86.138.32
185.89.210.46
193.108.153.21
2001:4860:4802:34::36
217.182.178.224
2400:52e0:1e00::863:1
2404:6800:4004:823::2003
2600:9000:2016:7e00:1e:82d4:d9c0:93a1
2600:9000:2016:b000:1:bcff:6780:93a1
2600:9000:2093:5000:1e:a43d:b640:93a1
2600:9000:2451:7c00:6:9eb2:5cc0:93a1
2600:9000:2451:9400:6:5b96:3f00:93a1
2606:4700:20::681a:64c
2606:4700:20::681a:74c
2606:4700::6810:5614
2606:4700::6810:7aaf
2607:ae80:4::26
2804:49c:3104:401:ffff:ffff:ffff:34
2a00:1450:4001:803::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:f::6
2a00:1450:400c:c06::9d
2a02:2638:3::c
2a02:26f0:3500:11::215:14c6
2a02:26f0:3500:6::17d8:4da0
2a02:26f0:3500:6::17d8:4da2
2a02:26f0:3500:6::17d8:4daf
2a04:4e42:400::729
2a04:4e42:600::282
3.125.147.173
3.212.211.43
3.33.220.150
34.102.185.99
34.102.243.38
34.149.50.64
35.186.238.232
35.241.45.217
52.222.181.100
52.85.92.104
54.230.206.115
54.230.206.46
54.81.39.196
69.173.144.138
85.114.159.118
0062cd1266d146c7b0bbbf4ae0b650e9a39e24a2833fdff87bd9bf5e9fc132ec
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0808f59e12c3c7fb20aa338303890a622fe30a88fa430da250bae7eff7ac191b
0850c1f0deb580fba73c2555accb45fb974d7dac93baeba3ed6c86b9db179db3
095225d09c00e48fae10190c77136bfad208993dc708cc436416627b0fb320c9
0d474f0712da434fcbbf5234d5590789f7f0d763923d6e5fe121a2b667aa5535
0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715
0da06dc3986059bdc913514c55cd6974b28c17130cd6cea109ce1308829a5185
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eece30c2c835fb69fee6f366ab1685cfec2bb112c4f20799180268a546420f8
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
11eae72fd819f6d784f244bb49543e904f3a1bf5db32f7a3d0353adda4d6bbc1
12699c91de1365667067d29835c6055e0f63bcc5e8e7aac490a2baecff58e42f
19155aa67da5a92b18923455bd3445857e3872b776d3843dcf5507d96c617be2
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1bbd2803f99d45e9b364c4e31cfbd21201229bef54766227389a97ea30abcf31
1c915ff050126424c92d7b9a1b0472e430ef495f89bff63e2f5692f6a6f2e956
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f75ec7cf5732e66f445fc8bce027a9bb8c97c6d580aad80e0a8d635e209abab
2282944e32da085e7450b47ad272376aca3c4ed07201627663a4b0a88b4e667f
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a
2c84bfcd0dd39a91b211fd5572d329d8048d29c36e3d6e917efa2e1e64779c79
2f6d947bb851044dd79bdf5bd7716c3fb29b6cb44dc659f49fd86c224ef9e653
2f745c02b1d52389311248a4b02d8830d11f5d6f6ff461bad71e663dea2c2aae
30c18c4c223fc6bd29ede7bafed8b56b1ea47774918f049bf1dbf66609473f3b
38bae433bc98bd250ab581c6e2e4549c537184a0c8669cb75c1227c84a08626b
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e736be7e34c844a2d363f75a932ad7f305fc65507c697f698fc4f080f47730b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41f11c3fed43dff6efa2deec07321a386a39134e58a600b05b4f6916510082c7
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4b072dc22fcab1380f89ec00cbd0019a77d93f3ed95c3544de177162c3f988c1
4be0d0585d4c0866551f173ca8a2e18562a1a6a6e45c17f7438d09173e0026e5
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51c10b2f9a35649edd695639c24fead958f89c3359a7293d151b36bf206507b5
51f5e64917b1e3ee86f99c4f22986d2cf893884c31c4d3d98d59a87a8b98a377
521afc73611a7d8a747dd3690f24d7277d30a51618ebe5faec2ca64a0bfea103
52f2c1b1a7080f9b0c52afaab7fd4f033f988d3537dd015c03f0e16f9de20d98
5446cc6aa910e2194375c9d372ac468148bcfe63eb395a6b05a18a4b86093ad7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5b1ccd08e901adfcd4b47e942f7c860ccd41f3e90ba07c787fb222cd8b776aee
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
605003a102486058fe8ac757b2c30652b9ac54d6d50df3799bc8cf81537ef66e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6adedeef8fb21ff1634a97faebc622cc5deef5a83ff483303a20490b5821582a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e36cc8846e3595c046f4888caadba0c64ae31ae9e153d8cebbcfc28afeed34b
6e7c083e0e173f849fa0582a9332bf40a3567c49ff818f28b0e4dca93930c6e5
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
71838837e3f646c54a5fb892935715f7fcefd36510e7cf604f860d4f184b1f33
729f41f5afe9a3a2da94c5a4bdd3448e5136a587594837174c90a04e0b8d79fc
72ea0bf10921b8ef082b90bb41d8f9ac7377e5deecd6375e8e5c87d597f79a9c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
766aca5a80cdd0d814d3faeee1ea9c19a0b248ac23f44f4fdeb570c0d4f2cda2
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
7e2026eee9d16bad733c157a3ffb5e8a96f0452a6443b82978c8c7f6cf395407
7fc7ae3e7254890159b0be1401fcfb597c1ab415463f95951dcf3b28ab3d8a97
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8c38322d16f3f50bed9d5118f55a3f2482b107d2f7768cf34fb9d691b00dc8bf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e36b3824734aec025abb1460b3c09e13d4113dc016f29238ce3ce5058c61d9f
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
90e4eea987761228cca6f2c5c21105484a4e28dd2929ca394d4b6e8c8a7e78b6
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91d66ac18bafe8a50ebbeb8fa9de825ebcf04adf038a0b715835c25b6e5019be
971eff456f7ca816184f3e367803deb0c63686cf5a675b68350efe4a9f35ac5d
980d73383d7a619e59d99761121c25986d5f34d9dfd3462e25cf9d958bd5f290
98807266801be7195c508a22c35dd78afe4dc828569e2de39c1b5974a078f8b0
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ebbcc58bf4fc1fc467932c5b22cbb59cda9f0ad6afbfab24ca35e36f38550a5
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d7ee37dabcc4b3ef7a6e7155fc595fb08f6190423071b5c0cc56cf509fe6db
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a3ba5883154f7b26effb061d106c3fa8d8f08cbc136c33e73b946e271c006d27
a421acab41dff3c077cc5d8a5918b07a8efd7c0332d9f9c0b68082d655a7f5e2
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293
ad7e8384bae6bf7047f599fe7e7003a59a213991c92964b6b77b8f3ba6e03132
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af129ae83f412d45c31cf6ecc1cd8bdf33983cfd9179d9bd8d5467643cf51593
b0f928ea00f343ee7408675e8c150c74f9e9322a2ba6708d16317510105f165c
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
bbe1d941d9cc4f6f39fb04fe60bd68d7a8e400465a882e09d39239d8602861e8
bc943d99a17601269835433917f1efda0d67b29122939756712776a7bc4fdbb7
c2d6da90f097a7760687e0c9d2405d2803b9983a5644b60f1d4dcc17eadd39ad
c4cb7ee295b14fe670ced1e8271273041990ca3d5af39accf8e960c227148eab
c66ab1c2a5411b1f4ca3043d9ccdb4a5964cfd0522a6e36eb26cad5dea4afd93
c67c6631ff2b6a6c5d99870dfcdc36f5a6e3ac360531079e99859c0aa1ced7fa
c78b33112f2a1302295a15c73782bb54146585677dda7834deb3dde888d888b0
ce67e129ff4831e87b9292570f67f4cf3268224aa51bcac9ecec406f7f7b3ddb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b482e17c44b320366108a0e1859d02b0413541ab463b590afc3f8e60ff1c97
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d267db333e9a17b07c0dddb57e772fd638b27a466881aceee2e4e3e60b0843e4
d71c3ffa26873d46cb0efb1b948378a7b1f13e06d77069ab2f17cc6155a7423f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9e803638c382783d304ec5a2fbd5377d562da1b62e46e0b21ea9983f18756af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc128586fee9486ced3ab7fd7011f0620be545c6a4d55f48f8268917213c943
e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5e860fc5f5f098b92d48f5f37e09722a5328a77846e0296777c3e2c54c36c8f
ed175d840b9b9dc5801b8e7a2772f7722d85af16d6000acc6d36a96399ceaeaf
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3df9bfdad525834443ea3664c5cad6b72c2449ad4d02e750e8f6ffdb37c5632
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f5d4f4059ddadc8ed73873385780bc73385ae4cb38680220331f5c33b82c1d2b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b3dc94297cd47d4b2195477eff1acd681aa73851590061b58b32fc05a4a007
fb101b97c5c742bd1e11cd1db093675c301e1e08513255358d0621f3dd278b79
fc4082f83bf025d37bac977bb28e46438ccceb525286c9d6908f5972dc6188df