urlscan.io logo urlscan.io
SecurityTrails logo

dxw-ganhedinheiro.sa.com Open in urlscan Pro
2606:4700:3031::ac43:c6d3  Public Scan

Go To Rescan Add Verdict Report
URL: https://dxw-ganhedinheiro.sa.com/
Submission: On August 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 7 countries across 50 domains to perform 227 HTTP transactions. The main IP is 2606:4700:3031::ac43:c6d3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dxw-ganhedinheiro.sa.com.
TLS certificate: Issued by E1 on August 12th 2022. Valid for: 3 months.
This is the only time dxw-ganhedinheiro.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
89 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 52.222.209.55 16509 (AMAZON-02)
1 192.104.182.209 10668 (LEE-ASN)
6 142.250.181.226 15169 (GOOGLE)
2 5 15.197.193.217 16509 (AMAZON-02)
2 143.204.205.113 16509 (AMAZON-02)
4 13.32.121.17 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.102.205.239 15169 (GOOGLE)
6 99.86.8.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 107.178.250.234 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.231.90.216 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.231.139.160 16509 (AMAZON-02)
2 143.204.215.5 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.34.77.50 16509 (AMAZON-02)
1 104.16.133.24 13335 (CLOUDFLAR...)
1 143.204.215.84 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 52.213.127.205 16509 (AMAZON-02)
6 17 34.207.40.2 14618 (AMAZON-AES)
2 34.98.64.218 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
1 3.136.53.155 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 107.21.19.116 14618 (AMAZON-AES)
2 143.204.215.88 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 169.50.137.176 36351 (SOFTLAYER)
3 2a03:2880:f00... 32934 (FACEBOOK)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2 34.246.144.250 16509 (AMAZON-02)
2 3 69.192.160.219 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
2 2 64.202.112.191 23352 (SERVERCEN...)
2 2600:1f18:444... 14618 (AMAZON-AES)
3 6 3.213.71.163 14618 (AMAZON-AES)
1 66.155.71.149 13768 (COGECO-PEER1)
1 54.78.145.15 16509 (AMAZON-02)
4 4 185.29.134.248 30419 (MEDIAMATH...)
8 8 3.126.140.73 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
2 54.78.254.47 16509 (AMAZON-02)
2 2 52.17.63.11 16509 (AMAZON-02)
2 2 65.9.66.84 16509 (AMAZON-02)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 35.244.174.68 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
227 56
89    2606:4700:3031::ac43:c6d3 (United States)

ASN13335 (CLOUDFLARENET, US)
dxw-ganhedinheiro.sa.com
8    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
www.agupdate.com
6    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
4    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com
a.leetemplates.com
6    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    34.231.90.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-90-216.compute-1.amazonaws.com
www.i.matheranalytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
4    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.231.139.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    143.204.215.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-5.fra53.r.cloudfront.net
shared.websol.barchart.com
4    2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com.hk
1    52.34.77.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-77-50.us-west-2.compute.amazonaws.com
api.segment.io
1    104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
1    143.204.215.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-84.fra53.r.cloudfront.net
openfpcdn.io
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    34.120.107.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com
4    52.213.127.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
17    34.207.40.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-40-2.compute-1.amazonaws.com
i.liadm.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    2600:9000:206f:400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    3.136.53.155 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-53-155.us-east-2.compute.amazonaws.com
prod.uidapi.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:1f18:730:b150:64a4:fa7e:99c4:8411 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    107.21.19.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-19-116.compute-1.amazonaws.com
rp4.liadm.com
2    143.204.215.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-88.fra53.r.cloudfront.net
consent.api.osano.com
2    2600:9000:2057:ca00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
1    169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com
tag.simpli.fi
3    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    34.246.144.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-144-250.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
stags.bluekai.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    64.202.112.191 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    2600:1f18:444a:4680:53a2:e8b9:dcbd:7f07 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
6    3.213.71.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-71-163.compute-1.amazonaws.com
mid.rkdms.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    54.78.145.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    3.126.140.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-140-73.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadus.exelator.com
2    52.17.63.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-63-11.eu-west-1.compute.amazonaws.com
aa.agkn.com
2    65.9.66.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-84.fra56.r.cloudfront.net
live.rezync.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2a05:d018:d29:3602:68f1:8fce:a96f:e71c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
89 sa.com
dxw-ganhedinheiro.sa.com
3 MB
23 liadm.com
i.liadm.com — Cisco Umbrella Rank: 576
rp.liadm.com — Cisco Umbrella Rank: 1709
rp4.liadm.com — Cisco Umbrella Rank: 8285
b-code.liadm.com — Cisco Umbrella Rank: 3458
i6.liadm.com — Cisco Umbrella Rank: 1609
30 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
170 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
4 KB
8 googlesyndication.com
d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
40 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
559 KB
6 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1180
211 B
6 google.com
ampcid.google.com — Cisco Umbrella Rank: 1708
region1.analytics.google.com — Cisco Umbrella Rank: 5381
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 501
adservice.google.com — Cisco Umbrella Rank: 98
3 KB
6 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1362
39 KB
5 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11859
www.i.matheranalytics.com — Cisco Umbrella Rank: 11937
85 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
21 KB
5 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 619
match.adsrvr.org — Cisco Umbrella Rank: 381
1 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
2 KB
4 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7241
consent.api.osano.com — Cisco Umbrella Rank: 14035
3 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 834
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
1 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3853
google-bidout-d.openx.net — Cisco Umbrella Rank: 3639
620 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
566 B
4 google.de
ampcid.google.de — Cisco Umbrella Rank: 48742
www.google.de — Cisco Umbrella Rank: 5596
adservice.google.de — Cisco Umbrella Rank: 8117
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 145
5 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
132 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
107 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 741
2 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1517
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 451
980 B
2 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1072
648 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 551
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1053
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
2 KB
2 barchart.com
shared.websol.barchart.com — Cisco Umbrella Rank: 231793
1 KB
2 leetemplates.com
a.leetemplates.com — Cisco Umbrella Rank: 33480
19 B
2 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1 KB
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
4 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
981 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1359
532 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1375
730 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 597
191 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 495
765 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 653
378 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 4006
8 KB
1 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 4083
4 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
44 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 2841
135 KB
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 6484
5 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 27381
420 B
1 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 16772
1 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 860
180 B
1 google.com.hk
www.google.com.hk — Cisco Umbrella Rank: 9955
501 B
1 amazonaws.com
s3.amazonaws.com
20 KB
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 457
27 KB
1 agupdate.com
www.agupdate.com — Cisco Umbrella Rank: 527505
146 B
227 50
Domain Requested by
89 dxw-ganhedinheiro.sa.com dxw-ganhedinheiro.sa.com
17 i.liadm.com 6 redirects dxw-ganhedinheiro.sa.com
i.liadm.com
8 x.bidswitch.net 8 redirects
8 www.googletagmanager.com dxw-ganhedinheiro.sa.com
6 mid.rkdms.com 3 redirects i.liadm.com
6 cdn.segment.com dxw-ganhedinheiro.sa.com
cdn.segment.com
6 securepubads.g.doubleclick.net dxw-ganhedinheiro.sa.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 www.google-analytics.com dxw-ganhedinheiro.sa.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 sync.mathtag.com 4 redirects
4 www.facebook.com dxw-ganhedinheiro.sa.com
4 stats.g.doubleclick.net www.googletagmanager.com
dxw-ganhedinheiro.sa.com
4 js.matheranalytics.com 2 redirects dxw-ganhedinheiro.sa.com
4 sb.scorecardresearch.com dxw-ganhedinheiro.sa.com
4 insight.adsrvr.org 2 redirects d1eoo1tco6rr5e.cloudfront.net
3 tpc.googlesyndication.com dxw-ganhedinheiro.sa.com
3 connect.facebook.net dxw-ganhedinheiro.sa.com
2 idsync.rlcdn.com i.liadm.com
2 p.rfihub.com 2 redirects
2 live.rezync.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 aa.agkn.com 2 redirects
2 loadus.exelator.com i.liadm.com
2 i6.liadm.com i.liadm.com
2 b1sync.zemanta.com 2 redirects
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 b-code.liadm.com dxw-ganhedinheiro.sa.com
2 consent.api.osano.com dxw-ganhedinheiro.sa.com
2 cmp.osano.com dxw-ganhedinheiro.sa.com
2 google-bidout-d.openx.net dxw-ganhedinheiro.sa.com
2 bcp.crwdcntrl.net 1 redirects dxw-ganhedinheiro.sa.com
2 oajs.openx.net 1 redirects dxw-ganhedinheiro.sa.com
2 www.google.com dxw-ganhedinheiro.sa.com
2 shared.websol.barchart.com dxw-ganhedinheiro.sa.com
2 www.google.de dxw-ganhedinheiro.sa.com
2 a.leetemplates.com dxw-ganhedinheiro.sa.com
2 d1eoo1tco6rr5e.cloudfront.net dxw-ganhedinheiro.sa.com
2 c.amazon-adsystem.com dxw-ganhedinheiro.sa.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 jadserve.postrelease.com s.ntv.io
1 pixel-sync.sitescout.com i.liadm.com
1 stags.bluekai.com 1 redirects
1 trc.taboola.com i.liadm.com
1 match.adsrvr.org i.liadm.com
1 oa.openxcdn.net dxw-ganhedinheiro.sa.com
1 tag.simpli.fi dxw-ganhedinheiro.sa.com
1 rp4.liadm.com dxw-ganhedinheiro.sa.com
1 rp.liadm.com 1 redirects
1 www.googletagservices.com securepubads.g.doubleclick.net
1 s.ntv.io dxw-ganhedinheiro.sa.com
1 prod.uidapi.com dxw-ganhedinheiro.sa.com
1 d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com dxw-ganhedinheiro.sa.com
1 adservice.google.com dxw-ganhedinheiro.sa.com
1 adservice.google.de dxw-ganhedinheiro.sa.com
1 openfpcdn.io dxw-ganhedinheiro.sa.com
1 bloximages.chicago2.vip.townnews.com dxw-ganhedinheiro.sa.com
1 api.segment.io dxw-ganhedinheiro.sa.com
1 www.google.com.hk dxw-ganhedinheiro.sa.com
1 analytics.google.com dxw-ganhedinheiro.sa.com
1 s3.amazonaws.com dxw-ganhedinheiro.sa.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.i.matheranalytics.com dxw-ganhedinheiro.sa.com
1 ampcid.google.de dxw-ganhedinheiro.sa.com
1 ampcid.google.com dxw-ganhedinheiro.sa.com
1 storage.googleapis.com dxw-ganhedinheiro.sa.com
1 www.agupdate.com dxw-ganhedinheiro.sa.com
227 68

This site contains links to these domains. Also see Links.

Domain
www.agupdate.com
www.cmegroup.com
www.barchart.com
www.agricharts.com
bloxcms.com
townnews.com
Subject Issuer Validity Valid
*.dxw-ganhedinheiro.sa.com
E1		 2022-08-12 -
2022-11-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
agupdate.com
ZeroSSL ECC Domain Secure Site CA		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
a.leetemplates.com
GTS CA 1D4		 2022-07-30 -
2022-10-28		 3 months crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
websol.barchart.com
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-21 -
2022-08-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com.hk
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-04-11		 a year crt.sh
openfpcdn.io
Amazon		 2022-02-24 -
2023-03-25		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.liadm.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
cmp.osano.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-12-04 -
2022-12-06		 a year crt.sh
*.api.osano.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.postrelease.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 18 frames:

Primary Page: https://dxw-ganhedinheiro.sa.com/
Frame ID: F39179CA0F2A3E52749E540618649351
Requests: 178 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 5415178D940579AF064FFA8191AD4236
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BE6E7BECC1E648E5261DA4132A162B50
Requests: 1 HTTP requests in this frame

Frame: https://d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8ACB4F1ABD7C96AE4A6AF4752C8323B8
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 292BDF9C9EBD6D0B7CEC1AE9D15D9C22
Requests: 2 HTTP requests in this frame

Frame: https://dxw-ganhedinheiro.sa.com/49_files/container.htm
Frame ID: D32E10C84027CA1EC1214BA52AEB080E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22agupdate%22%7D/rt=ifr
Frame ID: 71AE12D360C647964D1F1FC3D2B87E45
Requests: 1 HTTP requests in this frame

Frame: https://dxw-ganhedinheiro.sa.com/49_files/aframe.htm
Frame ID: E6EE3F9EECEA63802BD01FDA68F37926
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 347D821439CEF066467416B20C31B750
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B8C5A40E896937AA0F9789F229C57825
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 54FDF0B9B8DCAD4CC31E0D68B03974F9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP2Kn8nCX_Hb9dnEpz7UinOtuGlnbxBjBqNGbTM4UP_nQiWjmcPdqrnU2Ey4GLBQaLr3zSMzK1rOS0z3kkQf9QK-jsUiA3IUyfuJhb0XcZa3vYEOTU_rn0FhVXBtLYXSrNYRCGU1ZD1HIt2B2UooS6kXrhcJzgwk1jLvjydeMeUrLmDG-Ng12SxvVkw7Zb1Tb7uXkjyQNnxMwElJptCFLmamav0kgodczHbFofli9oK1_4D3jFmY5vUWIZPYL4iULuGvuh4MUQuor6QX3_gFVx376JwN-e0k2z0z4Ip5JLd6xJOW74FsSbPlb8gpn4WMZlaAE9xg34Kf-Zt4Ch45ym4xtVc7QAoGMUVmohR00&sai=AMfl-YRIRutFjn_prE0FDbqXWyeGg8vAx42ClpZgr2vFSOZov_UTSpn87Xet5mE4TwmRlqtpmakdU0zCxra31gmTKpnQDtgffMw-X6qn3RZ4ClIOB8FsxKtume2Vb7IXMOxG6g&sig=Cg0ArKJSzKsJIG33nSiLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EE6538C32534543E1811BF7C15FD1376
Requests: 6 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: AEEC34298377EE8596376659223764CC
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1BE9A420DF72F51125F2F49132B22518
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: F92C2F29688FF7A671E6DCB631C59890
Requests: 8 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: D6DE2F789A01260ACB413D3F52DBA804
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C139DB6C129F030B3B2904FA87697C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCE946EF7FE2BC0DECE23B00A17EAD62
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ag UPDATE : A leader in agriculture and farming ne | From Lee Agrimedia关闭此对话框关闭Cookie偏好

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

83 %
HTTPS

40 %
IPv6

50
Domains

68
Subdomains

56
IPs

7
Countries

4002 kB
Transfer

10253 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Request Chain 114
  • https://js.matheranalytics.com/s/ma1527/725149300/lee/ml.js?cb=1601 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Request Chain 158
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp&cc=1
Request Chain 161
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Request Chain 163
  • https://bcp.crwdcntrl.net/5/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22agupdate%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22agupdate%22%7D/rt=ifr
Request Chain 175
  • https://rp.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAAAAAAAAEXABAZHCFCwAAFAAH_AAA5QIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IllvdXIgc291cmNlIGZvciBhZ3JpY3VsdHVyZSBhbmQgZmFybWluZyBuZXdzIG9ubGluZS4gQWcgVXBkYXRlIGlzIGFnZ3JlZ2F0ZWQgYnkgcmVnaW9uYWwgQWcgTmV3cyBzaXRlIG93bmVkIGJ5IExlZSBFbnRlcnByaXNlcyI-PHRpdGxlPkFnIFVQREFURSA6IEEgbGVhZGVyIGluIGFncmljdWx0dXJlIGFuZCBmYXJtaW5nIG5lIHwgRnJvbSBMZWUgQWdyaW1lZGlhPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iNDlfZmlsZXMvYS5odG0iPjx0aXRsZSBpZD0iZjUwOTE2YWQtNDM0Yy00OGNhLWE3ZWQtMjBhOGIyZDE1NjMzIj48IS0tLS0-5YWz6Zet5q2k5a-56K-d5qGGPCEtLS0tPjwvdGl0bGU-PHRpdGxlIGlkPSIyMTFkOWZjOC03ZDNkLTQ1NjctODgxOS1hNGVhZTEwNzIwNGQiPjwhLS0tLT7lhbPpl61Db29raWXlgY_lpb08IS0tLS0-PC90aXRsZT48aDE-RmluZCB0aGUgZXF1aXBtZW50IHlvdSdyZSBsb29raW5nIGZvcjwvaDE- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAAAAAAAAEXABAZHCFCwAAFAAH_AAA5QIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IllvdXIgc291cmNlIGZvciBhZ3JpY3VsdHVyZSBhbmQgZmFybWluZyBuZXdzIG9ubGluZS4gQWcgVXBkYXRlIGlzIGFnZ3JlZ2F0ZWQgYnkgcmVnaW9uYWwgQWcgTmV3cyBzaXRlIG93bmVkIGJ5IExlZSBFbnRlcnByaXNlcyI-PHRpdGxlPkFnIFVQREFURSA6IEEgbGVhZGVyIGluIGFncmljdWx0dXJlIGFuZCBmYXJtaW5nIG5lIHwgRnJvbSBMZWUgQWdyaW1lZGlhPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iNDlfZmlsZXMvYS5odG0iPjx0aXRsZSBpZD0iZjUwOTE2YWQtNDM0Yy00OGNhLWE3ZWQtMjBhOGIyZDE1NjMzIj48IS0tLS0-5YWz6Zet5q2k5a-56K-d5qGGPCEtLS0tPjwvdGl0bGU-PHRpdGxlIGlkPSIyMTFkOWZjOC03ZDNkLTQ1NjctODgxOS1hNGVhZTEwNzIwNGQiPjwhLS0tLT7lhbPpl61Db29raWXlgY_lpb08IS0tLS0-PC90aXRsZT48aDE-RmluZCB0aGUgZXF1aXBtZW50IHlvdSdyZSBsb29raW5nIGZvcjwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjM%3D&n3pc=true
Request Chain 178
  • https://js.matheranalytics.com/s/ma1527/725149300/lee/ml.js?cb=1601 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Request Chain 191
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0123%2F0%2F413b1887204744dbae3c8d97aafa585f%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1--- HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0123%2F0%2F413b1887204744dbae3c8d97aafa585f%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-0123/0/413b1887204744dbae3c8d97aafa585f?mpid=82775
Request Chain 192
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1--- HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1---&rd=Y
Request Chain 194
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=R4yqEPLelD0KTk4t7g6y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5KI2HS4KFKBGGK3CEGBFVI2ZUOQ3WONTZEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5KI2HS4KFKBGGK3CEGBFVI2ZUOQ3WONTZEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK3TUEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1--- HTTP 303
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1---&us_privacy=1---
Request Chain 195
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im&us_privacy=1--- HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 206
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid=7156&muid=021862f6-1565-4800-a35c-df08dae8bc6b
Request Chain 207
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=cc11965d-308b-4b68-b6c2-bb11163b8fec HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=e01f2f6d-9461-41d4-955a-528f23589e53 HTTP 302
  • https://ums.acuityplatform.com/bum?tpid=29&uid=901a8cf9-38d2-46f9-a7e6-c48286d46b14&bidswitch_ssp_id=liveintent HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Request Chain 208
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=e01f2f6d-9461-41d4-955a-528f23589e53&liid=&_ct=im&us_privacy=1--- HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 210
  • https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35637?bidder_id=100905&bidder_uuid=219723204241001063161 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F35637%2F0%2Fd437859b91d7410298fa73bf86011b89%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53 HTTP 302
  • https://i.liadm.com/s/e/35637/0/d437859b91d7410298fa73bf86011b89?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Request Chain 211
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/41715?bidder_id=127211 HTTP 303
  • https://i6.liadm.com/s/41715?bidder_id=127211
Request Chain 212
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4c58d46d-980b-4e61-a817-2cfddf7c1d3f%253A1660294501.6134846 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846
Request Chain 213
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Request Chain 214
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=e01f2f6d-9461-41d4-955a-528f23589e53 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=liveintent&ssp_user_id=901a8cf9-38d2-46f9-a7e6-c48286d46b14&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316077&expires=5&ssp=liveintent HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Request Chain 215
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=e01f2f6d-9461-41d4-955a-528f23589e53&liid=&_ct=im&us_privacy=1--- HTTP 302
  • https://mid.rkdms.com/restricted
Request Chain 217
  • https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/35637?bidder_id=100905&bidder_uuid=219843204241001060442 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F35637%2F0%2F06c8de27bc33407a9e48798bc73ff7df%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53 HTTP 302
  • https://i.liadm.com/s/e/35637/0/06c8de27bc33407a9e48798bc73ff7df?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Request Chain 218
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D&us_privacy=1--- HTTP 302
  • https://i.liadm.com/s/41715?bidder_id=127211
Request Chain 219
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1--- HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Def29a0f0-c194-4e8e-bb60-207a50ad2407%253A1660294501.509386 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386

227 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dxw-ganhedinheiro.sa.com/ 		759 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d9d53105d033aeb9ba41cb7dbfb81df43d9c9a0a6dba205d2718a5fd418cb34

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7397fd3dde3c9277-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:54:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnqaZt8HJ7KAmqLShMyvKnyZ6SH8jsHsOwblABBVr23BGC6z2z18QFqycm3la%2FkxpaXnbw1ygYv9cK99z5ZpXtp5pwn0Q2WWnR%2FlxYJrlHpXtybvtNb4UF6wK%2FUs5y5JrTjTvoOg3ENURwZDZ2BcnatoD4kXZJ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
dxw-ganhedinheiro.sa.com/49_files/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAK%2BdVphK5NGFhPw7km5FZt8dcax81kb2V%2B79AKJHPgKYGLECueGNPI6lz5IvvmItLyrd%2BIpgust1uojss2O4c6Ij7uM5tmEQ4ciH7BAIgqn6K%2FVSMWaCSvEh6gKzuw0HTG3pBa988%2Fj7fW90awlRaJuWVyU5hk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028c69277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
layout.112f7ff365cd43379f336b81d31a7128.css
dxw-ganhedinheiro.sa.com/49_files/ 		154 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/layout.112f7ff365cd43379f336b81d31a7128.css
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-268ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjJT6EDFL%2FTnqnCQMO%2BC2UzVy5IZCEckMW%2FVgJGazPYJTMp%2FBeEEWOFbQ4bKsmalsXKsZNk%2FCnuvoZm7aTbyI3Tnz%2FG2Ivmn0s06CGGWQ2dEvbhYyDbN9gfEQge9n83l0hUh2X6Y3eegoRbDV9%2FLnNeZuwxzilI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028c79277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
lee.ds.css
dxw-ganhedinheiro.sa.com/49_files/ 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/lee.ds.css
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
849295b7bef2dec6e6f087a071d0012e51e2ceb10b3a0e7d5ad12319867c30de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-17bdf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTaJBk08Gt%2BlfmKdZXUzIVDoR4D%2Fq2C9xIf1WU4hxCqg%2BFxZeBI10zE%2BR%2B8RbXlkDmU%2FsSyHtc%2B0s%2BtxItxUfG%2Fsl9FI2yWvvJRwDtYO1ubWgwVWklMa4w6YbYJz29c52rADO6Fjr4ndne145bK82gZB3WQQqm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028c89277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
dxw-ganhedinheiro.sa.com/49_files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-189c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9sRLmrkwgna4IrzVafpSyV%2By3B8OvG7d57DzQG09ggT2akQZNEgJM4HscKmeEXFUlpmV7fXEHn6M0WfwlQw08pUAklxAQwAObqAFxAzT1%2F3wdUcOb83p3IGpkI6xwQR1YkUvi7Nz5SfnSfb%2FKGX6a6g9KoCU9s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028c99277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
dxw-ganhedinheiro.sa.com/49_files/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-12b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWhsNikxmRnKQSdDHbqJS%2FJw5UFS5LBQ30ecnoSZVe6P7I9TIstXVi075%2BIPc6nOVd7tQ37ykUB9o6QbNQ05izh78EGJ4pld7Aok6Qk%2Ff80i5Urwikx3dcJlWISv9Ak5jFDeohkekdFNHRdnQeVhKnoEfQ7Vaug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028cb9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
linkid.js
dxw-ganhedinheiro.sa.com/49_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/linkid.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-621"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIA337QRCp8v4r1u7aZRVobueFPzc06UwphwmAiQdvBgoWCGX2ki0jat44PXfGBQekDMYza6k75pNZ9tpVrwZ6RIbaAiOaVQs8thX998DLZv%2BsH6uzPs5PY%2FDvcA6adexvMb0SPV8RIiKr6yCrPRGbd%2FxSsH7Hw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd66983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
beacon.js
dxw-ganhedinheiro.sa.com/49_files/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/beacon.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-f61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtg6lKivH4fEkoi3lVb8MdBPYmosnFfaDCANOi6WhsRcuPa6E%2B0W5dHtHwyh0vcJZriSf59FtBdOl%2BJ1EG2GUy3Bdjkms2bzkM%2FNAHIcszhZ6joJ7MuhalvItICGPhsmieyhPQh0tiLJU5xzMHdTSI%2FlJFulG1A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd76983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
ml.br.js
dxw-ganhedinheiro.sa.com/49_files/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/ml.br.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-24393"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WCtllkfXVBUgzJS5Hx8%2FKghSmNSSXAmEOVF1HmxAaCRmV857y0FXUncz1j2VAE76QeeN0tc4SSwu3efLU8oQDzwi4nb%2Bqlwwe1DQ28DUU69F5PrzV5bfVUz5w9%2By%2BB0MZJKexeUy1SdZRhB%2F5h%2F2VvVv1J7VGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd86983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
961211893969940.js
dxw-ganhedinheiro.sa.com/49_files/ 		296 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/961211893969940.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a27f5ee59539490c426f333fc2150d5f10d795519756162d6a246aa8ba8874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-4a082"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FApFyfSfGQ3pCKo%2FbY4RmiXUaEkfkC6Faf7bqA4DiIZhSz50ogYITsWLodRlUvcY5yc7D38UO8xKLFQfpElex7L%2F0aYRIkDzVHXNTgdyQhmxUFlRPC5y5C4IUDH2FKY8W4b8xTn6Am8G0czWF72R2hBrlbw184%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd96983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
identity.js
dxw-ganhedinheiro.sa.com/49_files/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/identity.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-ff22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJMD9V0NRgsdlKDd31%2Fyvv1J0lGCcKUDzBDueCBSO%2F7okdzcCNaHwp5V7b8h2xLbw%2BoosLAZohzEUrA0HabMkd5qVQQuxUSm%2F68YbEXVpr%2FKGIVQox%2F5VzUloxT58fGQN4Mk6YkrM5ddzkNZsZoGlefUbuJrhmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bda6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
fbevents.js
dxw-ganhedinheiro.sa.com/49_files/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/fbevents.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-18e38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zrouWIZ%2BP6JJfJ0TaLTqB%2FwFeowGBrmPYFIgXIwPRW2vM1qNHWDyBWl4e%2FXZo0diKAcPN8nxukBy1Rr7nsgsvuTQVlsBXbi%2FAk00DYHsDzfux1mEMwmRp2GCO6M6ybPIHK9JcsRFj1VKRSRVmyt4SzqO%2Fl2%2BPNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bdc6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
sp-gzip-2-17-3.js
dxw-ganhedinheiro.sa.com/49_files/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/sp-gzip-2-17-3.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-1359f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY%2BTcgdytlV1VrcsREk0ht9YUPsz12%2B4L4JjmFyLrNFpDrmnIhIXCZI7bi4ClV0hK9VswY3p5S%2FEaz%2FM2lD06uQMIK4Tkd6lFhfJvEqdE8X2rcPf25028DyDnvvatuPlOGULOlhPvNMDCuyvtzrmoXjrV72y4qI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bdd6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
analytics.js
dxw-ganhedinheiro.sa.com/49_files/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/analytics.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-c41d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJVeX4ZkUHSmpSvvgGW2RrV%2Fi5XSbRMALEeOyJS30zFx%2Bv6L%2F1bDA%2FGV%2BxL65wfWTDT0%2FN1EfBALmvF%2FqKm3ByPWlATqLrwQVQBfzDlYgLYDSzVHuaOXT3hL8kJf82sEH1D20P8%2FPIJ0qrNk2j1%2BP2DqEmLDbO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bde6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
js
dxw-ganhedinheiro.sa.com/49_files/ 		206 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
722ccdb5002628eee48551b24fe16f672eaf8804d3cc632a70468f638ed90628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-33684"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cTcK%2FhwYxO71Xb8CojOL2TJpNJIgnodJ4WJC14bSl7esoUU5o50tvdcfRHrhUeYrmsCKsqY%2FPLwcc%2Fn%2BV%2BXJhr%2FiQ%2BXMFGa9hKTqeshqlu6Y6eX79sw1d%2B7nNNoY4VOHmtHxuBPXt2fdZ58%2B4%2BathSNKRz2V6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd467be06983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
210564
analytics.min.js
dxw-ganhedinheiro.sa.com/49_files/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/analytics.min.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76f397860fdbb6af803c992e98410931acf62c1eed492e3279bd9126e59f1889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-17d77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19l7bABj7EG3ivfg9c1LufreoL9LZSyn00%2BN6Lbde%2F4pUe%2F%2FhiyJ2xHvLd79dOhvD1jeTYvdXigltR7hcrUChLyV3ZNnRXQrl4fl8iEgeQIXhsWFRpyk50cuuniCtdcoka4RiQkjwBmBFIoIAWcLkMG2z8KeY48%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467be26983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
js_003
dxw-ganhedinheiro.sa.com/49_files/ 		200 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/js_003
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f349c6b1ec3aed4e2fd2e260bc6ed205ae6f74c37b3022e23474e30b2bc3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-3217a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEVRHdCkFqEghgz9%2Fqfb%2FLuG3FXaHjZ4ASMmgo74y37z8ZyRc0P9hjTlx5FjPo46qcaBrP6j55gBa90g8xJlso0lmwr7YmX%2F0MOJZDnznDjB38caSSBHdQzRY4zDyHlbn8tPOqNSDdSqnZIDm1UXbmMD%2BmLfUBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd467be36983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205178
gtm_002.js
dxw-ganhedinheiro.sa.com/49_files/ 		484 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/gtm_002.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816864c47ef33beb6793473627ddb9702647831e6998550160f00e7700ceb16a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-78ff9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiCXD9QT78Zk9hbKHegNlCMFh6%2FcCpPByHgYrozvxuS4OAJVA2InhKzHMF0P7yM48NcVK8aFCHXD99KOyT6G2RQWWVBhUH2TDU138NLTZd2ts1Iojmc0nsyvYjWBzSOuf9fG9y1LELL59uFVtZOP2OVn%2FGEdRds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467be56983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
destination
dxw-ganhedinheiro.sa.com/49_files/ 		189 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/destination
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46910ea76e61695867195147fe8e877bb8bda61c8c569d09876adacc524a940e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-2f50c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofBYbV5HCSX3rSgNMPpo4YmI%2Fxpwiyd9KlR3Ge08sKztxHTZ9sHGSnEPkYuC34eKIwhO1YUDiWFAfPqdUE9x4zcm3erzfK8q%2Fu%2FiGIJ3DGnVpXyhYg7DhD3ArYD1ZgzKno0EJwou6T2iXT%2F%2FapIj%2FBuq7V5Y5L8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd467be66983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
193804
js_002
dxw-ganhedinheiro.sa.com/49_files/ 		189 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/js_002
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46910ea76e61695867195147fe8e877bb8bda61c8c569d09876adacc524a940e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-2f50c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCNDSKM80LApgjJ6cBEe4MRihX9NGnArzYPvaBwc0kp%2BA0fzFIOH0ebh9qlFEyJ%2FdMuqno8374lJ3LEedZTkHqcW8n1A8R5OeqK39semgycZhRGaJ6oqDH05cOwWQ7w4Yjs%2FCSro5yzwqmwpyhtGjomWcqxAI0s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd467be76983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
193804
gtm.js
dxw-ganhedinheiro.sa.com/49_files/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/gtm.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f82a8f3d37c870e4040e224d318d452b0169e0fecaff69e9dccdb7fc4d25550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-280a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZgjLTVPpyVb4OWLBcYi3x2J7TamryLD3DNy1%2FXjJK1wqN7HoC3Swy18WzFTmcd1wfSBRsR%2BYTZA83BAr73qNIh%2BlooGoKX07e%2B81nBVDy0Cz3NUHtUhcD%2FFtn0Kcd3usNv7fh7HnaQyify0VpBjuqqelRM7%2FFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467be96983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
gpt.js
dxw-ganhedinheiro.sa.com/49_files/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/gpt.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc865dd4008d9a847f50be89a17f86ba6cb70eb71d497decb13c56bfdd1df0cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-14c91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucgxHlmIQCk5YcgloaQZajn2Y5GJAVt%2FFy%2BtviMSEsSSTHxW91di8M5FBM2X4poHP3Q1MG3KxyUH%2FQXpoHLhnUCQuKYygK6kZT4nMmHlsGHpzAbixZslCY4Y6TBnbYQWo6jrQZs%2BM%2F%2BNGKoVPxjBwWZzuXVE7jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bea6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
gtm_004.js
dxw-ganhedinheiro.sa.com/49_files/ 		119 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/gtm_004.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2654202ab3af93168351d77b33626d25965fa39f93752c6c17feb6f60bcc14c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-1dc38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FOZAKq%2BcqTj%2BeZ1Rirfkmc6rgp73TTMsKMkR8bIbFi9j%2BfXVh%2FQ3whB1Q%2BmI9IAENdVdM2zAgNp%2BS07D%2BFS%2BdgeHp2rdGUTMf7yubn%2B6qvCGX6DjZ%2FNqy4ROvYlGZmsD9%2FmDzP9LkHbTaFkJ6AL5ZjZd%2Fh2cWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467beb6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
gtm_003.js
dxw-ganhedinheiro.sa.com/49_files/ 		201 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/gtm_003.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8e52ce42c6ab15755c51ad97ef8c862ea0b9c7af3145563950cbd7737ce3db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-32320"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au51XYhMZStMXCQI2er59T2sOzN545phTUCazyyNYvnPsMjDMaEdjSyO7S%2BBiH%2FcupJ1UzWgDXbGXsKvqj7HyFq4elLfTNocqHV2RmKNXQuOKJjt%2BcazY8SJ9giXzb%2B5gncG%2FqbQZFK8fmu9D2vb4AG8bbJkAXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bec6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
cc.json
dxw-ganhedinheiro.sa.com/49_files/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/cc.json
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-98a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdZ%2Fga%2BwVGpzdu6MRaFaYwGcZNX4p7b3YM0pJw305WpEjDlGYwDj8z3nXx6CqQWmjiZDGdwamWwF%2BWEu%2FKbbHAdRcI2JwSFCUOR3a84PJPk%2BEPrWXM8BzZGHNNQ77dUPmZMe7vWR%2B7Vnw%2BjPX8D4oiSzTFHgP2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7397fd4028ce9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access.js
dxw-ganhedinheiro.sa.com/49_files/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/access.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Origin
https://dxw-ganhedinheiro.sa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-15686"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCu9RuXneTC1LXfy%2F5yGkuigSFGp94QZ2NEb3gTyRDE7ziyy4P9g3jXcy7GvYd1ZKiZXPhJnZ0wVCfpUksemCTTZIf1bCpoZ%2FB1Aq3GtwM85j4m37cm%2F42O7zvKik1FbIAMjS45vV8vIHEQkLkW%2FHiR3gm5KGPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd438fb66983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
osano.js
dxw-ganhedinheiro.sa.com/49_files/ 		396 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1301fbe6bc0262640659ba28b6c37dab827820e27e0b4a97a83a1e8d0bf5356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-63017"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2TLfuDaPLs8YsKcxjG0FPfH2VPFFc2%2B4%2BDUG%2Fhv4uSJ44bzwuCj5yzuRJTi%2B4mhQVO3SLzh7fG90Ft7%2Bb4MZlFOs27CP9ekOROeKS%2BDG5CJVucx6PbS3FXJ9NF%2BRdAHlziWMiyFQV3DpmFhnM0fezwslojOq1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028cf9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
dxw-ganhedinheiro.sa.com/49_files/ 		98 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-1882c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XF27ZA%2Bt2f7roVCKttQNKZMWTtP%2BSvTVSthw8UHJ12VTvR%2BydFCr51O4se%2FmuZo9N107qJz%2BlZNxOHJL8QYLAIufPBmbsUj5yqLw3%2FThi3Yf0LFfoMW49SDNkvhovw2EPCWypMHKJkpPLZh%2F43KiO4kdbG36fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028d09277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
user.js
dxw-ganhedinheiro.sa.com/49_files/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/user.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-2f01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQtPYgDstT1qAnbGEGDDFubXp7nKrMRJD2HXVUWl4gNvX03cXfeNemFIFZlF6%2BBfmTA3jUF%2Fs5T8BxkRRZW%2FwK3thqKlMJkTrKwzepZDfCv%2F499Ed610XqFqdfeMtpG7zRMocvmnNpC3xT0kLjlAU7O9tGi2%2FwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028d19277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
dxw-ganhedinheiro.sa.com/49_files/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvyKKtsHt2Gt7sIqWqkMvbCaama17x8OBKJojaHfmWnqJJJ036QvbABrBy0fxeojqhflPOXPruvStpNV0mlO2Vy6no%2BIPOG%2B1EVNIS8mMVngdN%2B4u%2FxBB1IdrISEZIl9imVCuyG9lB8ITJNKiibNc4wgvrAQGOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4028d29277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
dxw-ganhedinheiro.sa.com/49_files/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/common.08a61544f369cc43bf02e71b2d10d49f.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-8154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t09MyH6rayiF7cf6pg0EiAfLh0cR26zopkz1eiKHz7po7trXFh5JZ1CoSrQpgKUtPLNsG4AVypVSXFmHpIgSjXMnbzoLVbTzypaXVWQL1q%2BJvB%2BXNSuwdjn8rFIjunasbhadCcBQb%2FgXXE5m4qZqV35xtPy6KeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048f59277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
tnt.f3739bd4d04bcee9e077d20b4f31f29c.js
dxw-ganhedinheiro.sa.com/49_files/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tnt.f3739bd4d04bcee9e077d20b4f31f29c.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-5572"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKjZPvxZAg5gWPV%2BbPYNWZPK2fIjXOz81iqQFEEWA3fmnQJUxcEE5bmbCERs1dyc9buuNFVI4%2BbxeKxgmWkUz26wK1ed3q0iroPciRKet4faGIRn2ROqUL2cjlsHUabdfjTSY1VjBh%2BRFlFFxn59M0r43cAEuzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048f69277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
application.cb897187c4718280fd69d2e6d6c3909d.js
dxw-ganhedinheiro.sa.com/49_files/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/application.cb897187c4718280fd69d2e6d6c3909d.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-104a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pz7g6sqzS8F1d9W6Qrnzu9XtGv8ScJ4hEtzOaxTW1aBFp0RGurOiXE7iZqkBnsZGZLDfbxvmQ6og6LSQxjbEvIRwGyU4Pn7N9MI3wdnXRBERI1p53MGureMHxKe4iAf%2FFt0X4aZmPi3SUaVZ6%2F%2F2C%2FFKpLwsUW0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048f79277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
apstag.js
dxw-ganhedinheiro.sa.com/49_files/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/apstag.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-23142"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwNpcDqA%2BO4cAgGXl76fbOPzj59NzTdO6jyBsSmsH1TJ34Ak%2FnbxVqCknqTj625TmkxMBHPKUac1aek%2FzKT5hHzNw1BYM1hqqJ%2FnP5ZA0%2BwUwePuEXwnkArk68PfYMrnnwZR7nnUGf%2BlKrj0k6VBvcE8Z9wwXX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048f99277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
dxw-ganhedinheiro.sa.com/49_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVVTtu7CZ7efWCpc499hLNH1AtZul8yiyyOpadSZXNrNDvyjMkT5PopwhHQ4sTN4vrX%2Bwck3czxK%2Ba6sNydqquaudjFslbRk2IyC7SEQNTh5G00IhZYCntyYwF3Gb0CRwQqeNVlIbChB2uSiAAhQsvmqD1ljvZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048fb9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
owl.carousel.50dc41fa734414148ce4b489fd904c5f.js
dxw-ganhedinheiro.sa.com/49_files/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-9ff8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGA%2ByKhKfvbiI4wV92NZMZWUJmwWbBxg4h5ztFz7SrvJ5I05vPBykul5lzg%2BNfHUKYv9F583hZLlyNrA5tphmfiVXOwQAMWKM7gHaLwQSVeHerOjyryCmNfHW626l0zCRbZNT%2FjC6ErrqzpoL4q9Q8beDt2zlzs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bed6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
dxw-ganhedinheiro.sa.com/49_files/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-db8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jtL4sCTbnGxe4yPSye7miBqqcIq%2F7%2FkdVVXuhefoFKtSNBBYxCUnjI5zfPNLXT4qziNpiUE0N7XUNZVtjlCQuS2XYRCewG9PZ3d79aCLn6t%2FDUzWvTHgtR1THMCB6Hxv2aVf33Fus2MkW2luy7XsLLl761Opbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf06983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
dxw-ganhedinheiro.sa.com/49_files/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-1ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2wvx8hOY7BT13LosPUcG6XL3HALqPgNNbIh8RrjNMz2clc1V4i%2FcnOFUfRNOPELYCfcka96NJRWCJyCEmYvh6itLQKLFqIOYYOiqWsZfw9nilly9UGvQmy%2BJiiWRud6gTqwS4dKnWRXnTGFlyh1wDTaWPk%2BiUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf16983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
firebase-app.js
dxw-ganhedinheiro.sa.com/49_files/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/firebase-app.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-2ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbx7L6p26A4ifQvN4QrPorO%2FBzZ7Wje2eA9oL%2BNnEzhQvSyDn6d2e2IlMCoW974xiRjDNKuYMjDhopkcB26GGZhxaI3iasEWlMXYtsiFJhsusnqi%2B90fDt%2F5Y9sZ3BEq2yPGkwdUtnyU9aeVkUDkTC41egbRr74%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf36983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
firebase-messaging.js
dxw-ganhedinheiro.sa.com/49_files/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/firebase-messaging.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-7c1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15Q23EdyroqE9U9c3zhw9bDc0MJolq7X66Nag%2F%2FeSXinOuZGohfE35B6St%2BL1WFQojd0sIXzcdeJPcy7%2BlcH8CcharTideNq3UbX0O91zYz3WbeiJIxPt%2BI5qRNX5riNYnwKMU35Q4%2BLiq1lQNRe3VchtCQWivQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf46983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
messaging.js
dxw-ganhedinheiro.sa.com/49_files/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/messaging.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-11aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFiCc47ozd49qjLxoaEy3Xu8OxFgkVIUbXkynnJnKkJn4rrcDqQCiE3DKTGajnhokQsK2Sfh0vr1FPWGfXLsTphem8AKkdy0AzA%2F2SDa4w1y0TNh12uarEG7h8o9wcZvshUAcW6WvyECVJr4AH13vFB5nnwhrtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf66983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
dxw-ganhedinheiro.sa.com/49_files/ 		200 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VhJRNjN2W%2Fx%2BYqv3r9KzpsSDmNWOCx%2FJrPUfrJkKlEqHsLLtR%2BCofuyWVa2qieuvvJpOuqTQAK0NUWaC8Ne%2B3GuJ29m7VUssVfMtAdJ6%2FAKwf4fsybZXyrioHP0h8Gjb7UiuVxq6HLOJ0bLdHTP4hMAcepOkFfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048fc9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
tracking.js
dxw-ganhedinheiro.sa.com/49_files/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tracking.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-a4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngGuqMDYCnv%2BotUrVJtAYmY9Gp051fv3ddL3N9FJSuHDJsgHi3lNpJxnHNPp4x1uFwQx9DRkj4RXo90cthMIifNNP7UTB1Zbb5o2vMc%2BwqsZ4ZFoXp3AXrEcdMxOfbKAuKAvTi3IqfCy1tGr1dET4pFHoVLL3uo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4048ff9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
lee.common.js
dxw-ganhedinheiro.sa.com/49_files/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/lee.common.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-231f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72X%2FhyN2yKE7QOzLY02hFy17pr92CHhlsRb7kGvb9xmx1hUuUSUQqcS9B%2BU8TBD79ZrVyOuiOse%2BeCRjNBU7MGR6BlGm5TvJ4W%2Bg1u4Dr7m7CnZj2jwiEFwbafbDlJzIP4wFp09DGFllfdxcolkGzQLKTWQ5I2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd4049019277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
fontawesome.46a248d75dc687aa8d928092f6b77fc7.js
dxw-ganhedinheiro.sa.com/49_files/ 		254 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/fontawesome.46a248d75dc687aa8d928092f6b77fc7.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-3f9ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edDIpZMS9BNv5R634tE2mWyelEbwtkg%2BUF1U9EZ84OV8zM%2BI8nuFsDj8QRkV47hotMHLPwR08BjrnzfdWKXuJcIQlNn4HaCxV1KCvcRIIdG%2ByET0%2FoCvVbXG8An03iYSx1w3Q1QABKUCHLmz27xZGOFeAZOXKWc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf76983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
pubads_impl_2022080401.js
dxw-ganhedinheiro.sa.com/49_files/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/pubads_impl_2022080401.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-5f3cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OII77po53%2FVVzvp2iwu%2B6plNJU6Wc%2BLGwtkVSXF4A4ca4DWKrJ0oljCdTiHhCwzWfKwrmlS9G1xDNENkjTkUspveuERR7AkXnFXzO3DAw7gfwI5h%2Fjkmn5Ovv1qdM03Bm00%2FkXWRLWYCZquHQHFUu5rQGnXWwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bf96983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
f.txt
dxw-ganhedinheiro.sa.com/49_files/ 		107 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/f.txt
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo3Ga90ZJjDpS6ZWwxGClfzLfk7415Vwt9vu%2FCRketXhpjzdANf%2Fgj%2FT%2FvdpUv9SADdq9ZYqVAwzVNeNsh7JuRkIkdIRYi8WsonQ9bFndxwfNErXK4hE9%2FuGt5qewPcCEjJHGQ2o5AgrpbyGFfX%2BYQVaP60jQ18%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cf-ray
7397fd4049049277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
f_002.txt
dxw-ganhedinheiro.sa.com/49_files/ 		107 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/f_002.txt
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oyu5qNbXuu68PeoaO2ADwcoVjpMJ3jgr9Ji3wG2c%2B7925wrtQPQlGSRYqKM1pekzwrz04%2FWhEFsUC4dA8ZYOu2Sr3MrxF4YBgAF4e6tva38M2dE%2FeKsMR1BKsRA84dRF8YGVqWWivuZvtP9cq%2Bxnzhx38Cy2zdc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cf-ray
7397fd4049099277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sync-container.js
dxw-ganhedinheiro.sa.com/49_files/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/sync-container.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
W/"62f2e4ac-1710"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC6UaxcjO6K9zZk6oNBXCX%2Bv691%2FMB92hMwV2s6pRLxtRcGUgl9%2B8Xqcv4KKFQjX5YPirHnkim747r2pGEiS6kJ3USqa4kXbYX5z8J3XkI71NJPcbdzWH%2B7Nq5MTyV3jQlBtjTm3k5GE7SBGBv0kIrq7ZszwHmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bfa6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
esp.js
dxw-ganhedinheiro.sa.com/49_files/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/esp.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-6027"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42PPA2aYadLSBzcWki8w4LaP2Q8bUXvJfbZVfVY4hCmwkdvrKdKSMMpIpB6YhboVmmnVsAUqPvzkN6l4lxvLGw4SfHT014uElBRA2WCByUOYmKbkvJIsMPrR6vOevM89wZiLCPHbW8Sx8WTgA4B7MxUbNvu%2B1dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd40490c9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
uid2-sdk-0.0.1b.js
dxw-ganhedinheiro.sa.com/49_files/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/uid2-sdk-0.0.1b.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-11cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nS2YK7I8pXzJneI08N%2F83rQv7UWvJZTyW3qlSveqaIrXl1afkphcWK%2FduO3Ik4yUyxl6wN3yy8iOGLxUgRaTVe9VUjn2kiFWH%2BJkaHOHDpd7NMifGIZ45iUrwd4SNvN1jyPUjFGDKlFRwBMmNElZRAuM2uT4Axs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd40490f9277-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
tracker.js
dxw-ganhedinheiro.sa.com/49_files/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/tracker.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-2200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F2zVqWcMFg4vfdGdUNBiOZPsviXQouh9eBBLz2lj1Z5PdxxBjsJISfJKpa8bhMvpYR39qle1mIqXs7E0zgE50vOve3xaAXVKnpt8ygJrvEUReDQiRUhW9aZAz72b2BXYEh3okIpB0NQqulmvHI0uhaUHtabHbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd412c166983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:57 GMT
b2e3befa-a959-11ec-b7a5-a73adf99ad73.webp
dxw-ganhedinheiro.sa.com/49_files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/b2e3befa-a959-11ec-b7a5-a73adf99ad73.webp
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f373e86326c9e804b6b6058a97c3bdea6f7287e874ca5453eec4cffaa4b63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-1178"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crFKIQt4TZ4OcCvg4HdFgk9BG3u967vtNImQ0jYjdWBct3SFqvL4DDjJWjT4cpbFLPAqWc2idK5D8jUhGXX1TjVTac0e9OeWwRq%2FKWXjWfEYm1mHXqrRQorUezjC26d46dFNiaD0uccoYAHCiNL795Gfl4EM2i0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7397fd467bfc6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4472
user_no_avatar.webp
dxw-ganhedinheiro.sa.com/49_files/ 		978 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/user_no_avatar.webp
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-3d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fjrCXCjZoRp2mfnsN4Fn%2F9ijjiqyXzLXmRqztdSiUCHg3H%2FoCVix7X2tePSWu%2FGkkTon%2Btsg3Y1yhSGaQ%2FfUJnK0nHuiUp%2BuNL65%2BIX5T2%2F%2FgYoDWROwHpRSrExl8eZJ018UsWR2lWy2jNUNr%2BGsTRsaZ9MH%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7397fd467bfe6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
978
625efc1a22687.image_009.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/625efc1a22687.image_009.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2929507c9fbe4cae52ccf4aed23f6bccb4b374e34108a7adafc0dfd1cae94819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74342
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-12266"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pzl7jk1ZwFyYwUFdjinpprpv%2FkaeiCJa0rk%2BgFxabRUZ3yzrkxCyniHw2DBbKDYkuEHVsX3SeEFYNXsJgNAgyaIflZ9Edk7qpexn6lHfXEtE%2FQM9M00fXHGqqiE0jBWc7EdYDycddUPK624FhXf9QNxQm4ycxAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c016983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62f2a8bb2556b.image_004.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62f2a8bb2556b.image_004.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67dbee4f8c45d2411654250e23a705bbe48c84c1a48c5f72d3ae8956a6c610fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15338
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-3bea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eC4zikwiyp2whLccH6SOQ7he9s6ByYzpE3tDmdTy4jXIr5gjb18MFsu7ZZG%2BUKRL%2B7xiKfCATMWoZ5R4eQqfO7HiNI%2F8XD3l4IUpkVz4oUn3yFQTKv1VOXm%2BtvzlS7H6phAKGtXRil6w00br1P2lS1DbiCr%2F3sU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c026983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62ed66e28944f.image_005.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62ed66e28944f.image_005.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3848a80d46bc740ad38425936b6c8481ee34a88f032d251b04cc5f9d389cbe2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12346
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-303a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFaE6RAEWBtRLN17wywn7shS%2FZJ3%2Ff%2FYwXfxcfswT0Il7YDSmZ75x5gWDJELGKARDZVCO5o%2F%2B8Mti85ossd4Get5RFNppLz8COXzkibNN51HSnP7dVFwbi669%2BVnjhxBEySvMsB%2BOunNggaOlsmFo5DniZrCHFw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c056983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62d97998d487b.image.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62d97998d487b.image.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6e4eebb7eb78d6cec9b4a49b5f498b16b71b3837866c71cd86a9623f9fe5b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10575
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-294f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4YAnyqlmvhj7AEtL20TZsVucNIq3dfMaHvI8S2TUHO4rZSuFTHJFdCgHqq%2BxHZpAvlj9S2OH%2FFyCmVRYukar0M2CigAowZrNetg6JBrEomCQm0zLJPqY6KEwrKHbnhYmu440TqRhc72aRg%2FX0FUJqJgJjmk010%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c076983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62e804b9c0029.image_002.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62e804b9c0029.image_002.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2077f4e1e3fcdfafc26cd4f0990b2ba09a3dc413614c204aa982036c2bde51e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12034
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-2f02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKR%2BoVT9mMdLRbrGZFutW0aCu49pMbomuD%2FxxKpgzJ7fkwPmYG6NLO9qo0GUuwGota6jkYL1RSZaU6I8hvI7AUBfAOkrYvxvFVjguGaZFoWhnYCg2MHx7gruG2YdUF5IJFxekb3N3OTuIuNVPXaStXu9juoh6kk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c086983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62eacf163a544_002.webp
dxw-ganhedinheiro.sa.com/49_files/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62eacf163a544_002.webp
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04320873d95f93d0d5716fdbb85dd65b273e98520cf2244e606c30d400e36d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-1e50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9nS7gsUR0ubQ584zr5tusiR1beXc9nJQr%2FZl9pclkpYOXnxyDJfd%2FwUuX9h0FHd2DXwdCIImFvGt8hRgsvgRGeclE7IfBgdkyaIqbU8SMu81Fvi64b35xwoiEVuL5GgVe2ECNfA%2BtbFPtxtcFR0Iqu7HCUIzko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7397fd467c096983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7760
62e9fc0c4a9d4.image_002.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62e9fc0c4a9d4.image_002.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a201bb17f3a420ef8fd88b05087c42993323f01f46b0022a93e38f8a7d7f16e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15859
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-3df3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxgORxt%2FoppUg95WthbJva4aS3zKH6MnxS7OOMY7y4tkubVmLW4K51IZRwLjA8n3dcYIoxwR4957wBS6bDKnTPXir%2Bs0HvzSHWADbX7scySPCB8Im2W2x6UFvFDipJNTjVj6Jq3EudAsP3yJUgj4%2FK5aMJPkYSY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c0b6983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62f288be48fd9.image_002.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62f288be48fd9.image_002.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b1101c963b79f21fd78593903571825d96ab5702c867f653120b347cf2e30bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29076
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-7194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BoR9xJbwb%2FeN8TG1TDEDgHlhCVtMSsH63VEi%2B9A2rogEgnKLCKYOjpz5RSC0vZR6PWA1wZNamGKt3OSBrhVI2U4wE7Er5xcOMWKKes2SsAbSOpRLJME4cZP8vW6mL%2FZeAXrNQhKiKRy8mJs14D3DnU1GfT4gOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c0c6983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62f28a4f671a9.image_004.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62f28a4f671a9.image_004.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62d0527c70d142e47531487d1f3fd4347e0942cd9441d6c3ceedaa9a882eb4de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18879
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-49bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYDhqwJhBpuFRbrywHN6pE5nRwdukIr2MJvB6kZpCu3jGLcSF%2B7%2FsbsRsr8UtSTcXFAs44tbK8pwdW9wSy6FJAiSqt6zF5AhMa%2BBTbRorO%2B6GgxyEyiRzhfvfv0CSo0%2FYlnnilOpaJ3i0TfAnThL4uyTS938qFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c0f6983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62f156a96a28f.image_003.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62f156a96a28f.image_003.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3ccc5e95f0e305591abcc2b470928b5f9025eed164d8549ca0d3e6163fc84e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14196
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-3774"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3Nx6470U20wB0%2FBp7m73entU9gHBVT5pSxcqP%2BILOtDGQ33vcS6dhsxwTF8s5N6ELIXH6ej9vCfoeA8lj3sOPsSfuMXY34VJWuHEtIS3zoADgmvymwhC1QtoV%2Fwyx4thxsbKu3ecHppibxv2%2F3Krfu7QZ3yfNA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c106983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62f134cbb822d.image_002.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62f134cbb822d.image_002.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7deb943d37dcd32d0e90a073c188fe91adf4fcc04b211f581ba3e81be3ec003b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21533
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-541d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF5SlCwJ4Fzw%2FcT2O3B3QQye6pyxkHZf%2FkW8aACFl9s4NYhrZ9D7rlpwn3pZSca%2FLzc1GrnOtcOzQk2wdoDQOhgf5lHHBacJbM8z69BmF6j3WeUZuoKOiGkk%2BqIrCFBnELHI1R%2FJopWeUnTjS1G9bwfmoci7lHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c126983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
61f9932eed591.image_004.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/61f9932eed591.image_004.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f24f433d9f85c20b48a50674f938df79580cb018266230d0603b346237479e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30049
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-7561"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IQ91PBnWrtg5MTUmdeTjc%2BKzX8hIJU0%2Bb%2FO6%2BJ6CntaRwnsyNe5KHXWGfOCDSYbTFb2wL3bJ7JCSrEcxIvcrD8Iu8imSsCWFjEbJKOdPt1erl2rQs8xJBOsVLrXy1VwGlM7EAnOr26dlheIloAdHlXawdGtZtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c136983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62eaceca43366.image_007.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62eaceca43366.image_007.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451f8e9529835ccb74384f78717a3e58a0a4a73e7f896ad1388d4f07b367bab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45710
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-b28e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMK5ylKAxG%2Fqf4qQ93H5D1Bar4%2B%2FTF8u70kadMDmENsIX5RcuIjCOxyJdYS0gKxx4mjO5MlVCr1rEfsBSAa5t7sxAI7V0xkUeLkLFR56XN5CsSJqjNz553SheJb3uEwioYD%2Bdy6eK4HLgOerBRY5aGC%2BYysJOQY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c146983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62ed66e28944f.image.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62ed66e28944f.image.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebc3f0c8c6afe06f2dd7950fd4776b47567c5e0784f2c843cbde6276ab3d9982

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19804
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-4d5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R9i2gY6n38adf0l3YFvp5W3khlgY8%2BHj%2B0EeP8%2B6TTS%2BndGyqsyvZ452MxxWmRXj0cOrb%2BGkmGrKgA61JrB1lsS%2BfjSopw7XhCJpNQ2zyEkwZQDy09OQEyVSW63gUWrtGCQdqmpxShKAQIFYeXZgZaBiyMNtZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c156983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62d9b5c230432.image_002.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62d9b5c230432.image_002.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6b20f41ec107ed1e3ddc9de038fbaaac888565c5bc872d539331eb8c69dab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35088
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-8910"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDdwBHX7dnLGwqrCVgJpL8HlONBWyTGBx7p27ArKzYdx9BYRsDbmcV%2FId4ZnXyvT6Kp1%2FI%2BKnsF2He1uU3WclspjfGvGuNC%2F5XF%2Fk4hMYDvHvLEdAdlVTmlxhbrxedgb4r48xQWsYt6u%2Bght1zhgYlPB%2FWGyPTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c166983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62e804b9c0029.image_009.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62e804b9c0029.image_009.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91fce6ebc5e05ee3f1bc9ccea48e28c11771c4d7e63ba3ca50905f2e47c6351

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18685
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-48fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxuWcrMCXnW0Wqv%2BaTBs4u8Ams%2B5hmYi%2B2eJiObicItO4Zsmuxte87mSs3J8CP3IlhL3OAeGY9pQoRQdNfBAZuicLBfbEtJbf3qC0Em3o0XpLvXwNqcs5sDY7nsENnKENb%2BUy1oRmhpsLqLadJGgH7%2FHZ6WFCVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c176983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62ed97fc35cc3.preview_013.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62ed97fc35cc3.preview_013.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a85763530b2b70844b40236b75c19f8a8d65eecab19e2c977b3607fe58f5c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15700
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-3d54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBbbCW7uVgFf9M4lX2J1jKxn4lHrjiAZvvBfhxP3xvahqV7FHH%2FNw5c7lWVkI%2BlAT%2BNKMvQd%2B2zkAw36UmI5K5c%2BDb7pPHCyP%2BaY0Om6wQyoMS4%2BAMQ91pDmpGVFnllFCB%2BlP2YuD17P28xdGK%2FrwN9GMNPtMkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c196983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
62d6ff540ae9e_004.webp
dxw-ganhedinheiro.sa.com/49_files/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62d6ff540ae9e_004.webp
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ca36e5456d2951358d5274d4f59f5b910260cbed566cf875b5b62229e8ac5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-2eb0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHuKyPi1ccgVsqmr4In0E3ffFYeK4pGxZIDfCoB2ZcadahCogZK6NaJEn4F7znA0dMrhEwpeBJfN%2BLrmmFqgImK9T9pYEP6PFtgKxEYROZTdl2r2iUbY48PH5MVgZSTvkPHX%2F2DEyx25XIDJAdzvSsCXlDwYBdE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7397fd467c1b6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11952
62cef0dd80d64.image_007.jpg
dxw-ganhedinheiro.sa.com/49_files/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/62cef0dd80d64.image_007.jpg
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c7332021932fe6ffe7109de7a44ab336d713a8cb9d4d51a2ea312cfa9184296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18392
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-47d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LUU%2FWkZYkCbRtiZGfDnkZz%2FOspU7R4uqw7o49Qg9zJ%2BrT%2Fip9eq3wb7wJiOhhweFzbfk4qnKuLQAsT%2FFY4iD%2Bbsp58b0kpqzT7yHhcMHPwRa98qGBW2kZaZRsukrb%2B3GfWlmfvxTo4XgegOTjub3XGEVM2MrD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c1e6983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
5c86b697bdc3f_003.webp
dxw-ganhedinheiro.sa.com/49_files/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/5c86b697bdc3f_003.webp
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c019c9345af6886724f70bf7a7759bbc89c7e5abf5d3b62148cfaa947cf8b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-36d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QC55SAPr0Xtf4fJpAlJ1O6HfcsU6MuRLCvIQGXJYfvQCyS9j%2F58HAhFKMvohwRKe9d58g%2F89tTl%2BPgImGjy6I43FoBKCpx%2BzYfSEmuZwJSCKklP6mwn2h3ErR9MFPwDJbepaWvnGRIeSDnfOW%2Bxc82R6HUXs98A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7397fd467c1f6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14040
index_002
dxw-ganhedinheiro.sa.com/49_files/ 		850 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/index_002
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff6e0c896a291d25dbff97c3ce6942fc20cec28cb2c903f304d82cafddf5f8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-352"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpfZDR0bS8HOLq5V7%2BAwbewwfkbqAwBXOOaQt%2B1CwCwAajqDFT4j5j7l5SMhEgRIXh%2FL%2B7FGu%2FEgPUp%2BKxAJNeCC%2FS9uMdQzLntxVgzVW1QKGuNXWaxXgzNJWjaTynCjXJrzOIS7CiTl2JmTNaZ2ZypDmld53CM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd455a716983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
850
index
dxw-ganhedinheiro.sa.com/49_files/ 		131 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/index
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eafefa85896ae3b75ca9550945671a6f94ee2d8210a0bb132286d7e434f94946

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-20c3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNk8QlmIkfEyaMD6Gq9m4ZddOl4u6NmPCthjQ8n9viOu2FVoDt5LBhJkb3QhRHOBcL%2F22sld42wLtaUWlovg0f0mrac7vi6nN1SkaDszNJEjODHp8iXzK6grdJ7bRcdIFJIbugvDMkfvqn19PNJgNHaM306Z%2Bbk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd466bbd6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
134206
jquery.blockUI.js
dxw-ganhedinheiro.sa.com/49_files/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/jquery.blockUI.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-4dfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5CP0p3pffFO5wmSfIR14BPCu9AsiCn8gbRYaeag2DNLDO5uZ0RKhOE1tKvT5hes9%2BkF%2BoU5TPrv%2FtGyhb5mFLV5devbG%2F8k5J4prrLjOKBlWYQHlIR6LN0wSnFCANGAgrQUDML%2BOl3Xj1oIrnl%2BTJVRhG%2Fszjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bc96983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
cme-transparent.png
dxw-ganhedinheiro.sa.com/49_files/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/cme-transparent.png
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b96e55590ca61c1a01c453d902914a10d6a264180dd9107b521f3da99a5585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
57352
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
server
cloudflare
etag
"62f2e4ac-e008"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC4D3S2t7HvP4MODz8oJAw2UxcT7AlBeKXI25Y3SeaHmSjEGZd3Utnf9rvJCvziALC0gMqpmPtWHMHto06gzc620vJ7pWtv9cMUTcNRZo57vzR1TMQZGL9d4ivt0oY4GYz8KVaqpUYW6F2ZgFLuNkW1tPwIcBdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7397fd467c206983-FRA
expires
Sun, 11 Sep 2022 08:54:58 GMT
userstitch.load.js
dxw-ganhedinheiro.sa.com/49_files/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/userstitch.load.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4ada6c145883e0e0429564a2800336d6ca410409676250c216843838f3b1e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-cd2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BfyvlZPgpiVhvt8Sqzqfx9OxwnszoNFVFrPc5cZPqCVgCXq0niTpo6VlAI7Y0aNDC9kbNdAykZb9XVXJVTbpEPlBt%2Fnw%2BniilldoM%2BucycSQak7KHAMQmo4m5k9b0vgZE0%2BgxH4355CM%2FrWM2pyDdc2Q%2FAF03tM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bcc6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
dfp.floor.js
dxw-ganhedinheiro.sa.com/49_files/ 		177 B
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/dfp.floor.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae34aa53ae8ee8b71c6d514634202aa46a34752c09dcce54625656f25dccd1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UshmCnBR8E0h1l7ZC4C17fDi2KBOzpZ7BOlSQ79JGmcO5qg7ALiHW8IHSeUsPyXoUn88wg%2FpmtzHMkTKlUgoGZPFHhnPDW%2BvS8TXT8f%2F5fWhyGYwn8Td9YtOc%2Fv9vwqoysVf%2B3ZedC5%2B%2FR2%2FV1JC0x4NoN8KAlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bcd6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
dfp.lazy.init.js
dxw-ganhedinheiro.sa.com/49_files/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/dfp.lazy.init.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-320e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uu%2F3A1MemuDL2hV8pKOfQatjEfLpxNgGEPL8TOEKAd%2FzwJ8fwmNrU2rF5v%2BdMG%2Fv1zf7L9EQNIs4D%2B2tHOiK7lNzddArumwGISJl2r9agdP8OxiSxNZJkD0akzxcPVEN1Iwo8pwL4qXmE%2B0WsZaqlwAvSYI58eM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd06983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
a-0123.min.js
dxw-ganhedinheiro.sa.com/49_files/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/a-0123.min.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f7b5737b6ce872a31d4e2e652fbd370fa892d703122f676ba09badfb578adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
W/"62f2e4aa-6c24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qzuDe5AINO8%2BexlSPpHYIJiUDx%2Ft9onoMCDRYz4UbpkwCmD%2FSnFgs0ONkWKLCmNRMseMZ2HW0%2BuYGNoocu0010rwLUNK%2FjP6wYY632DTyUfsHJqOTyrw2lKmDQeYuvLZNDFW%2FxLLvo6wkroEnmpVaZJdEDvt6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7397fd467bd26983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 Aug 2022 20:54:58 GMT
5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
dxw-ganhedinheiro.sa.com/49_files/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 09 Aug 2022 22:50:18 GMT
server
cloudflare
etag
"62f2e4aa-c1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnVU5VtGFnAJiEO%2BI%2F01hzczCq7sMt0xEgEGJ6odWyiFAFEOIVMUx1JamIkdvzDB5iqntkGgH1eNbgcOzp1v5NRLYXCCfTr4WCbwEph6%2BT2zcVn8ceI8LUCdNKi%2FzI406pUb9GHiE1Y3eJWdY9g5Q5Gm2dUNugQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7397fd467bd56983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3099
gtm.js
www.googletagmanager.com/ 		201 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
932c85367ca5932045db7af647b099796ccb5eac3d80728046e2b4607e6fbaee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68337
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 08:54:58 GMT
86c3ac95-53ec-42eb-9a61-529105646732
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/86c3ac95-53ec-42eb-9a61-529105646732
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
*
last-modified
Wed, 03 Aug 2022 22:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
MP6YWHRly2_0u9XuoxlEA36Kmhal_0pBealIQRdOTv_kKhfSI5Bx4A==
config
c.amazon-adsystem.com/cdn/prod/ 		428 B
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Fdxw-ganhedinheiro.sa.com
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-209-55.fra56.r.cloudfront.net
Software
Server /
Resource Hash
38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:57 GMT
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
428
x-amz-cf-id
zi2PZjX_4luCAIkq0vz_KVRkVgWoM0CzfMzFzR9Hf2eL1yp5jgFiow==
tracker.gif
www.agupdate.com/shared-content/art/stats/common/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.agupdate.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166029449836116001200954621713001&tnms_dt=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&tnms_upage=1&tnms_do=www.agupdate.com&tnms_uri=/&tnms_ref=&rt=1660294498363
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d68db9eee92caf102ed5beb7a7de045cee15d0695942454d17bdf080ed38750b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28687
x-xss-protection
0
server
sffe
etag
"1301 / 174 of 1000 / last-modified: 1660255589"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 12 Aug 2022 08:54:58 GMT
gtm.js
www.googletagmanager.com/ 		484 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7403dc9316f335fc461a96b63c6a2c7810198a185e74abe7276a368aea4bef2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115267
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 08:54:58 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
serif-ds.woff2
dxw-ganhedinheiro.sa.com/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/images/serif-ds.woff2
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/lee.ds.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/49_files/lee.ds.css
Origin
https://dxw-ganhedinheiro.sa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtDO6DSgJbDqa2TL2TJckSkYEJqB%2BtEpLU2%2BDiAREn0sbJEsh7ghrkc64pWqu1Uxg0oiifyHeaqQpZE6EQb6MNjRqUvZdyGOh2ez3%2BLYj807fGMg70u89l%2Bhxd11sPQ3XgHUg6lo9jTARHULjdlzByoi0P5%2FKug%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
7397fd475da46983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2022080801.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 08:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134395
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:39:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Aug 2023 08:01:59 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dxw-ganhedinheiro.sa.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
642b6858a16d6ef6f946970420062d668685f8ca88a930c024291ce3859e134c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:54:58 GMT
9bb42094-7b75-47b3-bd21-4b5873bf260a
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/9bb42094-7b75-47b3-bd21-4b5873bf260a
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
a8da5f9a-c1aa-4e28-a73b-1eb368411744
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/a8da5f9a-c1aa-4e28-a73b-1eb368411744
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
ef07c424-a8ff-434a-b32b-efd8510613a6
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/ef07c424-a8ff-434a-b32b-efd8510613a6
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 5415
Redirect Chain
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
15345
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Fri, 12 Aug 2022 04:40:30 GMT
ETag
"50351b1f6590b5c4886c111874e016a0"
Last-Modified
Fri, 01 Oct 2021 23:50:10 GMT
Server
AmazonS3
Via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
qDe9iH02qqSgTF3gbhvKmUAUkd6qTWiLugmdAfXT_PmXePu3B1ghzA==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:54:58 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
d84a144a-388e-4367-9971-080f075b30b4
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/d84a144a-388e-4367-9971-080f075b30b4
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
970e741b-bc62-4f34-a2da-b64a5b2b7947
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/970e741b-bc62-4f34-a2da-b64a5b2b7947
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
a29b93e2-e106-42d5-a96a-57be76c88aa3
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/a29b93e2-e106-42d5-a96a-57be76c88aa3
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
c401c25f-fd93-4282-b819-5c802adfcc62
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/c401c25f-fd93-4282-b819-5c802adfcc62
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
52689ab2-de81-4c87-bb88-8709588127a5
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/52689ab2-de81-4c87-bb88-8709588127a5
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
6c448196-0dec-43be-94b1-7cab75c2852c
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/6c448196-0dec-43be-94b1-7cab75c2852c
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
serif-ds.woff
dxw-ganhedinheiro.sa.com/images/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/images/serif-ds.woff
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/lee.ds.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/49_files/lee.ds.css
Origin
https://dxw-ganhedinheiro.sa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oi0QCJ8EH%2FSlIMPd90k7xOYx4QUK9pu63xFw5CNP66OrOXPbuYLIKF2Yv1rjl%2BSGrWhnkWUtqyUShOBrrljcJf1YPGUCGiST6jKVIvSXYfhFiPY50pQ4Fxs4DpW3O%2Bl3sCEtQYlOrvhZSA5iyr%2BRbRUdkyotJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
7397fd49788c6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10345586&cs_it=b3&cv=3.8.0.210223&ns__t=1660294498801&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=279&cs_cmp_sv=1&cs_cmp_rt=3&c7=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&c8=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&c9=
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
s0gVgh01cTlwxG5UAbmi7GeHiZIcDzFxWoF6PzWCGjyHRg2iFH_JqQ==
x-cache
Miss from cloudfront
gtm.js
www.googletagmanager.com/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d24874bc8357681b422965d43f16b238c4723fdb73af98499247549c3f926f54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57213
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 08:54:58 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19123c8886ad1fbc1d697b67efe9b5203c4c827684550c74a868b14343324576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44089
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 08:54:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6778
date
Fri, 12 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 09:02:00 GMT
yy2
a.leetemplates.com/lee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxw-ganhedinheiro.sa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 12 Aug 2022 08:54:58 GMT
server
akka-http
via
1.1 google
yy2
a.leetemplates.com/lee/ 		2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/sp-gzip-2-17-3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
via
1.1 google
server
akka-http
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		861 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
R3d5vREO0.o42NBSGRSjGG_yzGv5bHG8
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
etag
"4779d2a0d5f9ed712a198bbf09e95d09"
age
1066
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-length
861
last-modified
Thu, 28 Jul 2022 15:57:55 GMT
server
AmazonS3
date
Fri, 12 Aug 2022 08:37:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
8QBMt-I3MG06mDOSh8Pv_0Ug9IHYEVqigTahaERaaec2gTTltzk8yQ==
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:39:32 GMT
content-encoding
gzip
age
926
x-guploader-uploadid
ADPycdv-6V_Qqns8vTnyVs7gRnLam9E96bi7MuWramjcaFuUhJiJjkqOwZQEc5wN_k-BIVZE0fhFhLQ0aDvzyZ3hCQHRXA
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26950
x-goog-meta-
last-modified
Thu, 18 Feb 2021 15:16:40 GMT
server
UploadServer
etag
"d3142accd3f370a95f561f0fbfb3114b"
vary
Accept-Encoding
x-goog-hash
crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation
1613661400000346
cache-control
max-age=31536000
x-goog-stored-content-length
26950
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 12 Aug 2023 08:39:32 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19016dc504e11edc70fbc0a027f61a3f587866f093f43538daef53690765410a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:58 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74219
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:54:58 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/5/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149300/lee/ml.js?cb=1601
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:53:25 GMT
via
1.1 google
last-modified
Wed, 04 Aug 2021 03:52:13 GMT
server
nginx
age
72094
etag
"96d23de5d1ede166c2abc188adf1ebd7"
vary
Accept-Encoding
x-cache
HIT Wed, 04 Aug 2021 04:04:18 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43093

Redirect headers

date
Fri, 12 Aug 2022 08:54:58 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
1-gc-euw1-10925
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:55:40 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
14358
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
UIf16xcC-nfbW5dgo3OlTg4sl8HxMVc_REy7PIsVqJfs4yd5rGoCeA==
d02f1e26-920d-4860-a58e-80e31c62d1b8
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/d02f1e26-920d-4860-a58e-80e31c62d1b8
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
870.bundle.323974846b6d45afb45e.js
cdn.segment.com/analytics-next/bundles/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:53 GMT
content-encoding
br
vary
Accept-Encoding
age
3732007
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
eGdtYNgVU7C.sD0ud7vKl0kuuvXdbYqu
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
QNmA6t_pN0E6lmmdtOMLvpQIupXxel6f_Z6La2vPGXG1cIhPw1zeeQ==
ajs-destination.bundle.35a8f6f19959bf2f455f.js
cdn.segment.com/analytics-next/bundles/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:53 GMT
content-encoding
br
vary
Accept-Encoding
age
3732007
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rRSPxUD4JSPvaFMNmUXrTxb4ziC5WpWM
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
4IDBanUz_AX8Dc8v8xLSb3HKlie9Y9oFTdMJPQhko3Ja4zRCjEFtAA==
5f9fd8bf-078f-46f7-a042-fbe25b15f9d3
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/5f9fd8bf-078f-46f7-a042-fbe25b15f9d3
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
f85a9065-f907-4f86-a35f-5a9ecc2f0d46
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/f85a9065-f907-4f86-a35f-5a9ecc2f0d46
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
publisher:getClientId
ampcid.google.de/v1/ 		3 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&sec=homepage&pubname=AgUpdate&ptype=homepage&metered=0%7C0&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.136&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=5&tvcfg=lee&tid=9e9fd57e-ba18-41bf-afac-dd3085bf1c67&pid=1e4700af-534f-453d-9db3-a73efcfb30ca&dtm=1660294499096&qnm=_matherq&visible=1&tabid=7d7e8fb4-2de3-482e-a711-ee273914568d&url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&vp=1600x1200&ds=1600x3948&tofa=1660294499&vid=1&lvidt=1660294499&duid=ea1814b16243a8d4&fp=1770465531&cid=ma1527&mrk=725149300&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2MDI5NDQ5NjgyNiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyNy42bWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTU2OSIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiI0OCIsImNvbm5TIjoiNDgiLCJjb25uRSI6IjEwMiIsInNzbFMiOiI2NyIsInJlcXVTIjoiMTAyIiwicmVzcFMiOiI0NjQiLCJyZXNwRSI6Ijk0NyIsImRvbUxvYWQiOiI0NjYifSwia2V5d29yZHMiOlsiYWd1cGRhdGUiXX0
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.90.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-90-216.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:54:59 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
insight.adsrvr.org/track/pxl/ Frame 5415 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
82ec9b73-4454-49b1-86d5-3c00464a4854
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/82ec9b73-4454-49b1-86d5-3c00464a4854
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
e6c72fa1-4823-4609-aabc-d2f7d6e59419
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/e6c72fa1-4823-4609-aabc-d2f7d6e59419
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
collect
region1.analytics.google.com/g/ 		0
353 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-F8FFLLVDEZ&gtm=2oe880&_p=757950765&_gaz=1&cid=965119951.1660294499&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660294499&sct=1&seg=0&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&dt=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&en=page_view&_fv=1&_nsi=1&_ss=1&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.domain=agupdate.com&ep.page_type=homepage&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=&ep.url_fragment=&ep.bot=no&ep.author=Undefined&ep.eedition_viewtype=Page%20View&up.user_status=anonymous&up.user_subscription=No&up.client_id=function(a)%7Bvar%20b%3Da.get(%22clientId%22)%3Ba.set(%22dimension%22%2Bc%2Cb)%3Bwindow.dataLayer.push(%7Bgoogle_client_id%3Ab%7D)%7D&up.user_ppid=&up.user_uuid=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
353 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F8FFLLVDEZ&cid=965119951.1660294499&gtm=2oe880&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F8FFLLVDEZ&cid=965119951.1660294499&gtm=2oe880&aip=1&z=915690052
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=965119951.1660294499&jid=474189867&gjid=118864155&_gid=472172644.1660294499&_u=YCDAgUAjAAQCAE~&z=1896856276
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 08:54:59 GMT
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-2&cid=965119951.1660294499&jid=316705246&gjid=420493070&_gid=472172644.1660294499&_u=YCDAiUAjBAQCAE~&z=1033628268
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 08:54:59 GMT
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=757950765&t=pageview&_s=1&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUAjAAQC~&jid=474189867&gjid=118864155&cid=965119951.1660294499&tid=UA-54716522-7&_gid=472172644.1660294499&gtm=2wg880PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=49_files%2Fa.htm&cd16=No&cd17=Page%20View&cm1=1037&z=1610811140
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 17:31:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55437
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=757950765&t=pageview&_s=1&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ul=en-us&de=UTF-8&dt=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiUAjBAQCAE~&jid=316705246&gjid=420493070&cid=965119951.1660294499&tid=UA-54716522-2&_gid=472172644.1660294499&gtm=2wg880TDWDC2&cd1=desktop&cd2=agupdate.com&cd3=editorial&cd4=homepage&cd6=homepage&cd14=Undefined&cd17=null&cd20=anonymous&cd23=&cg1=&cd21=Agrimedia&cd22=flex-editorial&cd30=85&cd31=Sunny&cd51=Agrimedia&cd52=2&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F104.0.5112.79%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=0&cd106=Page%20View&cd107=0&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd124=dsv3&cd89=965119951.1660294499&z=1856470592
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Aug 2022 17:31:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55437
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 12 Aug 2022 09:33:29 GMT
jquery.blockUI.js
s3.amazonaws.com/js1.aws.barchart.com/private_labels/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/js1.aws.barchart.com/private_labels/jquery.blockUI.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.139.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Aug 2022 08:55:00 GMT
Last-Modified
Mon, 24 Jul 2017 15:24:24 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1495487303/ctime:1469555267/gid:48/gname:apache/md5:5c98c0cbfacee6dab0783112cb0e233d/mode:33188/mtime:1469555267/uid:48/uname:apache
x-amz-request-id
H4G6ABV16TTJ1N8N
ETag
"5c98c0cbfacee6dab0783112cb0e233d"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
19966
x-amz-id-2
WLchfbKXjCD5Es1p/W9wTt8oll0Rq0f2+vUPsxafP1b7aOxb6MEQG+22hTEz6A7JbxaKoKML73Q=
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 04:14:57 GMT
content-encoding
br
vary
Accept-Encoding
age
3732003
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 00:39:24 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
2Zx1lLvKGQVUN0CW_0j0kkuvMQ5TNtLg
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control
public,max-age=31536000,immutable
x-amz-cf-pop
FRA6-C1
content-type
application/javascript
x-amz-cf-id
zt1iiY5fIUU5HXQ69jFbTkLcmB8IqI7zRUos_syTwkR9LjkyS-Gh2g==
sm_up.png
shared.websol.barchart.com/images/ 		369 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shared.websol.barchart.com/images/sm_up.png
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-5.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
088a75c567c50a8941b94f3352e3d17816788274d842c9789db85cae5fa7e957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Wed, 10 Aug 2022 19:33:20 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"62f40800-171"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
369
x-amz-cf-id
7DjG1us8vZ4JPfpGoCyvFlQAgP0OvC_RYOcKWlQlmv89JEL_LYw4Gw==
sm_down.png
shared.websol.barchart.com/images/ 		382 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shared.websol.barchart.com/images/sm_down.png
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-5.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
8a48cc71cbcf735724b5900ae6e9adbc2ba385e7576d60202aef8a502ebfcddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
last-modified
Wed, 10 Aug 2022 19:33:20 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"62f40800-17e"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
382
x-amz-cf-id
gXwWfF3JX8JyARPrVr44cqp4RWOtslbv08RbtzbeAOzyZa3GZi0Y6w==
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b6fc85d7c4763c8b5ca5b1cdd2071124e6c264e760205f296c205f80025d2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73067
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:54:59 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		95 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76f397860fdbb6af803c992e98410931acf62c1eed492e3279bd9126e59f1889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
bLRN5xZyJbY4mYmGxIyWSKI1vGx9X6f9
content-encoding
br
etag
W/"e0cba9af257f03f26061b0adad734290"
age
88
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Thu, 04 Aug 2022 22:13:12 GMT
server
AmazonS3
date
Fri, 12 Aug 2022 08:53:57 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
qZgoeos465ZVR2pneSSi-pYWMNJQm6efSH1rbZJW0qgt2ByfyHGYjA==
/
www.facebook.com/tr/ 		44 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rl=&if=false&ts=1660294499293&cd[custom_param]=agupdate.com&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&it=1660294498852&coo=false&rqm=GET
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 12 Aug 2022 08:54:59 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe880&_p=757950765&cid=965119951.1660294499&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660294499&sct=1&seg=0&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&dt=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=1037&up.logged_in=No
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/js_002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dae3c852755a816bd36e0f2a7d29296cd219f4cdc132c5f32e891a9a40831c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69805
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:54:59 GMT
destination
www.googletagmanager.com/gtag/ 		189 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9548550e578aa716083297856744204e4d1dcdb646097fc9c73e7da9cec1555
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69796
x-xss-protection
0
expires
Fri, 12 Aug 2022 08:54:59 GMT
/
www.facebook.com/tr/ Frame BE6E 		0
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://dxw-ganhedinheiro.sa.com
Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:54:59 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54716522-2&cid=965119951.1660294499&jid=316705246&_u=YCDAiUAjBAQCAE~&z=692586267
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54716522-2&cid=965119951.1660294499&jid=316705246&_u=YCDAiUAjBAQCAE~&z=692586267
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
344 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=2oe880&_p=757950765&_gaz=1&cid=965119951.1660294499&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&dt=agupdate.com%20%7C%20From%20Lee%20Agrimedia&sid=1660294499&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=49_files%2Fa.htm&ep.townnews_crm_group_id=35
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/js_003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=965119951.1660294499&gtm=2oe880&aip=1
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/js_003
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.hk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.hk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=965119951.1660294499&gtm=2oe880&aip=1&z=115655103
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
api.segment.io/v1/ 		21 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.77.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-77-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
date
Fri, 12 Aug 2022 08:54:59 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		861 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
R3d5vREO0.o42NBSGRSjGG_yzGv5bHG8
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
etag
"4779d2a0d5f9ed712a198bbf09e95d09"
age
1067
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-length
861
last-modified
Thu, 28 Jul 2022 15:57:55 GMT
server
AmazonS3
date
Fri, 12 Aug 2022 08:37:25 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
FRqY7bHqun__u7-neq7c2VUaC_UJtq3FXuDVnOqZ7YXS9GVkYiyhLQ==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Microdata&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rl=&if=false&ts=1660294499794&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia%22%2C%22meta%3Akeywords%22%3A%22agupdate%22%2C%22meta%3Adescription%22%3A%22Your%20source%20for%20agriculture%20and%20farming%20news%20online.%20Ag%20Update%20is%20aggregated%20by%20regional%20Ag%20News%20site%20owned%20by%20Lee%20Enterprises%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.agupdate.com%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fagupdate.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F4ee6e232-4e89-11e6-a6d5-1b60cc286baa.jpg%3Fresize%3D600%252C315%22%2C%22og%3Aimage%3Awidth%22%3A%22600%22%2C%22og%3Aimage%3Aheight%22%3A%22315%22%2C%22og%3Atitle%22%3A%22agupdate.com%20%7C%20From%20Lee%20Agrimedia%22%2C%22og%3Adescription%22%3A%22Your%20source%20for%20agriculture%20and%20farming%20news%20online.%20Ag%20Update%20is%20aggregated%20by%20regional%20Ag%20News%20site%20owned%20by%20Lee%20Enterprises%22%2C%22og%3Asite_name%22%3A%22AgUpdate%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fwww.agupdate.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=2&o=30&it=1660294498852&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 12 Aug 2022 08:54:59 GMT
tractor.svg
bloximages.chicago2.vip.townnews.com/agupdate.com/content/tncms/live/libraries/flex/components/site/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/agupdate.com/content/tncms/live/libraries/flex/components/site/resources/images/tractor.svg?_dc=1653085292
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f454c7fe3cbdbed1667f7614b8af0a5e3e8933a35b5c054853ff66e0e62f1738
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:54:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
224362
cf-ray
7397fd50b82e6919-FRA
last-modified
Fri, 20 May 2022 22:21:32 GMT
x-vcache
HIT
server
cloudflare
etag
W/"6288146c-59b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 20 May 2023 22:28:59 GMT
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/userstitch.load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-84.fra53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 01:23:13 GMT
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
CloudFront
age
5038307
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=577049, s-maxage=32228354
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
0rO6wf-FbAgeXtzCXuPS8k6Toza4QST4Z-Jg5Yp8I4Rh20Gq9OpwCg==
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dxw-ganhedinheiro.sa.com
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dxw-ganhedinheiro.sa.com
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1310723991844675&correlator=2667194243490282&eid=31068869%2C31068925%2C31067826&output=ldjh&gdfp_req=1&vrg=2022080801&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXABAZHCFCwAAFAAH_AAA5QIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=0&us_privacy=1---&iu_parts=8438%2Cagupdate.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=3x1&ifi=1&adks=2612603205&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dnative_ad_grid_v3%2Catf%2C50%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D8%26lee_day%3D5%26fp%3D133&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dagupdate%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&sc=1&cookie_enabled=1&abxe=1&dt=1660294499975&lmt=1660294499&dlt=1660294497292&idt=1596&adxs=1155&adys=1103&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&frm=20&vis=1&psz=325x1&msz=325x1&fws=4&ohw=1600&ga_vid=965119951.1660294499&ga_sid=1660294500&ga_hid=757950765&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YgJ2OiqkwSABSAghkEhQKBW9wZW54GICdjoqpMEgAUgIIZA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
539a8cdd0fb6b2e37cbfcce981f3e3b9776eb084e05be8a3e0142d7af0ecb615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10120
x-xss-protection
0
google-lineitem-id
6059470473
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138398577744
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp&cc=1
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
7d8d8fdc515818edde1db1ac69ba848bc7be5f4b8699cae128ae2592f4651897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 google
etag
W/"55-OzNEuEeODZBJhXvsNPaa2yVmBmw"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 google
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
x-powered-by
Express
vary
Origin
location
/esp?url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
container.html
d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8ACB 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:55:00 GMT
expires
Sat, 12 Aug 2023 08:55:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rl=&if=false&ts=1660294499994&cd[custom_param]=agupdate.com&sw=1600&sh=1200&v=2.9.73&r=stable&ec=3&o=30&it=1660294498852&coo=false&rqm=GET
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 12 Aug 2022 08:55:00 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 292B
Redirect Chain
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
138 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
15347
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Fri, 12 Aug 2022 04:40:30 GMT
ETag
"50351b1f6590b5c4886c111874e016a0"
Last-Modified
Fri, 01 Oct 2021 23:50:10 GMT
Server
AmazonS3
Via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id
iNDg2q2_gjpHqjUtotwRsTzC6d5Lc0eafECuhjXUTB9LimHcThVe2w==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Fri, 12 Aug 2022 08:55:00 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
container.htm
dxw-ganhedinheiro.sa.com/49_files/ Frame D32E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/container.htm
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058cf8f33f01f0ead621b36d4f9b45a0c475aa06164133d19b5f73938ebe8394

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7397fd513a926983-FRA
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:55:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpEH3fkcrwcFWULIYDTRWhbpYimqA4dEeCUJozgwPBj1jyrZ15p1assOAVgDEmxPL6QzsmE7szCZy3ZNrZrH6eo22quymqbyoTui%2FrG8ZeA82ALgHfah7uyYl2pji5z77cN9iwooy%2F7hmE0z1VuVhzQn88CD11w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Sit... Frame 71AE
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20...
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Tot...
163 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22agupdate%22%7D/rt=ifr
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
163
content-type
text/html;charset=utf-8
date
Fri, 12 Aug 2022 08:55:00 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-consent
absent
x-server
10.45.30.177

Redirect headers

cache-control
no-cache
content-length
0
date
Fri, 12 Aug 2022 08:55:00 GMT
expires
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=315960051/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20agupdate%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22agupdate%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.45.28.17
aframe.htm
dxw-ganhedinheiro.sa.com/49_files/ Frame E6EE 		796 B
945 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/aframe.htm
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8ac0ab1b4cc9b24414e4d102ba708053e4c4febdbc36848a999c001086184d

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7397fd513a946983-FRA
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 08:55:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 09 Aug 2022 22:50:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s10LdiCqzcqpkj95SQglJLEOw%2BEQFiCzzIa12l7CKbyFF3Vmw0%2FmBMmAcnFgCbZ726oEpXP0yhNyRbuzRnX5jYnwS56yP6AdJnschbxKih9Cxu%2FVLGqYvRp%2BESoyP7OpDsXfWe2pZdUib8Wg0lHKDJoVGYfb3C8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
a-0123
i.liadm.com/s/c/ Frame 347D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
cbace89cedbcb7914c6e64676bdbae21a84974219a581c6c3af909c6570f35f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
649
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:55:00 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
pd
google-bidout-d.openx.net/w/1.0/ Frame B8C5 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 12 Aug 2022 08:55:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
cmp.osano.com/ Frame 54FD 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22996
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 02:31:45 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-id
q2teh_oZCh-nOakXO_0pAkh6zsxypU5zONwfFCXYTZVkOtvRZNl9jA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
c770f20a-4e54-4d6f-92ad-364f54bbd415
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/c770f20a-4e54-4d6f-92ad-364f54bbd415
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
2d3f4aa1-4e16-41f0-8fd9-84ceb576c3de
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/2d3f4aa1-4e16-41f0-8fd9-84ceb576c3de
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
e4cf4737-8a67-4b76-bec2-264e7a8df70e
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/e4cf4737-8a67-4b76-bec2-264e7a8df70e
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.136.53.155 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-53-155.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
cache-control
public, max-age=86400
last-modified
Tue, 17 May 2022 17:30:07 GMT
accept-ranges
bytes
content-length
4559
vary
accept-encoding
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame EE65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP2Kn8nCX_Hb9dnEpz7UinOtuGlnbxBjBqNGbTM4UP_nQiWjmcPdqrnU2Ey4GLBQaLr3zSMzK1rOS0z3kkQf9QK-jsUiA3IUyfuJhb0XcZa3vYEOTU_rn0FhVXBtLYXSrNYRCGU1ZD1HIt2B2UooS6kXrhcJzgwk1jLvjydeMeUrLmDG-Ng12SxvVkw7Zb1Tb7uXkjyQNnxMwElJptCFLmamav0kgodczHbFofli9oK1_4D3jFmY5vUWIZPYL4iULuGvuh4MUQuor6QX3_gFVx376JwN-e0k2z0z4Ip5JLd6xJOW74FsSbPlb8gpn4WMZlaAE9xg34Kf-Zt4Ch45ym4xtVc7QAoGMUVmohR00&sai=AMfl-YRIRutFjn_prE0FDbqXWyeGg8vAx42ClpZgr2vFSOZov_UTSpn87Xet5mE4TwmRlqtpmakdU0zCxra31gmTKpnQDtgffMw-X6qn3RZ4ClIOB8FsxKtume2Vb7IXMOxG6g&sig=Cg0ArKJSzKsJIG33nSiLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:55:00 GMT
load.js
s.ntv.io/serve/ Frame EE65 		472 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:00 GMT
Content-Encoding
gzip
x-amz-request-id
XY4QPPM1PVAMGPKR
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
BsgaJPxNie3pNmJM9R1DoeyeiuGbdvH1Ra83jzxYxtJLN4963yy6NrhGaMyJsXUJGtsQYQXv6Ho=
Last-Modified
Fri, 12 Aug 2022 01:01:09 GMT
Server
AmazonS3
ETag
"febd3311857289fff1b140dfb03d0b67"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE65 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:55:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAAA...
  • https://rp4.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAA...
13 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAAAAAAAAEXABAZHCFCwAAFAAH_AAA5QIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IllvdXIgc291cmNlIGZvciBhZ3JpY3VsdHVyZSBhbmQgZmFybWluZyBuZXdzIG9ubGluZS4gQWcgVXBkYXRlIGlzIGFnZ3JlZ2F0ZWQgYnkgcmVnaW9uYWwgQWcgTmV3cyBzaXRlIG93bmVkIGJ5IExlZSBFbnRlcnByaXNlcyI-PHRpdGxlPkFnIFVQREFURSA6IEEgbGVhZGVyIGluIGFncmljdWx0dXJlIGFuZCBmYXJtaW5nIG5lIHwgRnJvbSBMZWUgQWdyaW1lZGlhPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iNDlfZmlsZXMvYS5odG0iPjx0aXRsZSBpZD0iZjUwOTE2YWQtNDM0Yy00OGNhLWE3ZWQtMjBhOGIyZDE1NjMzIj48IS0tLS0-5YWz6Zet5q2k5a-56K-d5qGGPCEtLS0tPjwvdGl0bGU-PHRpdGxlIGlkPSIyMTFkOWZjOC03ZDNkLTQ1NjctODgxOS1hNGVhZTEwNzIwNGQiPjwhLS0tLT7lhbPpl61Db29raWXlgY_lpb08IS0tLS0-PC90aXRsZT48aDE-RmluZCB0aGUgZXF1aXBtZW50IHlvdSdyZSBsb29raW5nIGZvcjwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjM%3D&n3pc=true
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Server
107.21.19.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-19-116.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
x-pixel-event-id
34b9408d-8685-4643-b149-3c43fc4a0435
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
null
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
0fc39871f49597a9
request-time
7
content-length
13
x-content-type-options
nosniff

Redirect headers

date
Fri, 12 Aug 2022 08:55:00 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies
master-only
location
https://rp4.liadm.com/j?dtstmp=1660294500325&aid=a-0123&se=e30&tna=v2.4.0&pu=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&ext_ajs_user_id=null&us_privacy=1---&wpn=lc-bundle&gdpr=0&gdpr_consent=CAAAAAAAAAAAAEXABAZHCFCwAAFAAH_AAA5QIgAB4C5GQCFBeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAAAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIACgLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IllvdXIgc291cmNlIGZvciBhZ3JpY3VsdHVyZSBhbmQgZmFybWluZyBuZXdzIG9ubGluZS4gQWcgVXBkYXRlIGlzIGFnZ3JlZ2F0ZWQgYnkgcmVnaW9uYWwgQWcgTmV3cyBzaXRlIG93bmVkIGJ5IExlZSBFbnRlcnByaXNlcyI-PHRpdGxlPkFnIFVQREFURSA6IEEgbGVhZGVyIGluIGFncmljdWx0dXJlIGFuZCBmYXJtaW5nIG5lIHwgRnJvbSBMZWUgQWdyaW1lZGlhPC90aXRsZT48bGluayByZWw9ImNhbm9uaWNhbCIgaHJlZj0iNDlfZmlsZXMvYS5odG0iPjx0aXRsZSBpZD0iZjUwOTE2YWQtNDM0Yy00OGNhLWE3ZWQtMjBhOGIyZDE1NjMzIj48IS0tLS0-5YWz6Zet5q2k5a-56K-d5qGGPCEtLS0tPjwvdGl0bGU-PHRpdGxlIGlkPSIyMTFkOWZjOC03ZDNkLTQ1NjctODgxOS1hNGVhZTEwNzIwNGQiPjwhLS0tLT7lhbPpl61Db29raWXlgY_lpb08IS0tLS0-PC90aXRsZT48aDE-RmluZCB0aGUgZXF1aXBtZW50IHlvdSdyZSBsb29raW5nIGZvcjwvaDE-&i6=MjAwMToxYjYwOjI6MjQwOjMyNDc6OjM%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://dxw-ganhedinheiro.sa.com
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
438a5c5cd70d5f09
request-time
0
content-length
0
x-content-type-options
nosniff
/
insight.adsrvr.org/track/pxl/ Frame 292B 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sodar.htm
dxw-ganhedinheiro.sa.com/49_files/aframe_data/ Frame E6EE 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dxw-ganhedinheiro.sa.com/49_files/aframe_data/sodar.htm
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/aframe.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/49_files/aframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UD0LwRBdXhtatoVBWjPLsezWLrdXatXZhfxRAgS9l8lUpH87D%2B0vtwz8vjoiB%2FNIjuLEu2A6Nn1Gl2aR9khF9auo9v5dojybGnzV32mGq51Y7xj7%2BxYZOPbNoCVRFAw4qCLMFW5gb3qI52QGL8Cs%2FK%2BmLOtR8vE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
7397fd533d8e6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/5/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149300/lee/ml.js?cb=1601
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 12:53:25 GMT
via
1.1 google
last-modified
Wed, 04 Aug 2021 03:52:13 GMT
server
nginx
age
72095
etag
"96d23de5d1ede166c2abc188adf1ebd7"
vary
Accept-Encoding
x-cache
HIT Wed, 04 Aug 2021 04:04:18 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43093

Redirect headers

date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
1-gc-euw1-10929
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:55:40 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
14360
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Mlkn7ehZNIlZ8tyk2aOE80Rz3M8BTPQIbzTUw_rurBr8InJiWSoFfQ==
/
cmp.osano.com/ Frame AEEC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22996
content-encoding
br
content-type
text/html
date
Fri, 12 Aug 2022 02:31:45 GMT
etag
W/"287b497c992487af362d33204f87d28f"
last-modified
Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-id
E9v3TSVGkpsfmGnG5EGfVh8owJMkrFMmBMLq9gzrOAllMg-RjuTyZA==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
record
consent.api.osano.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dxw-ganhedinheiro.sa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-apigw-id
WvhHxG5KoAMF7Xg=
x-amz-cf-id
rhra6IqK1sxvomUBOZqJZ__Pqp_mRbWicgBg6Cm_9ZdC6ptZeEPI3Q==
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
cb7c3d83-d93e-4899-a37b-28edd2696472
x-cache
Miss from cloudfront
record
consent.api.osano.com/ 		0
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent.api.osano.com/record
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://dxw-ganhedinheiro.sa.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 08:55:01 GMT
via
1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-apigw-id
WvhH0FJFoAMFTxw=
x-amzn-requestid
9fee37af-e4fc-4a84-a1e0-e43ceff914dd
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62f61565-508ab83f338d7ff222a20269
x-cache
Miss from cloudfront
access-control-allow-headers
Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-cf-id
zJDopvZ2o9ltIiOJ9ZRTDWUQ4tWOQ3643S4AFfl_Me6U6EXRXi0TIA==
a-0123.min.js
b-code.liadm.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-0123.min.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e6f7b5737b6ce872a31d4e2e652fbd370fa892d703122f676ba09badfb578adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:19:00 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
age
84960
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA6-C1
content-encoding
gzip
x-amz-cf-id
qNmrvCs8Ip0r6mly4_9fcKes7n3zdjJhQATwq_jALyE1kbfhvhnPOg==
5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/5b5dc540-ca6c-013a-51e3-0cc47a8ffaac
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3099
x-request-id
FwqNDTRL0fhl6Asmt_bh
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.73
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
8jw/PeQ5aWHn+Hk41Fm6gtGshhmI7wFqoLtpaCIy8M/R/rSaR2Q1pxEbYmcq7wmX94V5q5gK5o9JuG4inV6avA==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 08:55:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
961211893969940
connect.facebook.net/signals/config/ 		296 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.73&r=stable
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b55f77744c64b423aa9aebf98a96a758b2d1dc27a847e31e28eccc34d9ae3ac8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
3jscyH2NfCi4dXohYAlvUIZCEUEgKxh0TW/IgXfJxapANTwD0jYwmOu+SVhTSjGd55rwErW8v8IX2j/JrH98tQ==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 12 Aug 2022 08:55:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1660294500734
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26515
x-xss-protection
0
pragma
public
x-fb-debug
oNTE2nu7+2bGKkVmRrUFp9ACN8tPOudn2TqfZVLTpYsKaRhI9hWeRUPcthxvri6ivUDwIHCp6nrJPuUJVCJZOQ==
x-fb-trip-id
720026100
x-frame-options
DENY
date
Fri, 12 Aug 2022 08:55:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 05:01:23 GMT
content-encoding
gzip
age
2174017
x-guploader-uploadid
ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation
1622140251693895
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 18 Jul 2023 05:01:23 GMT
sync-container.js
b-code.liadm.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ca00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
etag
"ae5e94de938b0387eda6df8f20da811a"
age
1193343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5904
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
date
Fri, 29 Jul 2022 13:25:58 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
l6IUsIaF4klPHTN3uEJ0iIB8gBAfoHGvihgsWN-6s0q39OsgK3ik5w==
generic
match.adsrvr.org/track/cmf/ Frame 347D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
413b1887204744dbae3c8d97aafa585f
i.liadm.com/s/e/a-0123/0/ Frame 347D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0123%2F0%2F413b1887204744dbae3c8d97aafa585f%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1---
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-0123%2F0%2F413b1887204744dbae3c8d97aafa585f%3Fmpid=82775&muid=$%7BDD_UUID%7D
  • https://i.liadm.com/s/e/a-0123/0/413b1887204744dbae3c8d97aafa585f?mpid=82775
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-0123/0/413b1887204744dbae3c8d97aafa585f?mpid=82775
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:00 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-1-v038-006789e8c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Error
300,104
X-TID
fwBZYi5lQMI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-0123/0/413b1887204744dbae3c8d97aafa585f?mpid=82775
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 347D
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1---
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1---&rd=Y
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1---&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 12 Aug 2022 08:55:00 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=&us_privacy=1---&rd=Y
pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 12 Aug 2022 08:55:00 GMT
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 347D 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-vcl-time-ms
91
pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 varnish
server
nginx
x-timer
S1660294501.510553,VS0,VE91
x-served-by
cache-hhn4027-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
35004
i6.liadm.com/s/ Frame 347D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=R4yqEPLelD0KTk4t7g6y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DF4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBS...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=F4XWSLTMNFQWI3JOMNXW2L3TF4ZTKMBQGQ7WE2LEMRSXEX3JMQ6TSOBSGU2CMYTJMRSGK4S7OV2WSZB5KI2HS4KFKBGGK3CEGBFVI2ZUOQ3WONTZEZSXQY3IMFXGOZJ5NRUXMZLJNZ2GK...
  • https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1---
  • https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1---&us_privacy=1---
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1---&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:53a2:e8b9:dcbd:7f07 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/35004?bidder_id=98254&bidder_uuid=R4yqEPLelD0KTk4t7g6y&us_privacy=1---&us_privacy=1---
Date
Fri, 12 Aug 2022 08:55:01 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
restricted
mid.rkdms.com/ Frame 347D
Redirect Chain
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=&liid=&_ct=im&us_privacy=1---
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
3.213.71.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-71-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Fri, 12 Aug 2022 08:55:00 GMT
server
nginx
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 347D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=adf3ae29c79e--01ga2csw1bdw5w89mvzqnte49w&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:54:59 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
truncated
/ Frame EE65 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ef89f51d03076596f3847592e9f27e48eadb9a59f69898951f3cde868a8483d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=10345586&cs_it=b3&cv=3.8.0.210223&ns__t=1660294500445&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=279&cs_cmp_sv=1&cs_cmp_rt=2&c7=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&c8=Ag%20UPDATE%20%3A%20A%20leader%20in%20agriculture%20and%20farming%20ne%20%7C%20From%20Lee%20Agrimedia&c9=
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:00 GMT
via
1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
tS4WPDqEN6Ia8e-N4rUPXVzqtOXXWOC-8LNWex5ySCM1yrZixMIcAw==
x-cache
Miss from cloudfront
display.js
jadserve.postrelease.com/ Frame EE65 		477 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/display.js?&ntv_m=1&ntv_z=native_ad_grid_v3&ntv_au=ntv1515553400&prx_url=https%3A%2F%2Fdxw-ganhedinheiro.sa.com%2F&rand=526048955.04453665&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.145.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-145-15.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
2e47e4d17b0f68f7b03097b9b9ecafbffa4fc564460fbd591e6ca266aeb9070e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:55:00 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
314
expires
Mon, 1 Jan 1990 12:00:00 GMT
d8817a71-0cd4-4e13-9b24-95f76a52b02e
https://dxw-ganhedinheiro.sa.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dxw-ganhedinheiro.sa.com/d8817a71-0cd4-4e13-9b24-95f76a52b02e
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
pd
google-bidout-d.openx.net/w/1.0/ Frame 1BE9 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 12 Aug 2022 08:55:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame EE65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZeMYeoOV7jM7BkfF-sDUP79X1F2vJRI-AO94Aw7GpeYz5y4IM2sfrvjHTzB5Tp0oRNpXWZbC_qaKcYHBOtD1XKW2zwbyM4q0cE8OVpWl1aV7fyDlJXfnKIoRn5c8QzkjLhU34_zmRPzH5JhZwg1RaHbiVtbW9SqqdMkbDdubBke3tAL5tykFGCAhN41InbnIhylEP66K_JE1tiafeSMdhn9XPRNLmUkLSsSrR6MsOjjqQFiG8c9_et4OiJIy2h03Xk_MfbURV18XiMCM8fjDFQI_QAIli309UJ8jCHe4bmdvBejmv_ik7pZMhj297ry0VLAbQTIV5Fk4lvn4XzyaeKTU&sai=AMfl-YSIVwn9F-I2SnzmH0lmqJGtYsd_isk421dgty9FriYtiETof3Fkb_CO2E1VX_ir8VKV7oWLQL3QjamnPp_ElTPqhzqRX9LI1rnbnype9CCHQLu8urgqU68P9S6S_ZAkWw&sig=Cg0ArKJSzLWUbv4RB0nsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:55:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 12 Aug 2022 08:55:00 GMT
a-0123
i.liadm.com/s/c/ Frame F92C 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
79bf4067ef3c820013623ca574f0abc621746cc5625dbf7caddd205cc762aa2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
751
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:55:01 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
a-0123
i.liadm.com/s/c/ Frame D6DE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
f9d7eee4bb81b63ba2ef026669127bcb3950040dfc13482e82238a120a0418e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
752
Content-Type
text/html; charset=UTF-8
Date
Fri, 12 Aug 2022 08:55:01 GMT
ETag
1.61803398874
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
/
dxw-ganhedinheiro.sa.com/tncms/tracking/classifieds/featured/ 		548 B
644 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dxw-ganhedinheiro.sa.com/tncms/tracking/classifieds/featured/?i=a95688ca-b454-57f8-a04a-77c3e8c012d6,7d9ee52c-1d24-53e7-bb8e-af0d1195fcd9,5a4c9827-d281-543f-8430-a30e012e37d3,2960720b-7daa-505a-8e1c-83a777144bd2,5e24bc1c-b457-5992-b128-d889ef0d61bd,29e81855-819c-56e0-a1ac-17c161509b40,5c422811-6dc9-59a8-8111-2cdc689119d4,76224a15-aa9e-5ac7-a37c-22446ede5f39,
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/tracking.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpeQTfXyPfMQKuPrYI5q2hACN3wu01G%2BcUqQiVMxd24%2Fd87QNdmXSZz0dLyPpyV2Fc3mhBKzg9HjFL%2FhMepvo9B1HYi%2BVQsuRmcX6hU5w0LN9q0adKQrUJ1FOwvZjaD7gHsk7kEVreBeOSnv%2FuLJniFf%2BDlOaYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
7397fd593f436983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
d722dabc60e34d3abd12b8b5d1736215
i.liadm.com/s/e/a-0123/0/ Frame F92C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53&us_priva...
  • https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid=7156&muid=021862f6-1565-4800-a35c-df08dae8bc6b
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid=7156&muid=021862f6-1565-4800-a35c-df08dae8bc6b
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x13 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-0123/0/d722dabc60e34d3abd12b8b5d1736215?mpid=7156&muid=021862f6-1565-4800-a35c-df08dae8bc6b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:55:00 GMT
52164
i.liadm.com/s/ Frame F92C
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=cc11965d-308b-4b68-b6c2-bb11163b8fec
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=e01f2f6d-9461-41d4-955a-528f23589e53
  • https://ums.acuityplatform.com/bum?tpid=29&uid=901a8cf9-38d2-46f9-a7e6-c48286d46b14&bidswitch_ssp_id=liveintent
  • https://x.bidswitch.net/sync?dsp_id=236&user_id=&expires=30&user_group=1&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
restricted
mid.rkdms.com/ Frame F92C
Redirect Chain
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=e01f2f6d-9461-41d4-955a-528f23589e53&liid=&_ct=im&us_privacy=1---
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
3.213.71.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-71-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Fri, 12 Aug 2022 08:55:01 GMT
server
nginx
content-length
0
/
loadus.exelator.com/load/ Frame F92C 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=661&j=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
d437859b91d7410298fa73bf86011b89
i.liadm.com/s/e/35637/0/ Frame F92C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1---
  • https://i.liadm.com/s/35637?bidder_id=100905&amp;bidder_uuid=219723204241001063161
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F35637%2F0%2Fd437859b91d7410298fa73bf86011b89%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f...
  • https://i.liadm.com/s/e/35637/0/d437859b91d7410298fa73bf86011b89?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/35637/0/d437859b91d7410298fa73bf86011b89?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/35637/0/d437859b91d7410298fa73bf86011b89?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:55:00 GMT
41715
i6.liadm.com/s/ Frame F92C
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D&us_privacy=1---
  • https://i.liadm.com/s/41715?bidder_id=127211
  • https://i6.liadm.com/s/41715?bidder_id=127211
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/41715?bidder_id=127211
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:53a2:e8b9:dcbd:7f07 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/41715?bidder_id=127211
Date
Fri, 12 Aug 2022 08:55:01 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
501709.gif
idsync.rlcdn.com/ Frame F92C
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4c58d46d-980b-4e61-a817-2cfddf7...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846
0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846
Date
Fri, 12 Aug 2022 08:55:02 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fecf767051744b39af0191f9f9666ddc
i.liadm.com/s/e/a-0123/0/ Frame D6DE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f23589e53&us_priva...
  • https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Server
MT3 4488 7bc0e2f master cdg-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/a-0123/0/fecf767051744b39af0191f9f9666ddc?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:55:00 GMT
52164
i.liadm.com/s/ Frame D6DE
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=e01f2f6d-9461-41d4-955a-528f23589e53&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=e01f2f6d-9461-41d4-955a-528f23589e53
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=liveintent&ssp_user_id=901a8cf9-38d2-46f9-a7e6-c48286d46b14&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171316077&expires=5&ssp=liveintent
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:02 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
//i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=901a8cf9-38d2-46f9-a7e6-c48286d46b14
Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
restricted
mid.rkdms.com/ Frame D6DE
Redirect Chain
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=e01f2f6d-9461-41d4-955a-528f23589e53&liid=&_ct=im&us_privacy=1---
  • https://mid.rkdms.com/restricted
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mid.rkdms.com/restricted
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
3.213.71.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-71-163.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Redirect headers

location
/restricted
date
Fri, 12 Aug 2022 08:55:01 GMT
server
nginx
content-length
0
/
loadus.exelator.com/load/ Frame D6DE 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=661&j=0&us_privacy=1---
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
06c8de27bc33407a9e48798bc73ff7df
i.liadm.com/s/e/35637/0/ Frame D6DE
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1---
  • https://i.liadm.com/s/35637?bidder_id=100905&amp;bidder_uuid=219843204241001060442
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F35637%2F0%2F06c8de27bc33407a9e48798bc73ff7df%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&e01f2f6d-9461-41d4-955a-528f...
  • https://i.liadm.com/s/e/35637/0/06c8de27bc33407a9e48798bc73ff7df?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/35637/0/06c8de27bc33407a9e48798bc73ff7df?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/35637/0/06c8de27bc33407a9e48798bc73ff7df?mpid=7156&muid=245162f6-1565-4700-8902-d0f2b420c1e3
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 12 Aug 2022 08:55:00 GMT
41715
i.liadm.com/s/ Frame D6DE
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D&us_privacy=1---
  • https://i.liadm.com/s/41715?bidder_id=127211
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/41715?bidder_id=127211
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
HTTP/1.1
Server
34.207.40.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-40-2.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 12 Aug 2022 08:55:01 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 12 Aug 2022 08:55:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://i.liadm.com/s/41715?bidder_id=127211
expires
0
cache-control
no-cache
x-server
10.45.12.1
content-length
0
x-consent
absent
501709.gif
idsync.rlcdn.com/ Frame D6DE
Redirect Chain
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e01f2f6d-9461-41d4-955a-528f23589e53&us_privacy=1---
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Def29a0f0-c194-4e8e-bb60-207a50ad...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-0123?s=&cim=&ps=true&ls=true&duid=null&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386
Date
Fri, 12 Aug 2022 08:55:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080801.js?cb=31068869
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40a8ee4e2266df2f54a010bcf3c4f5844bf3deb82fcf9088b7742b431df2c53b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 12 Aug 2022 08:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11106
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Aug 2022 08:55:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C13 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 07:49:04 GMT
expires
Sat, 12 Aug 2023 07:49:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BCE9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: dxw-ganhedinheiro.sa.com
URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d8cf7d25b74a37dcb76bd93ed25056c2788924c59d2ff81e582c9a64aca162f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QFVNDb5sMjybLAGaS8Md7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dxw-ganhedinheiro.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-QFVNDb5sMjybLAGaS8Md7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 08:55:02 GMT
expires
Fri, 12 Aug 2022 08:55:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame BCE9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080801&jk=1310723991844675&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame 6C13 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:35:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
173950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 08:35:53 GMT
generate_204
tpc.googlesyndication.com/ Frame 6C13 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DG4OCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:55:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080801&jk=1310723991844675&bg=!7u2l7anNAAa4hXTbmIU7ACkAdvg8Wi6sQe7EqNZQiWwhGLCJQJZZ4SHjugOM67ZSZ-WwTIClO7XGBAIAAABTUgAAAA9oAQeZAvfpY0cnJd3lZSwYujPOrjpAdw3fDUjxAd2Z11e9v5YxfefyHOL5ZbpUxAZP2Zx9fhOoJxaAh8vMLzzr-LBVrzJwSgZ0a727mKq-8KwbTM0U-rjkmLkEY2MOfUfblQbR1gqeDeWXDAxRCsEUzvMrxgHAuwvlByvb6HpMQ0Z1aQC6nlawT39BMgIE-_mXa-_N0a32QIYTg1uA1bpCmsEqPL1nEP2yM9ShWjtYs9NQvwdxwmObBV-Y8CyboI1yLPdzDxLwa5bOUFiti_r7-zj21rKrUCVFm2M0VZKpYGf7iTxx85L_uGBdfHdQsi7uMWIu8XnUUJGsKwxFMzPqCYuHaQ657HKTnQWIyU1sb29MC25Aye0P6FiXBWO4tiuSNp_SgBtBo9_6qDGzyQ1JYbSkSTaVez8pcEX9Gjxvfu6iy8wx4chSF7sPIQKqgrwV7WwWZUnTVxO_0hcvrf2KoYCErZ829CTL5YxO3_PhcxY6tn-dzQBD783hZzanltpTzBZIL748IqacVTTAdHUia80ixMVfPtndFsknPIm7eHwg55ZwIP8rjfmike_vF8GZrvCEKQkxvi6jJt9UkshlldpASTqqp5P6NJFhXCAVUkjFYspZqtKmIo-su6HDhT2g1B-Yl721vtpSagc204kxopBEld-XE4SfMEfRa8CPwbSw7hZo6LC8f1zRHKdkD8hN3FfEICH6xYG8F-_n7BtUGDeETQz8KzmL1REofSX0R7OuDkYgpVqaYiV_R7UXmEHHMwo53X0IB1LrOyeuk_H7YLIWKB4Qw4aozfSBFPImzvT7ThSCcnIfS7LXeLSPtT7gw_rmcmkWbnOxhVcrPFhZ5HER4pxRf2hKA7mfTscaNYOruV47n7CjZKb_w5-ttN9j4T0gGHnQJEjm-6KlenLYD9Cz7dx28l1g4nnhOgekSTrR4aKKJ8EcoLElVFpD_7HoWtcVTbimPBrNRkRjl0hEehJKmPgvdbRzG00nPZtJdh6BF7jW_tH3w_wG9iI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dxw-ganhedinheiro.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| LOTCC boolean| LEE_DS_V3 undefined| __CSP_NONCE function| __uspapi function| __tcfapi object| Osano function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o object| googletag boolean| apstagLOADED object| apstag undefined| amzHash undefined| amzToken object| APS_dfp_ads function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken object| sUserUUID object| regeneratorRuntime object| ox_esp function| __esp_getUID2Async object| __uid2 function| TNStats_Tracker object| TNTracker object| sUserPPID undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 boolean| creativeVendorLibraryLoaded object| google_tag_manager object| scripts string| ss undefined| rnd undefined| url number| _bcmc object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue function| __LEE object| d object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow object| pl function| fbq function| _fbq object| _comscore object| COMSCORE function| udm_ object| ns_p function| _typeof2 function| __liSync object| gaplugins object| Snowplow object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext undefined| google_measure_js_timing object| analytics object| _mather object| _matherq object| tid object| gaGlobal object| _snaq object| gaData function| bcPostNews function| hasClass function| hasId function| showElement function| hideElement function| getClosest function| isParent function| isHidden function| preventDefault function| getAttribute function| getElementsByClassName object| marketSnapshot function| tabClick object| bcModal function| UserStitch undefined| UserStitchID function| messagingCallback object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| LI object| __li__evt_bus object| liQ object| sifi_att_18068 object| litHtmlVersions object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| card_carousel_2461135 object| card_carousel_2461138 undefined| dl object| onFocusEvents object| ntv object| Nativo object| ntvToutAds object| PostRelease object| prdom boolean| onFocus object| overlayEl object| modalEl object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgUIChD-EjIFCH4Q_hIyBgiLARD-EjIFCHkQ_hIyBgiBARD-EjIFCAkQ_hIyCQj_____BxD-EjIFCAwQ_hI
.dxw-ganhedinheiro.sa.com/ Name: spses.eba5
Value: *
.dxw-ganhedinheiro.sa.com/ Name: spid.eba5
Value: f2a7d862-9a77-449e-a103-907139262259.1660294499.1.1660294499.1660294499.486c273d-a4af-43fd-8e63-445e1a91cfe9
.dxw-ganhedinheiro.sa.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.dxw-ganhedinheiro.sa.com/ Name: _gid
Value: GA1.3.472172644.1660294499
.dxw-ganhedinheiro.sa.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.dxw-ganhedinheiro.sa.com/ Name: _dc_gtm_UA-54716522-2
Value: 1
.dxw-ganhedinheiro.sa.com/ Name: _ga_NFTGWT90ER
Value: GS1.1.1660294499.1.0.1660294499.0
.dxw-ganhedinheiro.sa.com/ Name: _ga
Value: GA1.1.965119951.1660294499
.leetemplates.com/ Name: sp
Value: e6074438-6d3c-462d-b49e-4eed996dcc5b
.dxw-ganhedinheiro.sa.com/ Name: ajs_anonymous_id
Value: 00e47319-a5fb-4840-833a-99296421bee9
.dxw-ganhedinheiro.sa.com/ Name: _li_dcdm_c
Value: .dxw-ganhedinheiro.sa.com
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.openx.net/ Name: i
Value: 20dc3c93-b142-4331-ad0c-9c16fa174b67|1660294500
.dxw-ganhedinheiro.sa.com/ Name: _ga_F8FFLLVDEZ
Value: GS1.1.1660294499.1.0.1660294500.59
.doubleclick.net/ Name: IDE
Value: AHWqTUl1tVJUWrsYsHJxA0QLgTRx3qrOmeqJNpPIV9_-T3sMrGN7FVRD5iRKONII-yM
.dxw-ganhedinheiro.sa.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1660294499.1.0.1660294500.59
.dxw-ganhedinheiro.sa.com/ Name: _fbp
Value: fb.2.1660294499992.831152279
.dxw-ganhedinheiro.sa.com/ Name: _lc2_fpi
Value: 7c593df37abc--01ga8m73nd3p7kbdsjckv554ce
dxw-ganhedinheiro.sa.com/ Name: ntvSession
Value: {}
dxw-ganhedinheiro.sa.com/ Name: ntv_as_us_privacy
Value: 1---
.simpli.fi/ Name: suid
Value: 6B187942DA7B4958ACB82BB6A6406F04
.demdex.net/ Name: demdex
Value: 36243799403203327364515488766886192343
.postrelease.com/ Name: opt_out
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 36243799403203327364515488766886192343
.liadm.com/ Name: lidid
Value: e01f2f6d-9461-41d4-955a-528f23589e53
.addthis.com/ Name: na_id
Value: 2022081208550000045607464595
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62f615643433902b
.addthis.com/ Name: ouid
Value: 62f615640001d9beae643057333155b6b5d33139b5e26bf59717
.zemanta.com/ Name: zuid
Value: R4yqEPLelD0KTk4t7g6y
.dlx.addthis.com/ Name: na_sc_x
Value: 1
dxw-ganhedinheiro.sa.com/ Name: _liChk
Value: 0.3655510124649253
.bidswitch.net/ Name: c
Value: 1660294501
.bidswitch.net/ Name: tuuid_lu
Value: 1660294501
.mathtag.com/ Name: uuid
Value: 245162f6-1565-4700-8902-d0f2b420c1e3
.agkn.com/ Name: ab
Value: 0001%3AD6Ck8dz2Yn%2FrxovMH1RImW4eaiSAaNdA
.bidswitch.net/ Name: tuuid
Value: 901a8cf9-38d2-46f9-a7e6-c48286d46b14
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGwNDE3MDEwNBfiM9QNrXQyzLcsMA6uDPQBADqNJ-UlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3MjGwNDE3MDEwNBfiM9QNrXQyzLcsMA6uDPQBADqNJ-UlAAAA
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjn6jXVzZXJNYXRjaGluZ0lkJLqRbGFzdERyb3BUaW1lTWlsbGlzJQFBJCg5LqKYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQSQoOS6ij3RoaXJkUGFydHlVc2VySWRjOTAxYThjZjktMzhkMi00NmY5LWE3ZTYtYzQ4Mjg2ZDQ2YjE0+/uGdmVyc2lvbsL7
.yahoo.com/ Name: A3
Value: d=AQABBGUV9mICEAGi3o7u6bv2jPcj-FgMlXgFEgEBAQFm92L_YgAAAAAA_eMAAA&S=AQAAAtOeOsT_nyA0PK0pO_fSfYw
.rezync.com/ Name: zync-uuid
Value: 4c58d46d-980b-4e61-a817-2cfddf7c1d3f:1660294501.6134846
live.rezync.com/ Name: sd-session-id
Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiNGM1OGQ0NmQtOTgwYi00ZTYxLWE4MTctMmNmZGRmN2MxZDNmOjE2NjAyOTQ1MDEuNjEzNDg0NiJ9.YvYVZQ.lq-NuB84IzNonJeR5zQmgZtqd00
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_z3IsRWAIAwFwAmsmCO-fPiE4DZKzECWTmvnlfeUwdU9aCHT9RLeBjkdQ-rKiBwL0fKAmdbJrtgNjU57y_ZnJdoHiZhJt0oAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HAJOYjdKEghVu7ud7jlijKW7NBH7CXkDriM7Kr2RM2-QOrYthQnMS2MP4JrsvY6AAAA

9 Console Messages

Source Level URL
Text
network error URL: https://dxw-ganhedinheiro.sa.com/images/serif-ds.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dxw-ganhedinheiro.sa.com/images/serif-ds.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s3.amazonaws.com/js1.aws.barchart.com/private_labels/jquery.blockUI.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dxw-ganhedinheiro.sa.com/49_files/osano.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s3.amazonaws.com/js1.aws.barchart.com/private_labels/jquery.blockUI.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://dxw-ganhedinheiro.sa.com/49_files/aframe_data/sodar.htm
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dxw-ganhedinheiro.sa.com/tncms/tracking/classifieds/featured/?i=a95688ca-b454-57f8-a04a-77c3e8c012d6,7d9ee52c-1d24-53e7-bb8e-af0d1195fcd9,5a4c9827-d281-543f-8430-a30e012e37d3,2960720b-7daa-505a-8e1c-83a777144bd2,5e24bc1c-b457-5992-b128-d889ef0d61bd,29e81855-819c-56e0-a1ac-17c161509b40,5c422811-6dc9-59a8-8111-2cdc689119d4,76224a15-aa9e-5ac7-a37c-22446ede5f39,
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ef29a0f0-c194-4e8e-bb60-207a50ad2407%3A1660294501.509386
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4c58d46d-980b-4e61-a817-2cfddf7c1d3f%3A1660294501.6134846
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
aa.agkn.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
analytics.google.com
api.segment.io
b-code.liadm.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
cdn.segment.com
cmp.osano.com
connect.facebook.net
consent.api.osano.com
d1eoo1tco6rr5e.cloudfront.net
d796b7a02dc34817dfda6ba77997ddc9.safeframe.googlesyndication.com
dpm.demdex.net
dxw-ganhedinheiro.sa.com
google-bidout-d.openx.net
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
insight.adsrvr.org
jadserve.postrelease.com
js.matheranalytics.com
live.rezync.com
loadus.exelator.com
match.adsrvr.org
mid.rkdms.com
oa.openxcdn.net
oajs.openx.net
openfpcdn.io
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
prod.uidapi.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
s.ntv.io
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
shared.websol.barchart.com
stags.bluekai.com
stats.g.doubleclick.net
storage.googleapis.com
sync.crwdcntrl.net
sync.mathtag.com
tag.simpli.fi
tpc.googlesyndication.com
trc.taboola.com
ums.acuityplatform.com
www.agupdate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.hk
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
x.bidswitch.net
x.dlx.addthis.com
104.16.133.24
107.178.250.234
107.21.19.116
13.32.121.17
142.250.181.226
143.204.205.113
143.204.215.5
143.204.215.84
143.204.215.88
15.197.193.217
154.59.122.79
169.50.137.176
185.29.134.248
192.104.182.209
193.0.160.128
2001:4860:4802:32::36
23.35.237.64
2600:1f18:444a:4680:53a2:e8b9:dcbd:7f07
2600:1f18:730:b150:64a4:fa7e:99c4:8411
2600:9000:2057:ca00:8:8845:1500:93a1
2600:9000:206f:400:3:b7e:8940:93a1
2606:4700:3031::ac43:c6d3
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:827::2010
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:200::300
2a05:d018:d29:3602:68f1:8fce:a96f:e71c
3.126.140.73
3.136.53.155
3.213.71.163
34.102.146.192
34.102.205.239
34.120.107.143
34.207.40.2
34.231.90.216
34.246.144.250
34.98.64.218
35.244.174.68
52.17.63.11
52.213.127.205
52.222.209.55
52.34.77.50
54.231.139.160
54.78.145.15
54.78.254.47
64.202.112.191
65.9.66.84
66.155.71.149
69.192.160.219
99.86.8.175
0284f9037395ddc566160e9265aa01ffc07c05f189473b81df3dc75990c1081d
04320873d95f93d0d5716fdbb85dd65b273e98520cf2244e606c30d400e36d81
058cf8f33f01f0ead621b36d4f9b45a0c475aa06164133d19b5f73938ebe8394
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
088a75c567c50a8941b94f3352e3d17816788274d842c9789db85cae5fa7e957
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0ae34aa53ae8ee8b71c6d514634202aa46a34752c09dcce54625656f25dccd1b
0b6fc85d7c4763c8b5ca5b1cdd2071124e6c264e760205f296c205f80025d2e1
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
0ff6e0c896a291d25dbff97c3ce6942fc20cec28cb2c903f304d82cafddf5f8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
15f373e86326c9e804b6b6058a97c3bdea6f7287e874ca5453eec4cffaa4b63d
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
18e8208ea447a26b0cd4f5f2751d1dd717e689a559474e61acb4e3e674403e4d
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19016dc504e11edc70fbc0a027f61a3f587866f093f43538daef53690765410a
19123c8886ad1fbc1d697b67efe9b5203c4c827684550c74a868b14343324576
2077f4e1e3fcdfafc26cd4f0990b2ba09a3dc413614c204aa982036c2bde51e0
227fff75c4236d888dd7f5b7bdb52a1f7128ce90ca02e6e2b4c33a501ea4c89d
2654202ab3af93168351d77b33626d25965fa39f93752c6c17feb6f60bcc14c1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26ca36e5456d2951358d5274d4f59f5b910260cbed566cf875b5b62229e8ac5c
2929507c9fbe4cae52ccf4aed23f6bccb4b374e34108a7adafc0dfd1cae94819
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b1101c963b79f21fd78593903571825d96ab5702c867f653120b347cf2e30bc
2e47e4d17b0f68f7b03097b9b9ecafbffa4fc564460fbd591e6ca266aeb9070e
2e4ada6c145883e0e0429564a2800336d6ca410409676250c216843838f3b1e1
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
3848a80d46bc740ad38425936b6c8481ee34a88f032d251b04cc5f9d389cbe2c
384d1a9859c551ed8f751789414dc042c907ba0e3e56817e62197bf3a435154d
38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c
39f349c6b1ec3aed4e2fd2e260bc6ed205ae6f74c37b3022e23474e30b2bc3b4
39f7df787a969e1c859c9414732d303e2e5d8e72f8e2d87a15a4b2d6e467b871
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
40a8ee4e2266df2f54a010bcf3c4f5844bf3deb82fcf9088b7742b431df2c53b
451f8e9529835ccb74384f78717a3e58a0a4a73e7f896ad1388d4f07b367bab7
46910ea76e61695867195147fe8e877bb8bda61c8c569d09876adacc524a940e
4ed84ce525a93634474989bd62a5fc8dcb85ece93e35fcf7287e8bccebb03ed7
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
539a8cdd0fb6b2e37cbfcce981f3e3b9776eb084e05be8a3e0142d7af0ecb615
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f295553fdda2a7f1ee0e5dab92d82f2bace1df0a781117dee1cb06eacbf891
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5d6b20f41ec107ed1e3ddc9de038fbaaac888565c5bc872d539331eb8c69dab9
5f82a8f3d37c870e4040e224d318d452b0169e0fecaff69e9dccdb7fc4d25550
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d0527c70d142e47531487d1f3fd4347e0942cd9441d6c3ceedaa9a882eb4de
642b6858a16d6ef6f946970420062d668685f8ca88a930c024291ce3859e134c
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
67dbee4f8c45d2411654250e23a705bbe48c84c1a48c5f72d3ae8956a6c610fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6c7332021932fe6ffe7109de7a44ab336d713a8cb9d4d51a2ea312cfa9184296
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
722ccdb5002628eee48551b24fe16f672eaf8804d3cc632a70468f638ed90628
7403dc9316f335fc461a96b63c6a2c7810198a185e74abe7276a368aea4bef2e
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
76f397860fdbb6af803c992e98410931acf62c1eed492e3279bd9126e59f1889
78340dabd2984895b85f1a3a19cf21fed26d6d4c57038709dbcf94222f6952ce
79bf4067ef3c820013623ca574f0abc621746cc5625dbf7caddd205cc762aa2f
7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654
7d8d8fdc515818edde1db1ac69ba848bc7be5f4b8699cae128ae2592f4651897
7d9d53105d033aeb9ba41cb7dbfb81df43d9c9a0a6dba205d2718a5fd418cb34
7deb943d37dcd32d0e90a073c188fe91adf4fcc04b211f581ba3e81be3ec003b
816864c47ef33beb6793473627ddb9702647831e6998550160f00e7700ceb16a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849295b7bef2dec6e6f087a071d0012e51e2ceb10b3a0e7d5ad12319867c30de
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8a201bb17f3a420ef8fd88b05087c42993323f01f46b0022a93e38f8a7d7f16e
8a48cc71cbcf735724b5900ae6e9adbc2ba385e7576d60202aef8a502ebfcddd
8b3ccc5e95f0e305591abcc2b470928b5f9025eed164d8549ca0d3e6163fc84e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66
8ef89f51d03076596f3847592e9f27e48eadb9a59f69898951f3cde868a8483d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932c85367ca5932045db7af647b099796ccb5eac3d80728046e2b4607e6fbaee
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
98a27f5ee59539490c426f333fc2150d5f10d795519756162d6a246aa8ba8874
98b96e55590ca61c1a01c453d902914a10d6a264180dd9107b521f3da99a5585
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9c019c9345af6886724f70bf7a7759bbc89c7e5abf5d3b62148cfaa947cf8b03
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8f24f433d9f85c20b48a50674f938df79580cb018266230d0603b346237479e
aa8ac0ab1b4cc9b24414e4d102ba708053e4c4febdbc36848a999c001086184d
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1301fbe6bc0262640659ba28b6c37dab827820e27e0b4a97a83a1e8d0bf5356
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b55f77744c64b423aa9aebf98a96a758b2d1dc27a847e31e28eccc34d9ae3ac8
b91fce6ebc5e05ee3f1bc9ccea48e28c11771c4d7e63ba3ca50905f2e47c6351
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
c0a85763530b2b70844b40236b75c19f8a8d65eecab19e2c977b3607fe58f5c3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbace89cedbcb7914c6e64676bdbae21a84974219a581c6c3af909c6570f35f6
cc865dd4008d9a847f50be89a17f86ba6cb70eb71d497decb13c56bfdd1df0cb
d24874bc8357681b422965d43f16b238c4723fdb73af98499247549c3f926f54
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d68db9eee92caf102ed5beb7a7de045cee15d0695942454d17bdf080ed38750b
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8cf7d25b74a37dcb76bd93ed25056c2788924c59d2ff81e582c9a64aca162f6
d9548550e578aa716083297856744204e4d1dcdb646097fc9c73e7da9cec1555
dae3c852755a816bd36e0f2a7d29296cd219f4cdc132c5f32e891a9a40831c67
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f7b5737b6ce872a31d4e2e652fbd370fa892d703122f676ba09badfb578adc
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e9c45dea6d149ac4de08c8a5af38836a97d0c08144d2f1858247748b29615da3
eafefa85896ae3b75ca9550945671a6f94ee2d8210a0bb132286d7e434f94946
ebc3f0c8c6afe06f2dd7950fd4776b47567c5e0784f2c843cbde6276ab3d9982
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee8e52ce42c6ab15755c51ad97ef8c862ea0b9c7af3145563950cbd7737ce3db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f454c7fe3cbdbed1667f7614b8af0a5e3e8933a35b5c054853ff66e0e62f1738
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f6e4eebb7eb78d6cec9b4a49b5f498b16b71b3837866c71cd86a9623f9fe5b42
f9d7eee4bb81b63ba2ef026669127bcb3950040dfc13482e82238a120a0418e0
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f