www.geradordecep.com.br Open in urlscan Pro
192.241.141.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.geradordecep.com.br/
Effective URL:
https://www.geradordecep.com.br/
Submission: On February 16 via api (February 16th 2024, 7:26:06 pm UTC) from US — Scanned from DE

Summary HTTP 246 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 23 domains to perform 246 HTTP transactions. The main IP is 192.241.141.27, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.geradordecep.com.br.
TLS certificate: Issued by R3 on January 3rd 2024. Valid for: 3 months.

This is the only time www.geradordecep.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	192.241.141.27 192.241.141.27	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
49	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::6812:2a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6 6	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3 6	34.240.0.127 34.240.0.127	() ()
38	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
9	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4001:c5c::78	15169 (GOOGLE) (GOOGLE)
1	142.251.168.154 142.251.168.154	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:8a10:6709:5018:5354	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2600:9000:212... 2600:9000:2127:7c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5f::7	15169 (GOOGLE) (GOOGLE)
13	2600:1f13:800... 2600:1f13:800:7781:2b49:c39c:c642:eb	16509 (AMAZON-02) (AMAZON-02)
246	32

14 192.241.141.27 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.geradordecep.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.151.101 (San Francisco, United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.53 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.240.0.127 (Dublin, Ireland) 3 redirects

ASN- ()
PTR: ec2-34-240-0-127.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4001:c5c::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.168.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.90 (Amsterdam, Netherlands) 4 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:8a10:6709:5018:5354 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2127:7c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5f::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5e6nsz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:1f13:800:7781:2b49:c39c:c642:eb (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	1 MB
52	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 113 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 bid.g.doubleclick.net — Cisco Umbrella Rank: 1015	312 KB
41	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r2---sn-4g5e6nsz.c.2mdn.net	489 KB
25	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 664 dt.adsafeprotected.com — Cisco Umbrella Rank: 638	314 KB
14	geradordecep.com.br 1 redirects www.geradordecep.com.br	288 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	97 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 imasdk.googleapis.com — Cisco Umbrella Rank: 476	140 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	86 KB
6	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	6 KB
6	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696	3 KB
5	creativecdn.com 4 redirects creativecdn.com — Cisco Umbrella Rank: 513 cm.creativecdn.com — Cisco Umbrella Rank: 2115	3 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	815 B
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 26064 ui.cleverwebserver.com — Cisco Umbrella Rank: 27020 call.cleverwebserver.com — Cisco Umbrella Rank: 27874	67 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 2000	21 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1531	453 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 640	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1056 s.tribalfusion.com — Cisco Umbrella Rank: 2588	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	89 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	151 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 632	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 519	717 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	2 KB
246	23

	Domain	Requested by
49	pagead2.googlesyndication.com	www.geradordecep.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
38	s0.2mdn.net	www.geradordecep.com.br s0.2mdn.net
30	tpc.googlesyndication.com	googleads.g.doubleclick.net www.geradordecep.com.br tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
23	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.geradordecep.com.br googleads.g.doubleclick.net
18	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net www.geradordecep.com.br
14	www.geradordecep.com.br	1 redirects www.geradordecep.com.br
13	dt.adsafeprotected.com	googleads.g.doubleclick.net
9	googleads4.g.doubleclick.net	www.geradordecep.com.br
6	static.adsafeprotected.com	googleads.g.doubleclick.net
6	cdnjs.cloudflare.com	s0.2mdn.net
6	fw.adsafeprotected.com	3 redirects www.geradordecep.com.br
6	ib.adnxs.com	6 redirects
6	dsum-sec.casalemedia.com	6 redirects
4	creativecdn.com	4 redirects
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net www.geradordecep.com.br
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	r2---sn-4g5e6nsz.c.2mdn.net	www.geradordecep.com.br
2	sync.teads.tv	1 redirects www.geradordecep.com.br
2	c1.adform.net	2 redirects
2	www.googleadservices.com	www.geradordecep.com.br
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.geradordecep.com.br connect.facebook.net
2	www.googletagmanager.com	www.geradordecep.com.br www.googletagmanager.com
1	gcdn.2mdn.net	1 redirects
1	cm.creativecdn.com	www.geradordecep.com.br
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	www.geradordecep.com.br
1	a.tribalfusion.com	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	call.cleverwebserver.com	www.geradordecep.com.br
1	ui.cleverwebserver.com	www.geradordecep.com.br
1	www.facebook.com	connect.facebook.net
1	scripts.cleverwebserver.com	www.geradordecep.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
246	40

This site contains links to these domains. Also see Links.

Domain
www.correios.com.br

Subject Issuer	Validity	Valid
geradordecep.com.br R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-26` - `2024-02-24`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-13` - `2024-04-23`	2 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://www.geradordecep.com.br/
Frame ID: 2BEACC019B1B14AA6AF4B16AEE346818
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html
Frame ID: 8EB55AFA493D8779A6ECB648A4773430
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&adk=1812271804&adf=3025194257&lmt=1708111560&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560438&bpp=2&bdt=96&idt=217&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848482955897&frm=20&pv=2&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=227
Frame ID: 116362D27CFEB74291D2359A0718F53D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2397655178&adk=387046663&adf=3577813278&pi=t.ma~as.2397655178&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=3&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560440&bpp=1&bdt=98&idt=230&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=232
Frame ID: DB5E0D476928DC46D6DF1D394E221064
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2237873076&adk=419812926&adf=1925477558&pi=t.ma~as.2237873076&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560441&bpp=1&bdt=100&idt=236&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=238
Frame ID: 8A023742CC0CBF019E608FE027748546
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2176407679&adk=1739507383&adf=454120413&pi=t.ma~as.2176407679&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560442&bpp=1&bdt=101&idt=240&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=244
Frame ID: E93FB8D39A018A8DD215E2FD9E5C2C71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=200&slotname=4136873523&adk=2913689627&adf=1925112596&pi=t.ma~as.4136873523&w=1092&fwrn=4&lmt=1708111560&rafmt=11&format=1092x200&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560442&bpp=1&bdt=100&idt=247&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=249
Frame ID: F0C2F4122BF51941815DDC7604A1A342
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2531630895&adk=4280773840&adf=3458204790&pi=t.ma~as.2531630895&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560443&bpp=1&bdt=101&idt=251&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=3718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=252
Frame ID: 3B5FEB7B0ED589476750E90BA0CA1B7E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7285ee510a9e495c%26domain%3Dwww.geradordecep.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordecep.com.br%252Ff0748641a3f662566%26relation%3Dparent.parent&container_width=1116&href=https%3A%2F%2Fwww.geradordecep.com.br%2F&layout=box_count&locale=pt_BR&sdk=joey&share=true&show_faces=false&size=large
Frame ID: 51030BF34570BA99E999731686E6C311
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&adk=3232283153&adf=805528431&pi=t.aa~a.4027807430~i.5~rp.4&w=1092&fwrn=4&fwrnh=100&lmt=1708111561&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3144298019&ad_type=text_image&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rh=200&rw=1092&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561449&bpp=1&bdt=1107&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280&nras=2&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=3
Frame ID: DBD4C0B325F76D590B18386F1759B1EB
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=90&adk=123718454&adf=2454748148&pi=t.aa~a.1972975535~rp.4&w=1116&fwrn=4&fwrnh=100&lmt=1708111561&rafmt=1&to=qs&pwprc=3144298019&format=1116x90&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561459&bpp=1&bdt=1117&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280%2C1092x280&nras=3&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=3808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=3
Frame ID: A4879AE2C1384C1FE14297A1803B2D4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0E5188254ED8B969D512BDC1D538D316
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F6C2004F61C1263DB9B911EBD201AC88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 927102FE289645D7C9CD31B347B0C93B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 7673DFEC6D16296A323BA53D9103F22F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNVqyGGN1UbCKe12h6JjshxEm4Dloob73iGUICesA-q--GWITCbpLdAlGQKKgzu01g4aPB-xozlUzv_sq_9g8K7dbTYUxXzli8ImbitdJzwr7_xrzmcCu8SWCrA-gZNTiHXdqiaU_3nKpqJt0dHbiZyM3SEs3vwdX7nZqgKXzW2lO-BRaYo
Frame ID: 3BA358E0D53217478545C8A44C369798
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 6696B2EC48D5F7754E391FF4A7A74689
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGO221YACMAE&v=APEucNVB6cvyeq5Cu23dmkW8yQwax_QXB0BW1qVGoBhrwkRItRSybbc8usz7Zn62Be4zGaNd4HTJR103UVlqW11tDJXfSZdqzlBj_1AqRR-JCC6PjSsFD2BDCIa7plNh2ZOIwxogxDH7JGQQclCj8XRX_xBqmk5jMnLB_oVyMUnz3ZHxZjbrEOc
Frame ID: E6ADE4177F326337418900B4F1AAC456
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: DF137FD8C1AD143493F7BBFDDEA5BDB6
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNUHzCdJrAvVCBsI2vvWMt2T_oKbgOAxn96y2xWXNkVCQ9IHKRO6GqfDMt082ZqX1DAnW2VEtYn1aXTvOEu9bAxL9sDWKRIm9aOSq2nP51aH5b_hmYGmRaOr20BksSIDEBHUruF-cFBnhBHcZBBBY3U3K75__t3O_Eg72b6XFzI9rer9320
Frame ID: 82D919C3F52102CAA02DEB31D5C1DB94
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8C1CE7EFAD9CDF9E81D27FE0DB55900C
Requests: 25 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1DB56BDA903B450CE2A1FA1848442539
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3B88B84FD44FF20C0E30FF76545FC276
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: EC3F1AD574C9FD50022FBD0EEB138FC3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 70D61E935173CCBFA25EE20189E7F8D0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Frame ID: 0F1EB9E4E0C875003F80B81252F78E47
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
Frame ID: 43F4416831C4D6544DF2A054AB37CEBF
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 88BC2CE892DBF7AEAA3F464CF7F1B98A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 0359BAD19530380C26515FFBD9F9AAA9
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
Frame ID: 4EE21E38B225082F54A199F5A7D86635
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 69B41DDF7947C36F5AB046399B5A6692
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6FF5938ADF804DF9A70C0F4AF4A1829B
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D4C8B3C3D5EAAA6C8A08D20F4E6D3F57
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 400F06465BEA203AE545575D6489BE10
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 77D50A5565D0FB6343C0B2C4D547BC97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 874CFC271C6016C0246DC90B88DC0249
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 15016F626E4915695A5486C8313A1AA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D45659A808FF3E4D953C6A96F336DED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gerador de CEP Válido

Page URL History Show full URLs

http://www.geradordecep.com.br/ HTTP 301
https://www.geradordecep.com.br/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

246
Requests

93 %
HTTPS

67 %
IPv6

23
Domains

40
Subdomains

32
IPs

7
Countries

3112 kB
Transfer

8547 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.correios.com.br/
Title: Correios

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.geradordecep.com.br/ HTTP 301
https://www.geradordecep.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNzk4Mjc2NjMxNDA5NzEzOQ%3D%3D

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPPEAAG6UAAHsrQAA

Request Chain 87

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 133

https://googleads.g.doubleclick.net/pagead/adview?ai=CnUAKyLbPZcqyMomUid4PnoaDmALygK6vdIbinfGDEmQQASCSsKFoYJXikIKgB6ABiIq_jSnIAQmoAwHIA8sEqgTlAU_QxmRHjF30lGW-_TnswfCTSE7FIdXKMg-CzGNIBe6D4eRP1TUKufd4uJwBHB9ywlVvq_t_Vjswjgdw2DzRu5UonZCSuviepiFAocyZgSPQMIMGdOTkVbq1mcPQlXqMDY0qxB8QJYtBgywCagqDy1GVHtJIwYFCVbC0rNdBZagOQrfiN5QE0kUCz2dNls43VqlBnJZF6AzOc1SaLndfduuBBG5wdGP7-5r9bP0PSzN9vvI_euFUWHGqYlh84ZpiJsVyflLM6Q91RzJ-ll7gpqz64acRxCf1yMGj73ZE05479IEWUbjABI_W8sfUBIgF6NX1uU2SBQQIBBgBkgUECAUYBKAGLoAHiMKP7QOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAPIHBBDBsAzSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOlia-762y7CEA5oJH2h0dHBzOi8vc2lnbmF0dXJlcHJvZGVzaWduLmNvbS-ACgHICwHYEw6IFAjQFQGAFwGyFxwKGggAEhRwdWItNDc2MTk0NTg4NzgxMjE0NxgA&sigh=LKdwUe5NKos&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_VClyqQ5gRM3-wklRkHqqFb_WxdefeeQuAJidZ3YMgoqHm2DpU3Drkccamby9uHovHHJRsaBkr2PHYHv57nHOxloLxd5oJN7MqqAYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216848757676451162752%22,%22debug_reporting%22:true,%22destination%22:%22https://signatureprodesign.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211034150152%22],%2222%22:[%22true%22],%224%22:[%2202-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22854416575403095025%22}&andc=true

Request Chain 192

https://a.tribalfusion.com/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 193

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6fkkbJ4KGTLRp9rg HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6fkkbJ4KGTLRp9rg&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6fkkbJ4KGTLRp9rg&tc=1

Request Chain 194

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELnDIkY2xM1LqAQigFhBIw4&google_cver=1&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE08ad63FtS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE08ad63FtS&google_hm=eS1RWUx2NS5aRTJwRTg2R0Q0cjk0SmVITmNoSmYxYjU5WH5B

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdoxUsVCECVNXEt4gpMCv8&google_cver=1&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3ikZNT5shB2OJH2NG1gnJ37nXh HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIdoxUsVCECVNXEt4gpMCv8&google_cver=1&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3ikZNT5shB2OJH2NG1gnJ37nXh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODU4MjEwMDYyMTI0Mzk1OQ&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3ikZNT5shB2OJH2NG1gnJ37nXh

Request Chain 197

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmSBg8_A1LlFbpozlxtQn8Gy43undOJ6cUMXeOnblUNwkvooAX0e-UpziyeIeiP8lI5zfABMlJk298Cf_-dwXX0kgabx-lJRLkXavw HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmSBg8_A1LlFbpozlxtQn8Gy43undOJ6cUMXeOnblUNwkvooAX0e-UpziyeIeiP8lI5zfABMlJk298Cf_-dwXX0kgabx-lJRLkXavw&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmSBg8_A1LlFbpozlxtQn8Gy43undOJ6cUMXeOnblUNwkvooAX0e-UpziyeIeiP8lI5zfABMlJk298Cf_-dwXX0kgabx-lJRLkXavw&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

Request Chain 198

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIX0ZIFOD-wiyHrTSEIpZHY&google_cver=1&google_push=AXcoOmRydYaARFrvNT2KghgUVZGlfq2b9DWr7hRKBMHI8dm9AIp1-kqwOOpShGr3XiUrOGW5Rgpu3VYo6hxqnGT9q8Yaptvae1E3PrjwzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRydYaARFrvNT2KghgUVZGlfq2b9DWr7hRKBMHI8dm9AIp1-kqwOOpShGr3XiUrOGW5Rgpu3VYo6hxqnGT9q8Yaptvae1E3PrjwzQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 201

https://fw.adsafeprotected.com/rfw/st/1874223/77019497/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20833644696&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g7ZvgdcSD0GcU8Tp6nZ_eo&adContainerId=brand_safety_ybbPZe7SKuyl9u8Pp4aaiA8&cbFunctionName=goog_wrapCb_ybbPZe7SKuyl9u8Pp4aaiA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-4761945887812147%26fa%3D3%26ifi%3D10%26uci%3Da!a%26btvi%3D5&adsafe_type=be&adsafe_jsinfo=,id:ac76f0b6-9cbe-cecb-e404-cfea2fa7869d,c:4pWPVx,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-95ddd,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,tdt:s,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1*.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1c1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:3883633b-cd01-11ee-b3b0-2ed7242d2d11,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 203

https://fw.adsafeprotected.com/rfw/st/1874223/77019475/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iaoUQmNnnLrhR6lSbvuRFg&adContainerId=brand_safety_ybbPZa2FLLK59u8PoqaSiAQ&cbFunctionName=goog_wrapCb_ybbPZa2FLLK59u8PoqaSiAQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-4761945887812147%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D6&adsafe_type=be&adsafe_jsinfo=,id:e537b87a-4e1a-9e34-99c8-54c990aab4d3,c:4pWPW9,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-9pwxz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,tdt:s,fm:u4tM2C7+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1*.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1d1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:14,oid:38836300-cd01-11ee-9af3-9adfd6772a1f,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 205

https://fw.adsafeprotected.com/rfw/st/1874223/77019492/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iWkJv7-snBGCNzi7lSQ-io&adContainerId=brand_safety_ybbPZbWqLLes9u8P2L6JMA&cbFunctionName=goog_wrapCb_ybbPZbWqLLes9u8P2L6JMA&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.geradordecep.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240214%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-4761945887812147%26fa%3D1%26ifi%3D12%26uci%3Da!c%26btvi%3D7&adsafe_type=be&adsafe_jsinfo=,id:9f67683d-7f02-b105-d20e-837b36f77266,c:4pWPWJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-574dd564c-ld44m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,tdt:s,fm:u4tM2CE+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c11%7C1c121%7C1c13%7C1c14%7C1d11%7C1d12%7C1d13%7C1d14%7C1e1*.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1e1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:38836390-cd01-11ee-b02d-e6bd9250c5bd,v:19.8.483,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 209

https://gcdn.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2C6E76FF856887F3F83408C3E5B00338AA07AA9E.29CC91B24C69D787D855E93A7B9DBED3A491E1F8/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8309736A6877F4FF9943DB58F628FE2695D63C40.3193B98AF040EEE5EF05DA6B2CB4E53CC82F0542/key/cms1/cms_redirect/yes/mh/qT/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1708110637/mv/u/mvi/2/pl/52/file/file.mp4

246 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.geradordecep.com.br/
Redirect Chain

http://www.geradordecep.com.br/
https://www.geradordecep.com.br/

35 KB
11 KB

333ms
141ms

Document
text/html

192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 70a135756a8ceae7ace08b7a684539f821ff5b8f61fa37f14e55cfa030fb0fa0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, proxy-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 10580
Content-Type: text/html; charset=UTF-8
Date: Fri, 16 Feb 2024 19:26:00 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
X-Mod-Pagespeed: 1.13.35.2-0

Redirect headers

Connection: Keep-Alive
Content-Length: 329
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 16 Feb 2024 19:25:59 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.geradordecep.com.br/
Server: Apache/2.4.18 (Ubuntu)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
70 KB 47ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17536895-21

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

957456efcd78e43e461d13e0586a24ec6428c4450e5f0005e362bc07b6cae07d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70807
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 19:26:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826dd1f5c4acf3e828e03e22aaaf9cd31a64e2d8413a4f33cc9062a885fe321c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51533
x-xss-protection: 0
server: cafe
etag: 15956615092069339085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 16 Feb 2024 19:26:00 GMT

GET
H/1.1 200
OK xcep.png.pagespeed.ic.1j-voyZUhT.webp
www.geradordecep.com.br/ 2 KB
2 KB 101ms
100ms Image
image/webp 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geradordecep.com.br/xcep.png.pagespeed.ic.1j-voyZUhT.webp
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6c6448035dec0a5e4309b6020fa309d0f2630651bb01def833cc409e0fdef99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Last-Modified: Wed, 14 Feb 2024 02:11:14 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Original-Content-Length: 2229
Etag: W/"0"
Content-Type: image/webp
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Link: <https://www.geradordecep.com.br/cep.png>; rel="canonical"
Content-Length: 1672
Keep-Alive: timeout=5, max=99
Expires: Thu, 13 Feb 2025 02:11:14 GMT

GET
H/1.1 200
OK jquery-3.2.1.min.js.pagespeed.jm.Y8jX7FH_5H.js Show response
www.geradordecep.com.br/assets/js/ 85 KB
30 KB 581ms
95ms Script
application/javascript 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/js/jquery-3.2.1.min.js.pagespeed.jm.Y8jX7FH_5H.js
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 83c8a18f3637cd30d3e3d387e7f21eea917d52b5a466df6e88cb68ff44df79da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2024 18:57:01 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Original-Content-Length: 86659
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 30062
Expires: Thu, 13 Feb 2025 18:57:01 GMT

GET
H/1.1 200
OK bootstrap.min.js.pagespeed.jm.Rd0OyYl9HU.js Show response
www.geradordecep.com.br/assets/js/ 48 KB
13 KB 662ms
92ms Script
application/javascript 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/js/bootstrap.min.js.pagespeed.jm.Rd0OyYl9HU.js
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 4f832eb2e911cb43614e2b9be7083e8c40cc5fefc8512f59b6b5c4ff468841d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Feb 2024 18:22:32 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Original-Content-Length: 48950
Etag: W/"0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 12893
Expires: Fri, 14 Feb 2025 18:22:32 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b5eb737e20fa11ace6ddbc922d8538dc52384cddd4364a0330316b8e7bfe6c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 19:26:00 GMT
content-md5: jDkeKo3NG4tZgwaxLCpu/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 9A9XaEcG7ScfuKY2vWHuEb3y1ilNuSOW6thvSQMS8+WEzkyUHjct2oXBm5SfAQxZxvPMr0UbaFARq44qXvWxmA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 198400962525a0a080c54b91cc419bef
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "57f41879b790925ebe0b07486104c033"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:28:36 GMT

GET
DATA 200
OK truncated
/ 458 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3498d9fbedd26b6b7ef0bf1fbefb11567850a3c584e2f804e43c24b93122ae2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK rubik-v7-latin-300.woff2
www.geradordecep.com.br/assets/fonts/ 20 KB
21 KB 173ms
92ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-300.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c97238c3c1826119a2375a234401dea3631ad1ac29973bdf94bba87f0bcc80dc

Request headers

Referer: https://www.geradordecep.com.br/
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5138-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 20792

GET
H/1.1 200
OK rubik-v7-latin-regular.woff2
www.geradordecep.com.br/assets/fonts/ 22 KB
22 KB 269ms
95ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-regular.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d09dd002cdf8c4c75e79eae2a6dbc0b7570a49d0fcc38f9ae9184f3f69a8376d

Request headers

Referer: https://www.geradordecep.com.br/
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "573c-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 22332

GET
H/1.1 200
OK rubik-v7-latin-500.woff2
www.geradordecep.com.br/assets/fonts/ 22 KB
23 KB 363ms
93ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-500.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 44e5ecd033195f9bc51fb43490cf34de7ffe42e0828b6e1d84a18c9021353419

Request headers

Referer: https://www.geradordecep.com.br/
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "59d8-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 23000

GET
H/1.1 200
OK entypo.woff2
www.geradordecep.com.br/assets/fonts/ 42 KB
42 KB 461ms
97ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/entypo.woff2?79395234
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 200f412fc76589d1833699b2be6dc03901befd36ad15355347988b86b8c4ac75

Request headers

Referer: https://www.geradordecep.com.br/
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:00 GMT
Last-Modified: Wed, 06 Jun 2018 18:32:31 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "a840-56dfd63bc6dc0"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 43072

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 298 KB
85 KB 15ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=b3fcde47eef46ce421f0d5a93e917c24

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86081b16052ed61d175793a538134432d860330c83484abab4e3b31b655d72e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.geradordecep.com.br/
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 19:26:00 GMT
content-md5: hJY9tnQjuheHatgtO6X0GQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87254
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: z1d4JGGUJO2I6DDeimg1RojxG7zcCmy1bDwYorvjNDvLBjzhUevBPjIveN3URGL2rCkiBH/gDfqn5r+ugTRwfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 065fb4a087472e666e26c797f1f1faa5
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "99229c77418cfbed68318cadbf0986cf"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 15 Feb 2025 18:37:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-75EYQ743ZZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17536895-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb21822dbf89641285c534464bde88585b53be428784960269a13e92c65067eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83147
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 19:26:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17536895-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 17:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 16 Feb 2024 19:48:09 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4761945887812147&plah=www.geradordecep.com.br&aplac=true&bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad393a4d199e746ce55f05fe6d35a31bffceb0546071cadbd94dc1c4a22f4d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141260
x-xss-protection: 0
server: cafe
etag: 11372500666987290686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/ Frame 8EB5 9 KB
5 KB 29ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 01:37:21 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 01:37:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
213 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1824659108&t=pageview&_s=1&dl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ul=en-us&de=UTF-8&dt=Gerador%20de%20CEP%20V%C3%A1lido&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2004132862&gjid=2095911374&cid=1511135010.1708111560&tid=UA-17536895-21&_gid=1682870141.1708111560&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=463892344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geradordecep.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geradordecep.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 35ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-75EYQ743ZZ&gtm=45je42e0v9119028400za200&_p=1708111560355&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1511135010.1708111560&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708111560&sct=1&seg=0&dl=https%3A%2F%2Fwww.geradordecep.com.br%2F&dt=Gerador%20de%20CEP%20V%C3%A1lido&en=page_view&_fv=1&_ss=1&tfd=882
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75EYQ743ZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geradordecep.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-17536895-21&cid=1511135010.1708111560&jid=2004132862&gjid=2095911374&_gid=1682870141.1708111560&_u=YEBAAUAAAAAAACAAI~&z=1651953619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geradordecep.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Feb 2024 19:26:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.geradordecep.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1163 311 KB
70 KB 751ms
751ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&adk=1812271804&adf=3025194257&lmt=1708111560&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560438&bpp=2&bdt=96&idt=217&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7848482955897&frm=20&pv=2&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=227

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4761945887812147&plah=www.geradordecep.com.br&aplac=true&bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0eae77b277d8ad31b1a10cdec84187ccbe59caef417d1b81068c5df44f62dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 71110
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB5E 133 KB
43 KB 1019ms
1019ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2397655178&adk=387046663&adf=3577813278&pi=t.ma~as.2397655178&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=3&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560440&bpp=1&bdt=98&idt=230&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=232

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3410c41ecbf4f6591e534da7336102feb54c37574e90287cdabc5a47519b043c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43760
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A02 870 B
629 B 542ms
542ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2237873076&adk=419812926&adf=1925477558&pi=t.ma~as.2237873076&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560441&bpp=1&bdt=100&idt=236&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=785&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

462ee8149f21bb533b1bace4d6a8cdc6c9b7f150cbcfaf1619b1fdb32e0c1942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E93F 870 B
435 B 481ms
481ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2176407679&adk=1739507383&adf=454120413&pi=t.ma~as.2176407679&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560442&bpp=1&bdt=101&idt=240&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=1092&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=244

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e88f180655112fff6b7e61b9d5e10f94652d17983f6b4c4af64dcfc8037dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0C2 870 B
436 B 431ms
431ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=200&slotname=4136873523&adk=2913689627&adf=1925112596&pi=t.ma~as.4136873523&w=1092&fwrn=4&lmt=1708111560&rafmt=11&format=1092x200&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560442&bpp=1&bdt=100&idt=247&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0de6bf3a854d7b6af927528775296000921edab2798e2882cd805f280770bb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B5F 870 B
437 B 419ms
418ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2531630895&adk=4280773840&adf=3458204790&pi=t.ma~as.2531630895&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=1&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560443&bpp=1&bdt=101&idt=251&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=3718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=2&fsb=1&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da83742b7fb2249883e450cc5f0875420b06e4990871256b38b98a51572585fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 27bdd32dd02a4297ce8d992cad0c70e2.js Show response
scripts.cleverwebserver.com/ 173 KB
66 KB 214ms
177ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/27bdd32dd02a4297ce8d992cad0c70e2.js
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4219de5f0ca7f22b37020e6678c1bbedba4c3530ecff943a9de51bbe833366ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
x-amz-version-id: Na2kYVwVOPd1k1DsIHxunod3K8FMRZ0w
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Feb 2024 10:47:32 GMT
server: cloudflare
x-amz-request-id: EAFXFEVN9RKNW0G9
etag: W/"479566bcb217858eef7899aab7f53269"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 85682e08aac81c01-FRA
x-amz-id-2: uqL9O76AlkogxXPlIPW6umTHgNSL8oyar7vg1fwhnvyUKQv4W0UXEueWHN44ruoCvd0NxuoBr5U=
expires: Fri, 16 Feb 2024 19:56:01 GMT

GET
H2 200 like.php Show response
www.facebook.com/v3.0/plugins/ Frame 5103 0
2 KB 39ms
26ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7285ee510a9e495c%26domain%3Dwww.geradordecep.com.br%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.geradordecep.com.br%252Ff0748641a3f662566%26relation%3Dparent.parent&container_width=1116&href=https%3A%2F%2Fwww.geradordecep.com.br%2F&layout=box_count&locale=pt_BR&sdk=joey&share=true&show_faces=false&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=b3fcde47eef46ce421f0d5a93e917c24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: HWHh/oMS+0YZqxhmn79o2Z1oOdmYqWhFiLe2a5B5Wf5Oq+Cwpjxwh8Yps1uZflHEIC1vwTG743Jk7FQ6KlS0kA==
x-xss-protection: 0

GET
H/1.1 200
OK estilo-gerador-cep.css
www.geradordecep.com.br/assets/css/ 86 KB
17 KB 92ms
92ms Stylesheet
text/css 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache/2.4.18 (Ubuntu) /

Resource Hash

c01626395cf8ca2503118cc6e347502f848964b5917425659176d1ba65935a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Aug 2018 18:46:52 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Original-Content-Length: 87584
ETag: "15620-572783c029f00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 16633

GET
H/1.1 200
OK rubik-v7-latin-regular.woff2
www.geradordecep.com.br/assets/fonts/ 22 KB
22 KB 103ms
103ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-regular.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: d09dd002cdf8c4c75e79eae2a6dbc0b7570a49d0fcc38f9ae9184f3f69a8376d

Request headers

Referer: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:01 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "573c-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 22332

GET
H/1.1 200
OK rubik-v7-latin-300.woff2
www.geradordecep.com.br/assets/fonts/ 20 KB
21 KB 94ms
94ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-300.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c97238c3c1826119a2375a234401dea3631ad1ac29973bdf94bba87f0bcc80dc

Request headers

Referer: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:01 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "5138-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20792

GET
H/1.1 200
OK rubik-v7-latin-500.woff2
www.geradordecep.com.br/assets/fonts/ 22 KB
23 KB 101ms
101ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/rubik-v7-latin-500.woff2
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 44e5ecd033195f9bc51fb43490cf34de7ffe42e0828b6e1d84a18c9021353419

Request headers

Referer: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:01 GMT
Last-Modified: Tue, 31 Jul 2018 18:58:32 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "59d8-572502a0d0600"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23000

GET
H/1.1 200
OK entypo.woff2
www.geradordecep.com.br/assets/fonts/ 42 KB
42 KB 208ms
92ms Font
application/octet-stream 192.241.141.27
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.geradordecep.com.br/assets/fonts/entypo.woff2?79395234
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.241.141.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 200f412fc76589d1833699b2be6dc03901befd36ad15355347988b86b8c4ac75

Request headers

Referer: https://www.geradordecep.com.br/assets/css/estilo-gerador-cep.css
Origin: https://www.geradordecep.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:01 GMT
Last-Modified: Wed, 06 Jun 2018 18:32:31 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "a840-56dfd63bc6dc0"
Cache-Control: max-age=604800, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 43072

GET
H2 200 / Show response
ui.cleverwebserver.com/ 173 B
389 B 90ms
64ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5554e6a343019a1a2aa0c7f245f192a0c6b43c36ce789886213963378355d5f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 85682e0a0d491c01-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 /
call.cleverwebserver.com/ 43 B
104 B 64ms
41ms Image
image/gif 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=56690&c=DE&r=HE&l=92&b=Chrome&os=Win10&mob=0&v=1.66.2&ref=aHR0cHM6Ly93d3cuZ2VyYWRvcmRlY2VwLmNvbS5ici8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 85682e0a9e721c01-FRA
content-length: 43
content-type: image/gif

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 165 KB
56 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/reactive_library_fy2021.js?bust=31081233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845ae7772b4bde28686a2a21d95fc1b9e9ce5223db1172c182d325d6f6c48d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57085
x-xss-protection: 0
server: cafe
etag: 5607138882108480249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBD4 91 KB
29 KB 501ms
500ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&adk=3232283153&adf=805528431&pi=t.aa~a.4027807430~i.5~rp.4&w=1092&fwrn=4&fwrnh=100&lmt=1708111561&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3144298019&ad_type=text_image&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rh=200&rw=1092&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561449&bpp=1&bdt=1107&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280&nras=2&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97c372674941d21d6889276c5803def407cd2223a411520ed53c7cffe322c37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29612
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A487 430 B
232 B 534ms
534ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=90&adk=123718454&adf=2454748148&pi=t.aa~a.1972975535~rp.4&w=1116&fwrn=4&fwrnh=100&lmt=1708111561&rafmt=1&to=qs&pwprc=3144298019&format=1116x90&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561459&bpp=1&bdt=1117&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280%2C1092x280&nras=3&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=242&ady=3808&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a34d3e5bb3e2e1035ef369d1dc4277514dee829c2511f80b18a79f9d4dca33b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 0E51 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:12:00 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame F6C2 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:12:00 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 9271 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:12:00 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/ Frame 7673 9 KB
4 KB 10ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:12:00 GMT
etag: 3890843268177463596
expires: Fri, 01 Mar 2024 03:12:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0E51 5 KB
1 KB 70ms
13ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 19:02:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E51 205 B
296 B 66ms
10ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 23:53:15 GMT
x-content-type-options: nosniff
age: 243166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Feb 2025 23:53:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E51 604 B
1 KB 65ms
9ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:03:39 GMT
x-content-type-options: nosniff
age: 228142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Feb 2025 04:03:39 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 0E51 15 KB
6 KB 71ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6487
x-xss-protection: 0
server: cafe
etag: 9214289930287671984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 20:36:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 0E51 22 KB
9 KB 63ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 6041988417631582345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:33:18 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BA3 624 B
246 B 73ms
49ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNVqyGGN1UbCKe12h6JjshxEm4Dloob73iGUICesA-q--GWITCbpLdAlGQKKgzu01g4aPB-xozlUzv_sq_9g8K7dbTYUxXzli8ImbitdJzwr7_xrzmcCu8SWCrA-gZNTiHXdqiaU_3nKpqJt0dHbiZyM3SEs3vwdX7nZqgKXzW2lO-BRaYo

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6696 93 KB
33 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 6696 3 KB
1 KB 59ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 6696 20 KB
8 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6696 204 KB
61 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:12:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6696 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4ABSlLxC-RgRr6N4rTO3uk4vfRj8ilxgeqkar0a96PuWM9H7-GNBzku0gaan70AD0pRAMZh4khUIIQ3nhpKriRCmKLOZBdg_YCPtTpC-psIk6c2I

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E6AD 624 B
246 B 59ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGO221YACMAE&v=APEucNVB6cvyeq5Cu23dmkW8yQwax_QXB0BW1qVGoBhrwkRItRSybbc8usz7Zn62Be4zGaNd4HTJR103UVlqW11tDJXfSZdqzlBj_1AqRR-JCC6PjSsFD2BDCIa7plNh2ZOIwxogxDH7JGQQclCj8XRX_xBqmk5jMnLB_oVyMUnz3ZHxZjbrEOc

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DF13 93 KB
33 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DF13 3 KB
1 KB 29ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DF13 20 KB
8 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DF13 204 KB
61 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:12:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF13 42 B
63 B 53ms
49ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ca9avXajAJECIrv_yZcv1kz6ifhKH7r24P97BR0IvvKrTAoi2DWwyMh5oCyhjUTajwxdlsTwwaBpGJ5zSnzK_C0RMiBEO3uGgzAPBNDrJFNzDFC_k

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 82D9 624 B
246 B 64ms
55ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNUHzCdJrAvVCBsI2vvWMt2T_oKbgOAxn96y2xWXNkVCQ9IHKRO6GqfDMt082ZqX1DAnW2VEtYn1aXTvOEu9bAxL9sDWKRIm9aOSq2nP51aH5b_hmYGmRaOr20BksSIDEBHUruF-cFBnhBHcZBBBY3U3K75__t3O_Eg72b6XFzI9rer9320

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C1C 93 KB
33 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 8C1C 3 KB
1 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 8C1C 20 KB
8 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8C1C 204 KB
61 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:12:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C1C 42 B
63 B 63ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DL505IIljtGyUKjMfk04_mIeKBHsqpTAZ6MF1fN_yEif9-iYisDOFAvJFo-_tJbcSY5AvWqMJEXIfaxfXifq66GUWzVXpD5OaEsOcVfVPah6gC7sk

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1DB5 14 KB
1 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 19:01:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 1DB5 2 KB
875 B 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 1DB5 23 KB
9 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:45 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B88 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 18:30:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 1DB5 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame 1DB5 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1DB5 204 KB
61 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:12:36 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 1DB5 36 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 May 2024 00:44:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6696 0
20 B 45ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5535137240174&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6696 0
20 B 45ms
39ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5535137240174&version=m202401290101&ct=76&x=1&cor=4102862945201756700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6696 108 KB
41 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuF0ERAFN5Y7n9gAFxxiZRALZl9byMj8EXLeZ9JoK22cpcUlrGjg77Y_nkSx_uuMMcY_FWUGAJbkUe5xo9nxQqHrcyJWVmtdYZ8GuzGPy112EThgQ3Qz969eTSs3BSRoiYefM2Z5FkAlItlcpn0xsKYpFkZ8d3xzQYf_yS7pJQCeMbyLc&dbm_d=AKAmf-AG058HnOH_yb2Vsyq8d-uITQGvF25JaQM0WD7UB4d6-Uych-GFf4OB_Xg5iFjrX-CKqJwREVFpll0NVrdmG1m2xx-Iwlkt8v501zPzrkVgcdUgi5pLjUInyy1ddSzRImhMycBZBWnqPu_Fr5cM_LX0v1zXXxxef-vsIfZ9E6Q5UCa0gZlaHThBUyXCOBf8mTCh0QOvF7jv6VmMzyCsASqxp_d5pdZAjOFgu98Byz_zrsAHj3DCap7Ds3IMiAvQrIORzHBwWMlSegMrmkjcTWYNzMIPUNhifIjsM7TbEXfZFdSwggKc_grVLHE10xowmgpqDwvtrx__eO5YOmfg6FX5MBdCvUWxtoagqJtPNgo9jKu--dyj1YGa6v9QrJZ_nVxVL0YHlfvE_uNp3iXgLMw48sboE1d0T4UfBq4PY531UBwYDEYIVZMo0zHE2IFyIxM2UvCIUzr6HlQgDS1_fFXkOK7J2SNSHURFnYdr9AlAEErQgVTUgGLdC24ujGeeE3XdzZbDuv7lQ_aX-baM7SL1sJbI1C9WkguifD0soyJG3fPFctVEKjSF9nHyB7HkwOUL2esmokTYPR7WoYNDEb5Q6Hg78TDNy3JRNOuGezMrF3fIrGDK41G2ygbHOrbM40ynzkIYeICQDZEgOgPw0mQS1TXXwVxYg1SfOJ4SpwFyn8wEzQz6NLWY4IDflf7L998mNMHKoVShbB6jNafFRFFOz8kmonMWO7s6fzulPwTu6tg2CQYgDNi-Fm9OwK5jJO4_XigehdUTr4vA-Dq0E6nFmAulC1ZzAjWcOPty74oP7cITRP0uxXvvzjbmyVKJkXECwED9JxR-yBGEN2gj428LqysFHDTPN8wxWor6lU699TgOW3c45M7RTqmmZMlX3ZwrgVBhWD_CxH-LJGsJNLWtC01wMiKWZIUUqxYnuLgOuzFqNkTaLX6NXsuIN7Ibuk0sDqv7iw3D3Q0CRFi1YTLDjo35WszXdVM52WWBy_qH0uhVFtPNZgaAVU1gfzhzxGXHF_4Nu-tyUN00sHzwQX3jbOF0lMmTE4_YCm8e18d7-YC_Ur9A9ZZGrRyjWWiAffOemwhCi1qoE6E4hjdArH6pecfv5kbjJd-ykNx2qcCDBecy8JqhxVrFvMxxjxq0yk6X-FALs04iGpQArQG0-omPdP9GleOrT3C-uUwp3fRPHsoIhyxY1YdBzYrzcLecbpFwn5d77r9vBDzuqiuStdHoH-03SsuJgfxBVjZBHquQLGrwhDxgYuFP41BJYOV5-dI5ygZYuba682gvmc4cz2JieSloC0It5EaqZS3vhlriviRNnaBZqmD1L8xFPJVREmlL-tf35mm2Cd63rqkFVvrlaP1JRsd27OsMMvfp9zhrpSGzeGJEzXVt0Qgy1-0Qmj_AymmzMP8dxWwRfQ3PzumG7nAyQLolOb89LEFD28jMc79gGO2HdLwlpDGNR4a52jDu1BaLt7lKQb3dW8yvBKKfu8fhsgP0HxZq5WjlPKn5vOlI3x4dcLN6EzV5BeoNJepOSlvGqh55S2-727HT6eeTyM3r_PlJihDJPg5Fje4xlQDZdJ6VpGBT6lAeYHkyoBgGBNGXwB76ww_iWmw7NjaYRYlTsgtIAtvKCFXb49FOXFJV4csbgmyYnAfbXeJ-5Lpn5UGHn2BET99FYaYweMKIph4AK2gORSOXF_yNcHIiSxwICErLrwaFeoo8RuzxvJk6mWuML1YYkYmjCqSPwLLnZjEegyvLPi1qApNKdTg2RvbGMjwrJCiWalkJsDmOgu7Z-Kznyk2hsMA3CXHF_eTKK2nNz-oXWe9r_kb7DIsSu5JN0Kz_ZLP0Ji0bxScG_fBLk5jo3sGddwSyN_2gvJSQWCz-pTZdwR_gACeGZk_3-EoW_Aq_TDrvIqorDivvCScGMVLB8gVJ0Xl6QEYSnYTjw61UnB-gZx7G0EoajjOAxk1a7PhtFhobc_qdjTp5BAq282vr4QpwH5HvbYcTLimCpD1X97rp_cDZQF52Hf46rNpG_ouV863HfsyHVm_CiGwlBt0mduH47S0xJcdmpxkzuVwbAppTtr6g80quqLPhaf_rlyza6Hh2DeGQxl7Xv1l-j9XvzmV9Jf8ZP2uAJqaL2B2DOrpRimPHE6zNaD6n6vFGbGIXOqjjeA0reanYukVNRHkUCZuMRHKBLVPFlo7tyrrFPZPV-O_RxiCAFZvqMJJtb1-MtDNnvUBhrLZ5orULzmu0m175DxA_gdalKyW-1GsA0nt43VHWArhUl2V3aNTv48qTj1uLaP4LnIMVJ9LpK1UcB-YDWkKcivgsrJ_FSpMLPqROPKobi35ihft-_bNqj-1nsaPAvOQJ0B-CbiQDZ6Kf15mX0AyKNudIXep6XSv6VIDAz2onjOQk7YipN0sO7sO3LRDvj-oJIAHvXQFOrjDcHt_JAg5OZvO5cg37mURdtMHGuCgPNg9RXUv71G8oDVGg1kgtwhtAxTVthhbd9DA5F3Q-j-vEmMmQ6-qhtCkEWnFNum0E8R7pjbM3ZLcwzn1XZ4asUs2LUa7JxwWngReaqb-_pmZ6j7UJ4tPJINFDWXwNpDNelaKvlDRM2NDecmSi4D74gIoSY4DtmiQ8THACbPlZWqmIVoOT5q0c8y7BPNGYQHxn0C67x2H9ekx5A3nhl4TPQTP7QgEKTTi-7AK_p5UNVjctlREcWpXt4Q3YHo0vUAbG26mc5WKdn3hAQpZsMDUM_DGUOnq0d6tz7VqWAVWbJil8pBxIHEDEr7aw78hhlyvqGstZetC-xurgjIAVKT-JAAdFijT2wXHPKOJYEST274mnC4sGL0ZdDHOuplLOU6-OgtJvhlnvDctFIi0P4BqQzWkJ005uwxtut2djC_exrp6Tdpp2OBvTZgAf1QmT_FBr9IhKwoaAZczx8XzK_Wmmkf45lJ8Dy0YyOpxCSL3IaLbORAq_qCadXTt4_lZR4MiCLCGWxeFuHn_yUvJkuU-wag4AI0LLNtD4epGNX80IinUx8BGBLPDP2eyEzXeE-2Rp3GARM2KRO0OV1pLke9J87BmehlYx27RfdQdNU0uPtfgrGjR0TyPFz90x-sEpHOTkiyYyZL19lu6DXIgvJgkEXxReBSYX_I7RmIS5311nbZNtJ8Ca5wh_jMhIA73QJG0Um7uXaLYpj5HzRGmk4chqcGCKFCSM9Tz5x74AtxFy07yAt3V-94QrXvzM2o8Y431AGBx_lTWUJ2jd5O1gVrUu-GCtoWPbc5MaeqhzALNZBSabES0pE-MlE2vPZQjcnLVG1RknZwEozlUGCqTw5JBWJHhQOu9VER8q8gMcGv9M7KMsxt5pJQSqJlg4vzAfCyjwajEj_3XeePVpRbqOZibgzs3fYxGUNdWJ8Kj-xgIQJFbCTm-mHBYFH1Jn8ctj1kUiUVPL7fUoRImok8xkOkMlcmFE6YFIKyr8H3rfcfOnqxSZnBBC_pflASO5hX4pWoyF_vNd1O6kM-DPP2t4yH2Lt6J2J4vMoI22wm_E1eyjMxQ0aOaw8Pb0hDuX34VoxOasg2KGNm5crlb1GQRVc08CXWYhmXfFSbOuy8eG26dsfRMe-GZwygUSxDt0gHfwlj9gDijtwqxuSGOQMzy4PTijR3mNItDA1h8mKPaJvllWpxhKXOddL3hTdzeO2b4GTnfK5_jjxkepJeCcNqdZ1vG59FzG6ZGeP90nK8vo&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=4102862945201756700&adk=2515327513&idt=71&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1beb636ec2eff3e25cd882211a8676f0bcfddb952afc133e8f4764bb2e8d2d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3BA3 170 B
232 B 54ms
17ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKC21YACMAE&v=APEucNVqyGGN1UbCKe12h6JjshxEm4Dloob73iGUICesA-q--GWITCbpLdAlGQKKgzu01g4aPB-xozlUzv_sq_9g8K7dbTYUxXzli8ImbitdJzwr7_xrzmcCu8SWCrA-gZNTiHXdqiaU_3nKpqJt0dHbiZyM3SEs3vwdX7nZqgKXzW2lO-BRaYo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BA3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ixzkm7KGJcBoehcTO%2BOJLvaqqGpD4U84PDm5LmX6WUacp55MjzWFdgw1%2B3Vjti%2FcEzjvdyI0wxp%2FoJLh3GCIyXqtqhuV8YbxieVwUGJ3UaReYopEUHUEDd0IRq0uYZJb3qmFtY%2Fh9yU3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA
cache-control: no-cache
cf-ray: 85682e0d0c2535e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 3BA3 170 B
409 B 50ms
16ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BA3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNzk4Mjc2NjMxNDA5NzEzOQ%3D%3D

170 B
232 B

23ms
16ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNzk4Mjc2NjMxNDA5NzEzOQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
an-x-request-uuid: f8e9347f-ad5a-48d8-bada-a09bb55b7fdb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTMwNzk4Mjc2NjMxNDA5NzEzOQ%3D%3D
x-proxy-origin: 146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E6AD 170 B
232 B 60ms
25ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGO221YACMAE&v=APEucNVB6cvyeq5Cu23dmkW8yQwax_QXB0BW1qVGoBhrwkRItRSybbc8usz7Zn62Be4zGaNd4HTJR103UVlqW11tDJXfSZdqzlBj_1AqRR-JCC6PjSsFD2BDCIa7plNh2ZOIwxogxDH7JGQQclCj8XRX_xBqmk5jMnLB_oVyMUnz3ZHxZjbrEOc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5ESIlUGtyTk2KSjaWhXdhINLnKHxc7aAFxRgrl3%2BHsfWM8vXeYgp6R8PRW%2BzBzHaeaX%2F63kuQS8Q4gpox2zeF6c%2F09rY7VMPOJBUIRbMzgCQw%2BNa%2Fs4I%2FoWM09kF8iVZ6wJYxdsq4opDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPMEAAC40AAGsrgAA
cache-control: no-cache
cf-ray: 85682e0d0c2035e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E6AD 170 B
232 B 57ms
23ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E6AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
an-x-request-uuid: 67b649d3-e8ce-4a28-bd40-914e587f381d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D
x-proxy-origin: 146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 82D9 170 B
232 B 45ms
26ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGKS61YACMAE&v=APEucNUHzCdJrAvVCBsI2vvWMt2T_oKbgOAxn96y2xWXNkVCQ9IHKRO6GqfDMt082ZqX1DAnW2VEtYn1aXTvOEu9bAxL9sDWKRIm9aOSq2nP51aH5b_hmYGmRaOr20BksSIDEBHUruF-cFBnhBHcZBBBY3U3K75__t3O_Eg72b6XFzI9rer9320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPPEAAG6UAAHsrQAA

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPPEAAG6UAAHsrQAA

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYMEdZldr9KR%2Bqa4HIz3SkmnyUM7HSAAp3COd%2BhzJTQwmHMjIM0lNMfy4B%2FxbZNFdk3YbeBS72%2FEBeCJgDIQXVqk9m6M5sK8KrCrnkg9uShZRXgzkYH5BsK%2Fll5Kl2XAV8y6MwAq5dKdUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc.2ybmqPPEAAG6UAAHsrQAA
cache-control: no-cache
cf-ray: 85682e0d38129a30-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 82D9 170 B
232 B 38ms
27ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
an-x-request-uuid: 0faf7ec8-0df4-45e9-92ac-16dc17e715ab
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk5MjYwMDQyNTI2ODUyNjM5NA%3D%3D
x-proxy-origin: 146.70.117.70; 146.70.117.70; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DB5E 14 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&slotname=2397655178&adk=387046663&adf=3577813278&pi=t.ma~as.2397655178&w=1092&fwrn=4&fwrnh=100&lmt=1708111560&rafmt=3&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111560440&bpp=1&bdt=98&idt=230&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=260&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=232

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 18:58:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 19:26:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DB5E 2 KB
822 B 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame DB5E 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DB5E 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DB5E 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DB5E 204 KB
61 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:12:36 GMT

GET
H3 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame DB5E 36 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 00:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 May 2024 00:44:05 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF13 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5759891948640&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF13 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5759891948640&version=m202401290101&ct=76&x=1&cor=10678909258493161000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF13 109 KB
42 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D78EYNIpuoSPFAVogvM4lYnL1UXNf3pOGzh2zJwDXif25WTG5Awa-dhn-91vLHJMGvOAijDzyDV9MHQ1z9ieewZg7H3jQcfy3GL1ip5S3eqnOOKnx5qHkcCkVRYKBdjtZSBfyFPUiJ_Q4B6FN8xsym-BPOLu0Pb77tSrFluBQduwGfbYM&dbm_d=AKAmf-Duj6V842I-2gS0z4_xnb5BciGWbZsM5w9udRubqpSY4I3VgCiKlyTIMKePFh0Q8gn0EGnmvvyyvGl8lx1BapOSWy1qtc77bh5lZoymu4XHepTlzD_U3HRuR1TMwFpIU2Qa5TxDOiNDwjom0GqMVO76NDYV8l_r_I12C9BR2zUyVrZ14NNq1tO6HFnoaBnzT2JZM0Ihc3kDN-eKpdCTF529WYxh0QZEHjyahqVp2_-wYWcS-PT5siLa1Co_rk8sTFHirBGrR4o8-6XoOO352fz4nm1Y21iGoB7gbHwUkEI34cNdfPT9GiAXVpmbXlBixknpcSNbAR6YLOUynfwgtCghwzyht0S02knRUaFcT4JShJh5NS3d_ovvBqBTIC_LjDZlQIz-cpIpYKeaCsu7L5P7GynadH-7qRaSuDikSGREr3cI_WIvl2LIgbtsFLc9elFF8qt8tNLW3TVU4ZKDy9UgebGmKavMt1-t42BvfgLFc8wUTemEi9m5zUfe687i_Qzq6dV0RnV5roSgGu5PwZmSDl2Cc9lY9RqVoh5a5WehHvVZjvAFklxEuREU17V3YV-yqw1VYm5szMBPWKqgIcFC4HpCHE0nfrAhBDCJuLdPOJydCKzpwBEZATInQmLGX9jejP3ZC0GH1TgnVAl7BFWj2l59-Y-H2cYGYxqGnjdLHoTvLiT8sENYUvhSzHcg-oG0cmdmzZGpwxz3IIlPVSZanay0rr9o_BogLtAtI0PJExlM3oEE2NoyACJeaP4XSYDn26XT3fx4cMD8hnf80aRKVtohR77VQSDSytObg-dRomXvfZ0VhUZr3gCagK9myY2U6nAHsHIF4MI1sNc2uQs_RyKSc7KADePvkg9sniGc179BOBQwdHGVo-kPCe-qPfDEqyE9_7Y60-hezUcy38BC6BFMgGGTeG3UVHrpR2niGdgh1d0x4WP0brPYEdxyA4QauGehPVMU-Fs24f0xp2ZwO_Amyl1XWYrJ8qD25E4Iq3gOa3Ln4xQfEApsBjkOdlLI_ZJkjuOKy_vhNJgTrAZzHvP8IvsfG3UkblTcqAKdP8TdMyBNFBEg_trBFy-sDfu8yH7RVh1lY2WLhui19YWP8ew6aZ758jxz8Vn5Pndr14RT-R3OxqIAQ2miX8UYrm-HUe-Th1fW1lRq4HCdwSkhcP23jWOV-IH6Q6UX56m713uZPDU-FbA3sXe-NipTxA3PouGPXqKdJVABmbHuPQkVgI66hnmEgyftspH0aRLmLUQ3id_x5QD8YUvQ0s3Sofwc4QCIQqx71YC2-swVww6md6f9-zg-9VZiFNACOgDxqrgJVnrsrWUJpHtvOc6p58TCReLaXCziM_FZGCPdUWtFyXGUq6NKTKA_cJAzXJh0N3MqKhK625NP7TGruAb3tkGJt4ICTA6R-Z9B4LB-bkFjLtfLYiGw-2hkape6Ti9Tyd2fu1W0Opxw1CKuZK_5_paRxpS2sQ76jz0a9rnCIO5ifkTf3cEudwVk1lMKi5N_IGbGH_uwf94XI1diw9hBjW8VjWVt2EeMpf8Rpf-Svt8b7YJXrMyWsH_7zNZTX_z_zR0m-y50Vy0rcSVhYX-WKiKdRZt5eiedgYtWeBk171TOB4NyCGlXEq4gTLsdlx_tFb62glbNUR7YUlPCRugRgFiNbXbPNeuxl8wrq8oekuf9mZ0mk3FoZsi-dmncMFldlnY0-kfRjXzY1Nys5Y0b4mCPBWzGAXe09VLku6zgBWQ0Jyy_ZBlJfxdiZ_6FRbS9xcy_D8e4XEYO0AfDB0edG32f7ODGeADJmoEizQU8oHEbuBrL_IVn6CA9FiefpFCfFOKtZKGZ1jDvvY4jY5ZHH0AbHlyeHcIAL0BwrWfxj4zvoz_G8ic8jMsYbZwjDJ2etYZVj2bsuy7EzhomTAA3MitE-ehRCXoMMc5cda86p2A_bQLBzOOFDoPM9-XuzjJUbulqp2qlSyN8T-euxIhvYQZEDdLXeC0l6bJ1If0ycGKQiimEjIp_O_Hsibi6GKb_w7z--UkXlenGOl9Tgkhg_nQbXG8dnhhEdsU_thURUbTXr-iq1VdDgKMWx29wH7crvPCA-CHdiuqDOReFSWPNHihzCQwWxeFY4gfKGLorH9e_pHev4qh9a1MuV0yuZHzVPX3u45jbNH3AJisn0jwcq47ezCBsDvq-e2V_TRsA8HVCZ3RLrKpBtzlzi-o4yTok5vfYBxvqrEDTqITaXsxTGoRoXYJ3Exkyk1bmjdNG8tziD3nb9iw8T0ujjVFSQ5Yi5nqunq-G-4JL-uVjv7Lg2BV3y1rM8STVLLY0NVamTxwmbH2SZvKpmUwMOSlkF-juTqW8pJOg9PKLcEhUKRueso2_6WnIeBaU73L7nh9HgICfAX7MLLDhhsipR_Pa5PTvBGYZpN5Kt0wxOm1FCsvlxm0cEOXXJCTJnpENwayL69e1RsrItPAac8ce8V6wCd3uFnp5pWdsJIsyItbB9dGg9kbkUV2SMF9ABydiKEHXfXwUvY2Qepzy-1oQUFV0ACKNIb_T8pvaQRYO3vKL6zxooksBVawoVqaQ9DFjO68N_IdFNQ2MimXiapXTf80BTz1uyWRVUy5iaWvCjsy8kwVaQkFPP6vM5Tnma4iY1swz1V3L9jyR-vuARMySZaqhR4qvfK0ExAJlvB3PH1LMYV_aIvtqyIlff9Vc0Jud-2mst6PWmGUEtlQhcUfxuOh13BTJsuEf9hVikWUwvw17C6uJrF5kSeQNTPjRAq8LjQfBOOvSshPtNqPzbWXT4JMVf0ndeDB7YjFnbZVnped7mzbhgIHkwd1H_DjSw-THEhZZG5rC-BjxEGppLbAiCHCGXIqhtobF8Xgn2WsObgX_fZieYT5HYcUvNXEnJF_OpWxxEZic_GXyLWFbuKszzYA6pdC6aYxC4BHY_SqNBiP-aTnxaEX8WiBiRqEs2m08yQ1xaYW0LstkAXckgOj_bHCYLZeRsJlmXHMF6wTgUvkVT-fq2nfU3s9iNMW3X_5P-c3DUwnxJlculeP-iw_6trNT43fWBfGxFXOwbt6wsGV8HJlAW1bj8W4Wlp-D7r7nI1asKUihuesZAw07ptFsP5_93T96ckR8OHEQyD-YgEZqab0KHDTqCpePU-ja1VjbKZytvpuq4CQ1U47vXO7N03yDRDZg3QiSS_WEHOFHrlxpy8tmy2Cd49F1vaInDIt6yVygpFGnqpMbDFO39mzwnPk1_UG8z3jLA4hTNSsKtmnUwQiPjnJAV22XHqz05GO-pd_qEk3eWr-solMYUTK5Xk-IzxRdrB9scd5UJJJMNfIre8fe5TTcpBMVssQmHXr9g93PNwHFrcUTgt1myttaVJjgU5g8kmOfBXeesJveZyu_Q8Edw8UY9buK5GftPpd9ecll_eSVAkS3oXd9QNhDWgVFyBYVxIFFddbj700R7--J0oJymIs1GX0I4iomIfgizVBYuDJvgvuwag9w653WUd-S6kuHh6XO5ajH6d-ERGFck8E9Zq1Tbq6ao5K-e_t7BZZockB8jjdBneXk2UD_sMDhoJ6gHxlL67mwKv5H96D7U0DyX_xa9Qp87L65fXDq52CplbtgU6MVU-OQR1izrE_Nq18qdSqhRdy55qHqONtU_D0u0RsVO2MmVVOa33q_QsblKTGdo_6M3TobMwkp5tbDbwmyTvhG50k&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=10678909258493161000&adk=3062569611&idt=89&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57e8437204b46d129b7990ba20a98e6b26175ed131f60cfb19ec50f639f8cd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42613
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C1C 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4102506230559&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C1C 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4102506230559&version=m202401290101&ct=76&x=1&cor=2445104663725784600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C1C 109 KB
42 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2-x6liWHBCrq-DFfmObXSSHAY5SwyhIkzBhO33oP_rh6hsBVFKVbsdFAVab7Oq0tSuW5sSxe7I4qNTMryEqGoeIpdSSB5cCAgHC_jI5GtdO1Uyeqwc-otfwcY8VhWYeIYZXVFgfff92lECjQZjpJzFIRtl0lfW5HjlTPESzrgzdodiG8&dbm_d=AKAmf-AmG5omYy14TLOqNJeMdxeIRSJvvvxMoIdkK6qb5yv6sbiJjHBe0AMGacKsIp2WyeOpO6oXQtQRy6plfUYSpElSk-q9NKx6ahLD48JyLJT5_sKTlH2RZwmenwk8shfp0ABKU6_TVGG_5SCRFgEM6O8prvgJSJzbnWZnJReSeFXN2bXAiVoUgSQTWW_5Ux6HRJH8EvRCyevwOn3iu5P8ssjyqMuJDwhlPENL4igwhnN65RZGAD4K_iFg0HLK68IKd5kFsqj8p9AD880BFhl8hpFIMMdhoqin1f0OfAToRJolVlj-14TVAK_WgcBOpCOu7BWKpp0Gk1sSi_Igtl22889mYGc4TYErvUti99iC16r4_nRlkaSlI1D9yNoZr0WRvKrDV-kWrYCbmrtoq50vUDApvRFMv2xEmfWIoliGWQk-tOugMmOgFY2wbzdDZSi50RJ8Ct-a7Wj1-rR71GYgXP8PkMWGEpkLPX2d_iSOuJTWwZ2xqbXN97A2asDtHsT04p7wed0XVZWsRb51cpbhVzv4t80Mo10NO0Hbiu1_xo8h-Iy-2r886UHKWMkm92ONqW6svSNRCq2JzN8Pcgac-k0I5lKtg-fzJJ8CElDQMACk0xGUKSh1LvLT0DwDaJSceQp2l8akE3tZaGQBKPpo7fApBIT_-6eapYSktmN7TCraa3_aKZkqOWxk6q6YaNPZbs2zlI2oAmzw1l0yQxzPIqXaM9mHVw624v2it0xUvtdJk4ItzhHz0cfE_yUh_Kx4-884DxYuq1cPnZXijytF0gYzraSPH4aSiYnl-niSXyN0cLtGuArkI1BG0kTlycj21AQRPHFAZbjvDJ3PMRuJbKWOWHH9UzeDYLkm5B_Q7u1Cghqt9YqkWsUBvZV_rw3sJ4zAd1QcOQBu-qgjVysEMzfIycCtaW4igKMzZ-fnz9SFTpnkC2nMOR1XFSrXfnclVmaUtcs0bm7EYtNXSu23JhbcPQu2tTtcivKUX1J7NZ82V9gi_7K8QdChtVhHpNYwyPvKlH50mpNlwPvzg8w8RS1tvuTvr52NnZoB8oPszzw9fxKUjb2X3x2SwePMzT61VCtlo5liGQO-GIHnKWOY-D_1xLHIiSMZDf_DbmpQ9dRgTFDotv1GZQk6r83EqZfRl6lEVU6FJt_BdaINpuXejS4fSG5KFE4WgQ88eezdz_AnpWQTwrJv8ip_VPuSWeNt79YSmLrY5UohQShuILvP8a_lvmgJgVEI1iFH-rcoT5zeABBCcLl6yUH3BCwbicttV4zyxlaR2qD3dsk0fzmQUsks20mtUnO-XaJKBG7w3y27HDfjVHVHmRP1QaKTfTQgykquJqyfEix5dQxvvu2uuE7xnQ2t8gs3D-iM15iponwQFRSipCGd9JSZPNjurHziAgOKNip53svqiiiyyF6eRX0mAPoJPFmN2aBpHXAmNWps9zEvUUJnAimA-vdHfz2gsn5l8ES1_9ZuW5e62lnjebZSCI_PISgKhy4JsRUhStUVlPa8TmfkoMP6C2Pk0ahuBhVBFxtOk86VFa7Paa7lGAEBNG8Qz1nW_LiYpv0VXN0Gq030qETbkBIUyDra3fiSgYRWDVLJU3Xasze9e6mU8wk2WgwuBLzH-jKTTd7sWXlGlALAKudU5iPWC5ZFO4E2hftzlmokHREvzKGELOKQDTyWWej5L_1Nc7MWdSg9UxB8zNkvrDlw9W_qDpkaNvdIOhn4bfFG1lf1us0AP0F7H-FXikOUrO2xh3EA2vE5hiEmZ4It9SuN8_vet7P6VF8LlBVNmmX5_3s7mMd6uP1zuESuJ6odbjru0rkAKuPPSttwCznjcTL0YJ3s3VKmkKUO_mDOlzjjrO0DxcfM0QRxs-IKISuByEJ00Yo7h0aFPCwqQ1aiqcUTmqCAwZ6T27aPeQqPLND3a4h2xrHIW6g8N77kUE_O4JAlyvnZn-Cx7ZgBKriL2W-HU_fsDZhqVaNDmrZa2NmGMGGfqq7q2eGuDPFtayeCfo9sntZkaw3phfmIWj9neQFWzXZwfZ-LKxjJerLpZVoSuM_gMPfzpncNUmKAs-DyqWyU19tOqMIm_acLPQNWWLH7X-OoGgkMJ5_I4csUTiirPpLGX2Wsb4GYlzQJ-ti6GWp2tybkcI9TQ_-C7-vBD_OxJcvKxkvZIi-e3agzQEvWfhoUXDqg1LzVhM5n41xaDmfMGmkoHwN_0d2yfk4nx9t4ZBQ-ZKy7bRnFoKwcdREaRFNUcdlxRkHGDwJ7gcvvdTNN-g0HEU_r56z4fSIo_8oSbEyKtKJunat4oMWAJZkuv9Sx1xD_fHjRil15dgtXR1Z7ndQmYP1JMhHMj3AsK0nq2Cz9t-C4YjoCguBJ3mLVkQZzpOS5g0m3ZizviYN9-udpnhZbW_UWr0wUFFiAjTVsGkYRGeRLiMW1qPEceeJ0wWeNzhqzWdHdNmwaAy21-QOb_3tmbRJorwWfPDaVD8bCjwNyrHIVW-W0ELRpknx3GH9OiBKkIbgUshTJp2ffgeX2iaNx7i-jAAAisCgAu13oRokzBUBKau9DH_0JfdstZjtnm6V0y7odoV2StJBlD52p5h1O4oihMiW0baHa8KgqHBm7yn0fc-bj8RFbru8tOEVhdZ3B72vn0Y0fkCo1fkqBGlpZYoCWmYtEQpAcLv_LLx8asnb5eNTSbncDZuxTZhSlMUS1ZChH6AbWEVkNgXjdbI1j5ibnKNhUnzIQRoE-lxa238qnFLTMUOsocSYZ943-xgDimJi1oJ_DoqLi56tXDn8GEldZDUpJXM9DVWWZbIgeOmodBGwF1kVIND781sOW9F5427e_DcFspuf_QPmvVaBEV-jvfZ6u53QziuPtI-ImNyggndjNuoMifYzar9a3_cH2FgSCVtgUx1tITbmBc_JhUWx2P-lnTnkz3xgQF9M_svqYp_5ybbZGpVR79Cf07xkyEaqEjXP-koSE-e_c-10pqnLyL0Rm1MEbzKmMU01XRJ2DKir5B4G8MPPUcc8P5qUR3XZFUGTcKpworjCSe8w7ywHS7jLzCWVN7p26rFcyW2VyQYdwx8uoSH51dYTrIB9OlJ_Rc0i1d_N_zIqbeXB4r-NHtNaDlPM84IBmH2GhjCMW8qKWzgbhnbP2abUhYeTEMPe4ja6FzetkmtWAVrpZvAVHxb_5gQuMNOL9ALAnS9a7wefaXvAvQYP-5JiovAz7xfV7PNP14xGOxxjMFQsXkgOPh7cPZn4Dp8Xc1ZtqvWdmol9BlJITyN84bGdO9KXUrjUdBvOMVyQLoaxDC8S8kKSnWrKRxYMT8igWCTMp5gDqlXVLIWaz5KMQhczgRYUAHVKhtOmLyzX8TS2KbLVPisl-jHrOOLOqZFzC_AFDMLiEGbUR8_KEoGzUpvOt9X5PLl-8phYnYS3Xioacstqg8yb5Y9OnvIQwYY8uf0BSxydinmGqRIBWIhQwZ-k3QzRCxC01DjUctjqTL_ztFOUJHeKdcY2JT0npFuqa8Ek2lDvtC1H-IQFNk7WksbynEJsxBgxP-4nojra6quuJ2_bNjlgiaBqUkZwCTMlivpIdDXDSi_eWZ2WbDu-R7tYTvPoB-LLLeqEml3ABUtDscf6Rn6nww9Q3GSvebBQ0vDfVDLy2LVlRTku28O9h_Ge5ooQrdFRbW55ZN9j-p2nb0S1k_sLkiudvnMsASTw&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=2445104663725784600&adk=1935140219&idt=72&cac=0&dtd=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8e61dffbb5af750ce76b47548cbf797e709aea6476cc73b8f1cab688a0fdbe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12465352132748852732/ Frame DB5E 16 KB
16 KB 113ms
112ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12465352132748852732/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c3484406cb109a7cf8c1100d4e2f307a2df7c08a490c4b9a5e7af7d0ceda3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 16 Feb 2024 19:26:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16809
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 07:49:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Feb 2025 19:26:01 GMT

GET
DATA 200
OK truncated
/ Frame DB5E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame DB5E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3B88
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
expires: Fri, 16 Feb 2024 19:26:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame EC3F 51 KB
19 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 20:38:21 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1874223/77019497/ Frame 6696 271 KB
79 KB 433ms
33ms Script
application/javascript 34.240.0.127

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1874223/77019497/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20833644696&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g7ZvgdcSD0GcU8Tp6nZ_eo
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.0.127 Dublin, Ireland, ASN (),
Reverse DNS: ec2-34-240-0-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef2b4e4c004fd4c616051fea51e4e22bd2dfc19d7803442b2d8b4e1e9031e1fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6696 111 KB
39 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 20:43:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 6696 12 KB
4 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuF0ERAFN5Y7n9gAFxxiZRALZl9byMj8EXLeZ9JoK22cpcUlrGjg77Y_nkSx_uuMMcY_FWUGAJbkUe5xo9nxQqHrcyJWVmtdYZ8GuzGPy112EThgQ3Qz969eTSs3BSRoiYefM2Z5FkAlItlcpn0xsKYpFkZ8d3xzQYf_yS7pJQCeMbyLc&dbm_d=AKAmf-AG058HnOH_yb2Vsyq8d-uITQGvF25JaQM0WD7UB4d6-Uych-GFf4OB_Xg5iFjrX-CKqJwREVFpll0NVrdmG1m2xx-Iwlkt8v501zPzrkVgcdUgi5pLjUInyy1ddSzRImhMycBZBWnqPu_Fr5cM_LX0v1zXXxxef-vsIfZ9E6Q5UCa0gZlaHThBUyXCOBf8mTCh0QOvF7jv6VmMzyCsASqxp_d5pdZAjOFgu98Byz_zrsAHj3DCap7Ds3IMiAvQrIORzHBwWMlSegMrmkjcTWYNzMIPUNhifIjsM7TbEXfZFdSwggKc_grVLHE10xowmgpqDwvtrx__eO5YOmfg6FX5MBdCvUWxtoagqJtPNgo9jKu--dyj1YGa6v9QrJZ_nVxVL0YHlfvE_uNp3iXgLMw48sboE1d0T4UfBq4PY531UBwYDEYIVZMo0zHE2IFyIxM2UvCIUzr6HlQgDS1_fFXkOK7J2SNSHURFnYdr9AlAEErQgVTUgGLdC24ujGeeE3XdzZbDuv7lQ_aX-baM7SL1sJbI1C9WkguifD0soyJG3fPFctVEKjSF9nHyB7HkwOUL2esmokTYPR7WoYNDEb5Q6Hg78TDNy3JRNOuGezMrF3fIrGDK41G2ygbHOrbM40ynzkIYeICQDZEgOgPw0mQS1TXXwVxYg1SfOJ4SpwFyn8wEzQz6NLWY4IDflf7L998mNMHKoVShbB6jNafFRFFOz8kmonMWO7s6fzulPwTu6tg2CQYgDNi-Fm9OwK5jJO4_XigehdUTr4vA-Dq0E6nFmAulC1ZzAjWcOPty74oP7cITRP0uxXvvzjbmyVKJkXECwED9JxR-yBGEN2gj428LqysFHDTPN8wxWor6lU699TgOW3c45M7RTqmmZMlX3ZwrgVBhWD_CxH-LJGsJNLWtC01wMiKWZIUUqxYnuLgOuzFqNkTaLX6NXsuIN7Ibuk0sDqv7iw3D3Q0CRFi1YTLDjo35WszXdVM52WWBy_qH0uhVFtPNZgaAVU1gfzhzxGXHF_4Nu-tyUN00sHzwQX3jbOF0lMmTE4_YCm8e18d7-YC_Ur9A9ZZGrRyjWWiAffOemwhCi1qoE6E4hjdArH6pecfv5kbjJd-ykNx2qcCDBecy8JqhxVrFvMxxjxq0yk6X-FALs04iGpQArQG0-omPdP9GleOrT3C-uUwp3fRPHsoIhyxY1YdBzYrzcLecbpFwn5d77r9vBDzuqiuStdHoH-03SsuJgfxBVjZBHquQLGrwhDxgYuFP41BJYOV5-dI5ygZYuba682gvmc4cz2JieSloC0It5EaqZS3vhlriviRNnaBZqmD1L8xFPJVREmlL-tf35mm2Cd63rqkFVvrlaP1JRsd27OsMMvfp9zhrpSGzeGJEzXVt0Qgy1-0Qmj_AymmzMP8dxWwRfQ3PzumG7nAyQLolOb89LEFD28jMc79gGO2HdLwlpDGNR4a52jDu1BaLt7lKQb3dW8yvBKKfu8fhsgP0HxZq5WjlPKn5vOlI3x4dcLN6EzV5BeoNJepOSlvGqh55S2-727HT6eeTyM3r_PlJihDJPg5Fje4xlQDZdJ6VpGBT6lAeYHkyoBgGBNGXwB76ww_iWmw7NjaYRYlTsgtIAtvKCFXb49FOXFJV4csbgmyYnAfbXeJ-5Lpn5UGHn2BET99FYaYweMKIph4AK2gORSOXF_yNcHIiSxwICErLrwaFeoo8RuzxvJk6mWuML1YYkYmjCqSPwLLnZjEegyvLPi1qApNKdTg2RvbGMjwrJCiWalkJsDmOgu7Z-Kznyk2hsMA3CXHF_eTKK2nNz-oXWe9r_kb7DIsSu5JN0Kz_ZLP0Ji0bxScG_fBLk5jo3sGddwSyN_2gvJSQWCz-pTZdwR_gACeGZk_3-EoW_Aq_TDrvIqorDivvCScGMVLB8gVJ0Xl6QEYSnYTjw61UnB-gZx7G0EoajjOAxk1a7PhtFhobc_qdjTp5BAq282vr4QpwH5HvbYcTLimCpD1X97rp_cDZQF52Hf46rNpG_ouV863HfsyHVm_CiGwlBt0mduH47S0xJcdmpxkzuVwbAppTtr6g80quqLPhaf_rlyza6Hh2DeGQxl7Xv1l-j9XvzmV9Jf8ZP2uAJqaL2B2DOrpRimPHE6zNaD6n6vFGbGIXOqjjeA0reanYukVNRHkUCZuMRHKBLVPFlo7tyrrFPZPV-O_RxiCAFZvqMJJtb1-MtDNnvUBhrLZ5orULzmu0m175DxA_gdalKyW-1GsA0nt43VHWArhUl2V3aNTv48qTj1uLaP4LnIMVJ9LpK1UcB-YDWkKcivgsrJ_FSpMLPqROPKobi35ihft-_bNqj-1nsaPAvOQJ0B-CbiQDZ6Kf15mX0AyKNudIXep6XSv6VIDAz2onjOQk7YipN0sO7sO3LRDvj-oJIAHvXQFOrjDcHt_JAg5OZvO5cg37mURdtMHGuCgPNg9RXUv71G8oDVGg1kgtwhtAxTVthhbd9DA5F3Q-j-vEmMmQ6-qhtCkEWnFNum0E8R7pjbM3ZLcwzn1XZ4asUs2LUa7JxwWngReaqb-_pmZ6j7UJ4tPJINFDWXwNpDNelaKvlDRM2NDecmSi4D74gIoSY4DtmiQ8THACbPlZWqmIVoOT5q0c8y7BPNGYQHxn0C67x2H9ekx5A3nhl4TPQTP7QgEKTTi-7AK_p5UNVjctlREcWpXt4Q3YHo0vUAbG26mc5WKdn3hAQpZsMDUM_DGUOnq0d6tz7VqWAVWbJil8pBxIHEDEr7aw78hhlyvqGstZetC-xurgjIAVKT-JAAdFijT2wXHPKOJYEST274mnC4sGL0ZdDHOuplLOU6-OgtJvhlnvDctFIi0P4BqQzWkJ005uwxtut2djC_exrp6Tdpp2OBvTZgAf1QmT_FBr9IhKwoaAZczx8XzK_Wmmkf45lJ8Dy0YyOpxCSL3IaLbORAq_qCadXTt4_lZR4MiCLCGWxeFuHn_yUvJkuU-wag4AI0LLNtD4epGNX80IinUx8BGBLPDP2eyEzXeE-2Rp3GARM2KRO0OV1pLke9J87BmehlYx27RfdQdNU0uPtfgrGjR0TyPFz90x-sEpHOTkiyYyZL19lu6DXIgvJgkEXxReBSYX_I7RmIS5311nbZNtJ8Ca5wh_jMhIA73QJG0Um7uXaLYpj5HzRGmk4chqcGCKFCSM9Tz5x74AtxFy07yAt3V-94QrXvzM2o8Y431AGBx_lTWUJ2jd5O1gVrUu-GCtoWPbc5MaeqhzALNZBSabES0pE-MlE2vPZQjcnLVG1RknZwEozlUGCqTw5JBWJHhQOu9VER8q8gMcGv9M7KMsxt5pJQSqJlg4vzAfCyjwajEj_3XeePVpRbqOZibgzs3fYxGUNdWJ8Kj-xgIQJFbCTm-mHBYFH1Jn8ctj1kUiUVPL7fUoRImok8xkOkMlcmFE6YFIKyr8H3rfcfOnqxSZnBBC_pflASO5hX4pWoyF_vNd1O6kM-DPP2t4yH2Lt6J2J4vMoI22wm_E1eyjMxQ0aOaw8Pb0hDuX34VoxOasg2KGNm5crlb1GQRVc08CXWYhmXfFSbOuy8eG26dsfRMe-GZwygUSxDt0gHfwlj9gDijtwqxuSGOQMzy4PTijR3mNItDA1h8mKPaJvllWpxhKXOddL3hTdzeO2b4GTnfK5_jjxkepJeCcNqdZ1vG59FzG6ZGeP90nK8vo&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=4102862945201756700&adk=2515327513&idt=71&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 6696 30 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6696 41 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 06:45:31 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1874223/77019475/ Frame DF13 271 KB
79 KB 466ms
89ms Script
application/javascript 34.240.0.127

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1874223/77019475/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iaoUQmNnnLrhR6lSbvuRFg
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.0.127 Dublin, Ireland, ASN (),
Reverse DNS: ec2-34-240-0-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5747910be5b88a086513e9871701218e5fba55091e661deac3c5af93dc75ec16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DF13 111 KB
39 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 20:43:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame DF13 12 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D78EYNIpuoSPFAVogvM4lYnL1UXNf3pOGzh2zJwDXif25WTG5Awa-dhn-91vLHJMGvOAijDzyDV9MHQ1z9ieewZg7H3jQcfy3GL1ip5S3eqnOOKnx5qHkcCkVRYKBdjtZSBfyFPUiJ_Q4B6FN8xsym-BPOLu0Pb77tSrFluBQduwGfbYM&dbm_d=AKAmf-Duj6V842I-2gS0z4_xnb5BciGWbZsM5w9udRubqpSY4I3VgCiKlyTIMKePFh0Q8gn0EGnmvvyyvGl8lx1BapOSWy1qtc77bh5lZoymu4XHepTlzD_U3HRuR1TMwFpIU2Qa5TxDOiNDwjom0GqMVO76NDYV8l_r_I12C9BR2zUyVrZ14NNq1tO6HFnoaBnzT2JZM0Ihc3kDN-eKpdCTF529WYxh0QZEHjyahqVp2_-wYWcS-PT5siLa1Co_rk8sTFHirBGrR4o8-6XoOO352fz4nm1Y21iGoB7gbHwUkEI34cNdfPT9GiAXVpmbXlBixknpcSNbAR6YLOUynfwgtCghwzyht0S02knRUaFcT4JShJh5NS3d_ovvBqBTIC_LjDZlQIz-cpIpYKeaCsu7L5P7GynadH-7qRaSuDikSGREr3cI_WIvl2LIgbtsFLc9elFF8qt8tNLW3TVU4ZKDy9UgebGmKavMt1-t42BvfgLFc8wUTemEi9m5zUfe687i_Qzq6dV0RnV5roSgGu5PwZmSDl2Cc9lY9RqVoh5a5WehHvVZjvAFklxEuREU17V3YV-yqw1VYm5szMBPWKqgIcFC4HpCHE0nfrAhBDCJuLdPOJydCKzpwBEZATInQmLGX9jejP3ZC0GH1TgnVAl7BFWj2l59-Y-H2cYGYxqGnjdLHoTvLiT8sENYUvhSzHcg-oG0cmdmzZGpwxz3IIlPVSZanay0rr9o_BogLtAtI0PJExlM3oEE2NoyACJeaP4XSYDn26XT3fx4cMD8hnf80aRKVtohR77VQSDSytObg-dRomXvfZ0VhUZr3gCagK9myY2U6nAHsHIF4MI1sNc2uQs_RyKSc7KADePvkg9sniGc179BOBQwdHGVo-kPCe-qPfDEqyE9_7Y60-hezUcy38BC6BFMgGGTeG3UVHrpR2niGdgh1d0x4WP0brPYEdxyA4QauGehPVMU-Fs24f0xp2ZwO_Amyl1XWYrJ8qD25E4Iq3gOa3Ln4xQfEApsBjkOdlLI_ZJkjuOKy_vhNJgTrAZzHvP8IvsfG3UkblTcqAKdP8TdMyBNFBEg_trBFy-sDfu8yH7RVh1lY2WLhui19YWP8ew6aZ758jxz8Vn5Pndr14RT-R3OxqIAQ2miX8UYrm-HUe-Th1fW1lRq4HCdwSkhcP23jWOV-IH6Q6UX56m713uZPDU-FbA3sXe-NipTxA3PouGPXqKdJVABmbHuPQkVgI66hnmEgyftspH0aRLmLUQ3id_x5QD8YUvQ0s3Sofwc4QCIQqx71YC2-swVww6md6f9-zg-9VZiFNACOgDxqrgJVnrsrWUJpHtvOc6p58TCReLaXCziM_FZGCPdUWtFyXGUq6NKTKA_cJAzXJh0N3MqKhK625NP7TGruAb3tkGJt4ICTA6R-Z9B4LB-bkFjLtfLYiGw-2hkape6Ti9Tyd2fu1W0Opxw1CKuZK_5_paRxpS2sQ76jz0a9rnCIO5ifkTf3cEudwVk1lMKi5N_IGbGH_uwf94XI1diw9hBjW8VjWVt2EeMpf8Rpf-Svt8b7YJXrMyWsH_7zNZTX_z_zR0m-y50Vy0rcSVhYX-WKiKdRZt5eiedgYtWeBk171TOB4NyCGlXEq4gTLsdlx_tFb62glbNUR7YUlPCRugRgFiNbXbPNeuxl8wrq8oekuf9mZ0mk3FoZsi-dmncMFldlnY0-kfRjXzY1Nys5Y0b4mCPBWzGAXe09VLku6zgBWQ0Jyy_ZBlJfxdiZ_6FRbS9xcy_D8e4XEYO0AfDB0edG32f7ODGeADJmoEizQU8oHEbuBrL_IVn6CA9FiefpFCfFOKtZKGZ1jDvvY4jY5ZHH0AbHlyeHcIAL0BwrWfxj4zvoz_G8ic8jMsYbZwjDJ2etYZVj2bsuy7EzhomTAA3MitE-ehRCXoMMc5cda86p2A_bQLBzOOFDoPM9-XuzjJUbulqp2qlSyN8T-euxIhvYQZEDdLXeC0l6bJ1If0ycGKQiimEjIp_O_Hsibi6GKb_w7z--UkXlenGOl9Tgkhg_nQbXG8dnhhEdsU_thURUbTXr-iq1VdDgKMWx29wH7crvPCA-CHdiuqDOReFSWPNHihzCQwWxeFY4gfKGLorH9e_pHev4qh9a1MuV0yuZHzVPX3u45jbNH3AJisn0jwcq47ezCBsDvq-e2V_TRsA8HVCZ3RLrKpBtzlzi-o4yTok5vfYBxvqrEDTqITaXsxTGoRoXYJ3Exkyk1bmjdNG8tziD3nb9iw8T0ujjVFSQ5Yi5nqunq-G-4JL-uVjv7Lg2BV3y1rM8STVLLY0NVamTxwmbH2SZvKpmUwMOSlkF-juTqW8pJOg9PKLcEhUKRueso2_6WnIeBaU73L7nh9HgICfAX7MLLDhhsipR_Pa5PTvBGYZpN5Kt0wxOm1FCsvlxm0cEOXXJCTJnpENwayL69e1RsrItPAac8ce8V6wCd3uFnp5pWdsJIsyItbB9dGg9kbkUV2SMF9ABydiKEHXfXwUvY2Qepzy-1oQUFV0ACKNIb_T8pvaQRYO3vKL6zxooksBVawoVqaQ9DFjO68N_IdFNQ2MimXiapXTf80BTz1uyWRVUy5iaWvCjsy8kwVaQkFPP6vM5Tnma4iY1swz1V3L9jyR-vuARMySZaqhR4qvfK0ExAJlvB3PH1LMYV_aIvtqyIlff9Vc0Jud-2mst6PWmGUEtlQhcUfxuOh13BTJsuEf9hVikWUwvw17C6uJrF5kSeQNTPjRAq8LjQfBOOvSshPtNqPzbWXT4JMVf0ndeDB7YjFnbZVnped7mzbhgIHkwd1H_DjSw-THEhZZG5rC-BjxEGppLbAiCHCGXIqhtobF8Xgn2WsObgX_fZieYT5HYcUvNXEnJF_OpWxxEZic_GXyLWFbuKszzYA6pdC6aYxC4BHY_SqNBiP-aTnxaEX8WiBiRqEs2m08yQ1xaYW0LstkAXckgOj_bHCYLZeRsJlmXHMF6wTgUvkVT-fq2nfU3s9iNMW3X_5P-c3DUwnxJlculeP-iw_6trNT43fWBfGxFXOwbt6wsGV8HJlAW1bj8W4Wlp-D7r7nI1asKUihuesZAw07ptFsP5_93T96ckR8OHEQyD-YgEZqab0KHDTqCpePU-ja1VjbKZytvpuq4CQ1U47vXO7N03yDRDZg3QiSS_WEHOFHrlxpy8tmy2Cd49F1vaInDIt6yVygpFGnqpMbDFO39mzwnPk1_UG8z3jLA4hTNSsKtmnUwQiPjnJAV22XHqz05GO-pd_qEk3eWr-solMYUTK5Xk-IzxRdrB9scd5UJJJMNfIre8fe5TTcpBMVssQmHXr9g93PNwHFrcUTgt1myttaVJjgU5g8kmOfBXeesJveZyu_Q8Edw8UY9buK5GftPpd9ecll_eSVAkS3oXd9QNhDWgVFyBYVxIFFddbj700R7--J0oJymIs1GX0I4iomIfgizVBYuDJvgvuwag9w653WUd-S6kuHh6XO5ajH6d-ERGFck8E9Zq1Tbq6ao5K-e_t7BZZockB8jjdBneXk2UD_sMDhoJ6gHxlL67mwKv5H96D7U0DyX_xa9Qp87L65fXDq52CplbtgU6MVU-OQR1izrE_Nq18qdSqhRdy55qHqONtU_D0u0RsVO2MmVVOa33q_QsblKTGdo_6M3TobMwkp5tbDbwmyTvhG50k&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=10678909258493161000&adk=3062569611&idt=89&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame DF13 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DF13 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 06:45:31 GMT

GET
DATA 200
OK truncated
/ Frame DB5E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1310b5fcceeb992ee68e19e63b640a0b8c976c84df9cfbe7c86f560cb91db33e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1874223/77019492/ Frame 8C1C 271 KB
79 KB 323ms
33ms Script
application/javascript 34.240.0.127

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1874223/77019492/skeleton.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep.com.br/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iWkJv7-snBGCNzi7lSQ-io
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.0.127 Dublin, Ireland, ASN (),
Reverse DNS: ec2-34-240-0-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 41dce01535b6b64ddd622821ba98c1a9a25ea33ca2256948943d9704e0fd1b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8C1C 111 KB
39 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 20:43:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/ Frame 8C1C 12 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2-x6liWHBCrq-DFfmObXSSHAY5SwyhIkzBhO33oP_rh6hsBVFKVbsdFAVab7Oq0tSuW5sSxe7I4qNTMryEqGoeIpdSSB5cCAgHC_jI5GtdO1Uyeqwc-otfwcY8VhWYeIYZXVFgfff92lECjQZjpJzFIRtl0lfW5HjlTPESzrgzdodiG8&dbm_d=AKAmf-AmG5omYy14TLOqNJeMdxeIRSJvvvxMoIdkK6qb5yv6sbiJjHBe0AMGacKsIp2WyeOpO6oXQtQRy6plfUYSpElSk-q9NKx6ahLD48JyLJT5_sKTlH2RZwmenwk8shfp0ABKU6_TVGG_5SCRFgEM6O8prvgJSJzbnWZnJReSeFXN2bXAiVoUgSQTWW_5Ux6HRJH8EvRCyevwOn3iu5P8ssjyqMuJDwhlPENL4igwhnN65RZGAD4K_iFg0HLK68IKd5kFsqj8p9AD880BFhl8hpFIMMdhoqin1f0OfAToRJolVlj-14TVAK_WgcBOpCOu7BWKpp0Gk1sSi_Igtl22889mYGc4TYErvUti99iC16r4_nRlkaSlI1D9yNoZr0WRvKrDV-kWrYCbmrtoq50vUDApvRFMv2xEmfWIoliGWQk-tOugMmOgFY2wbzdDZSi50RJ8Ct-a7Wj1-rR71GYgXP8PkMWGEpkLPX2d_iSOuJTWwZ2xqbXN97A2asDtHsT04p7wed0XVZWsRb51cpbhVzv4t80Mo10NO0Hbiu1_xo8h-Iy-2r886UHKWMkm92ONqW6svSNRCq2JzN8Pcgac-k0I5lKtg-fzJJ8CElDQMACk0xGUKSh1LvLT0DwDaJSceQp2l8akE3tZaGQBKPpo7fApBIT_-6eapYSktmN7TCraa3_aKZkqOWxk6q6YaNPZbs2zlI2oAmzw1l0yQxzPIqXaM9mHVw624v2it0xUvtdJk4ItzhHz0cfE_yUh_Kx4-884DxYuq1cPnZXijytF0gYzraSPH4aSiYnl-niSXyN0cLtGuArkI1BG0kTlycj21AQRPHFAZbjvDJ3PMRuJbKWOWHH9UzeDYLkm5B_Q7u1Cghqt9YqkWsUBvZV_rw3sJ4zAd1QcOQBu-qgjVysEMzfIycCtaW4igKMzZ-fnz9SFTpnkC2nMOR1XFSrXfnclVmaUtcs0bm7EYtNXSu23JhbcPQu2tTtcivKUX1J7NZ82V9gi_7K8QdChtVhHpNYwyPvKlH50mpNlwPvzg8w8RS1tvuTvr52NnZoB8oPszzw9fxKUjb2X3x2SwePMzT61VCtlo5liGQO-GIHnKWOY-D_1xLHIiSMZDf_DbmpQ9dRgTFDotv1GZQk6r83EqZfRl6lEVU6FJt_BdaINpuXejS4fSG5KFE4WgQ88eezdz_AnpWQTwrJv8ip_VPuSWeNt79YSmLrY5UohQShuILvP8a_lvmgJgVEI1iFH-rcoT5zeABBCcLl6yUH3BCwbicttV4zyxlaR2qD3dsk0fzmQUsks20mtUnO-XaJKBG7w3y27HDfjVHVHmRP1QaKTfTQgykquJqyfEix5dQxvvu2uuE7xnQ2t8gs3D-iM15iponwQFRSipCGd9JSZPNjurHziAgOKNip53svqiiiyyF6eRX0mAPoJPFmN2aBpHXAmNWps9zEvUUJnAimA-vdHfz2gsn5l8ES1_9ZuW5e62lnjebZSCI_PISgKhy4JsRUhStUVlPa8TmfkoMP6C2Pk0ahuBhVBFxtOk86VFa7Paa7lGAEBNG8Qz1nW_LiYpv0VXN0Gq030qETbkBIUyDra3fiSgYRWDVLJU3Xasze9e6mU8wk2WgwuBLzH-jKTTd7sWXlGlALAKudU5iPWC5ZFO4E2hftzlmokHREvzKGELOKQDTyWWej5L_1Nc7MWdSg9UxB8zNkvrDlw9W_qDpkaNvdIOhn4bfFG1lf1us0AP0F7H-FXikOUrO2xh3EA2vE5hiEmZ4It9SuN8_vet7P6VF8LlBVNmmX5_3s7mMd6uP1zuESuJ6odbjru0rkAKuPPSttwCznjcTL0YJ3s3VKmkKUO_mDOlzjjrO0DxcfM0QRxs-IKISuByEJ00Yo7h0aFPCwqQ1aiqcUTmqCAwZ6T27aPeQqPLND3a4h2xrHIW6g8N77kUE_O4JAlyvnZn-Cx7ZgBKriL2W-HU_fsDZhqVaNDmrZa2NmGMGGfqq7q2eGuDPFtayeCfo9sntZkaw3phfmIWj9neQFWzXZwfZ-LKxjJerLpZVoSuM_gMPfzpncNUmKAs-DyqWyU19tOqMIm_acLPQNWWLH7X-OoGgkMJ5_I4csUTiirPpLGX2Wsb4GYlzQJ-ti6GWp2tybkcI9TQ_-C7-vBD_OxJcvKxkvZIi-e3agzQEvWfhoUXDqg1LzVhM5n41xaDmfMGmkoHwN_0d2yfk4nx9t4ZBQ-ZKy7bRnFoKwcdREaRFNUcdlxRkHGDwJ7gcvvdTNN-g0HEU_r56z4fSIo_8oSbEyKtKJunat4oMWAJZkuv9Sx1xD_fHjRil15dgtXR1Z7ndQmYP1JMhHMj3AsK0nq2Cz9t-C4YjoCguBJ3mLVkQZzpOS5g0m3ZizviYN9-udpnhZbW_UWr0wUFFiAjTVsGkYRGeRLiMW1qPEceeJ0wWeNzhqzWdHdNmwaAy21-QOb_3tmbRJorwWfPDaVD8bCjwNyrHIVW-W0ELRpknx3GH9OiBKkIbgUshTJp2ffgeX2iaNx7i-jAAAisCgAu13oRokzBUBKau9DH_0JfdstZjtnm6V0y7odoV2StJBlD52p5h1O4oihMiW0baHa8KgqHBm7yn0fc-bj8RFbru8tOEVhdZ3B72vn0Y0fkCo1fkqBGlpZYoCWmYtEQpAcLv_LLx8asnb5eNTSbncDZuxTZhSlMUS1ZChH6AbWEVkNgXjdbI1j5ibnKNhUnzIQRoE-lxa238qnFLTMUOsocSYZ943-xgDimJi1oJ_DoqLi56tXDn8GEldZDUpJXM9DVWWZbIgeOmodBGwF1kVIND781sOW9F5427e_DcFspuf_QPmvVaBEV-jvfZ6u53QziuPtI-ImNyggndjNuoMifYzar9a3_cH2FgSCVtgUx1tITbmBc_JhUWx2P-lnTnkz3xgQF9M_svqYp_5ybbZGpVR79Cf07xkyEaqEjXP-koSE-e_c-10pqnLyL0Rm1MEbzKmMU01XRJ2DKir5B4G8MPPUcc8P5qUR3XZFUGTcKpworjCSe8w7ywHS7jLzCWVN7p26rFcyW2VyQYdwx8uoSH51dYTrIB9OlJ_Rc0i1d_N_zIqbeXB4r-NHtNaDlPM84IBmH2GhjCMW8qKWzgbhnbP2abUhYeTEMPe4ja6FzetkmtWAVrpZvAVHxb_5gQuMNOL9ALAnS9a7wefaXvAvQYP-5JiovAz7xfV7PNP14xGOxxjMFQsXkgOPh7cPZn4Dp8Xc1ZtqvWdmol9BlJITyN84bGdO9KXUrjUdBvOMVyQLoaxDC8S8kKSnWrKRxYMT8igWCTMp5gDqlXVLIWaz5KMQhczgRYUAHVKhtOmLyzX8TS2KbLVPisl-jHrOOLOqZFzC_AFDMLiEGbUR8_KEoGzUpvOt9X5PLl-8phYnYS3Xioacstqg8yb5Y9OnvIQwYY8uf0BSxydinmGqRIBWIhQwZ-k3QzRCxC01DjUctjqTL_ztFOUJHeKdcY2JT0npFuqa8Ek2lDvtC1H-IQFNk7WksbynEJsxBgxP-4nojra6quuJ2_bNjlgiaBqUkZwCTMlivpIdDXDSi_eWZ2WbDu-R7tYTvPoB-LLLeqEml3ABUtDscf6Rn6nww9Q3GSvebBQ0vDfVDLy2LVlRTku28O9h_Ge5ooQrdFRbW55ZN9j-p2nb0S1k_sLkiudvnMsASTw&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.geradordecep.com.br%2F&ds=l&xdt=1&iif=1&cor=2445104663725784600&adk=1935140219&idt=72&cac=0&dtd=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:27 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame 8C1C 30 KB
11 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:26:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C1C 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 06:45:31 GMT

GET
DATA 200
OK truncated
/ Frame 8C1C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 078e0985ea6818ca64ade8a892872cc2b3b82c8e51c6c5f28738ea60ef3c1af0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame DB5E 33 KB
34 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:54:54 GMT
x-content-type-options: nosniff
age: 225067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 04:54:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame DBD4 23 KB
9 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&adk=3232283153&adf=805528431&pi=t.aa~a.4027807430~i.5~rp.4&w=1092&fwrn=4&fwrnh=100&lmt=1708111561&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3144298019&ad_type=text_image&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rh=200&rw=1092&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561449&bpp=1&bdt=1107&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280&nras=2&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:21:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:21:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DBD4 9 KB
773 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 19:02:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame DBD4 15 KB
3 KB 43ms
7ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 13:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194355
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:26:47 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/ Frame DBD4 379 KB
132 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134674
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 11:56:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 17:34:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame DBD4 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 13:58:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 13:58:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBD4 0
0 19ms
17ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAoLs-gD__i_-n6EBbfET-sTlso_qu0KTqXkSuZOhq3tILgYicb6EkeRoo1ktT9TAi6an8xNSIBQtby8H2T64Oyemv3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&adk=3232283153&adf=805528431&pi=t.aa~a.4027807430~i.5~rp.4&w=1092&fwrn=4&fwrnh=100&lmt=1708111561&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3144298019&ad_type=text_image&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rh=200&rw=1092&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561449&bpp=1&bdt=1107&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280&nras=2&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 70D6 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 295771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:16:31 GMT
expires: Wed, 12 Feb 2025 09:16:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/678068588499727466/ Frame 0F1E 7 KB
2 KB 26ms
8ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dec06becfd5dff9e5109678d08ed0b6e4c3aba816aeb2fef00cbfae1ecf63ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 228333
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2309
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 04:00:29 GMT
expires: Thu, 13 Feb 2025 04:00:29 GMT
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6696 0
0 81ms
43ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtEVtia1EY65IZPtc8SBF8M2SsXdfuyKqZClndqaUpB0w_AcgQJy5x6iks5xPeO2X51miHCjG7j-tzqOoJrfwlnMKSJHUbmoln1Hpkarj2_mdBv-VtaK0PCTYeO6xtuAaQxf0ByKUjiU3va5jJmDnIo_kNSC70fyQXzEX_m_PXldTVKgCAjgz0YSsbJEHSqutrxUduwjYQ9vssli2XnispErkK18n3VHgy-DCFIqu2ySVlRtlWJd1fO08kj0sVmd1ESa3womDlRxtLz5U9KH9nDPPJf6l2HjuvD1lIJEFoA_UhsDsBXVfLAOEeXQX1GCb5hmN-qaEcIaE3S8vQ3PXa8umMpoz2_eylyVpHlpcYaJAebwLlkPEI3vhzNOtMQ3WDqkAM74d5DMBuU4MiXWffac0RI5XT7d_nokulH3AIl_CkaM5w2Wb3uElIZD7zrguhXBMvA4qJZaB6kjatfz30IgIxmdhoautXQSVBgGmar1VW1ORE1nByjNNsQy02nI94qFiemQY0xTDl3U2rLCmwQrmawj4iu9Lcc01ItpuXyZrEKr5x8PP6JN1Hxay5GJ5xAPbt1-M8yJz8-IU57eZvVjoUAZ5uK_Wv_ZzTanY_Y1SlvV24y4qGH9-EY71t4uPGcCjuNoexcXPVkqbF7OSMuRPvKhQqqMEGwkkzNjZSo24DlXvwjYfZFzawlPJ18YXgCUhUVsuG6hOmrxFXqqyqEP0AIWI6KYuJbuGaJ0XWHS_O5By3t2Pvqft9mNVRu6qmze17iWoXyUAZM_UWH4wo8Ir8JBzPwqejAZkn8ejs-DyGz-SE_LIdn3luRN3oLC0v_kpLJA4AsIeFNHDkfSmprlHG3w3EV_zUnjaLU7WiidIB4of2DcgP0m0kSVUw6Zp0n_LWaMnT7-1FWLpRZWv7VKjQ-uN7E8rvsbZkOK3y39Q9juYGz2oIY1OymNFQjOw6Oe2qdaA7QpRvsv5drabR5OyJOyDCcSW6SsyGtQNiUJVtMzNfMpC20qmRkfvvd2qlZwgHXeQ3Gdz72V3X4SN9Z_qcJ7DXQNphPLeoVZ3V2MiewGEmdadPEXHSQx_i5NruAD_Yl78P1Ogo55RE4ve-hg5fPzNQQd4-Y-dhOEtQiEdyiAaHYdHOAEATrROdg7ZUI4NevsP2WzBpxdcqgvul5iVC1I8CeDuzsWUhEy5ewzth9vyQ_MKAUqD9K452D4iDkY0IC2MoG1PyZnjVxhMf-0MdXfh_yewPeKmP9YA8f_5IGUM7fPxhhIOJtQdiOfzqh_2AqhuM8uQHjL7ltV04cmk28ZNG8zdX6VqKKT-Q4Ck4eBCmRF38wOJp6iOVCQxIPy7-mlQgAp_zaPTmTTr59YVz--uotpzGlsoD&sai=AMfl-YQe_juUZNmEgPYbytBxb5aX0c8daTpyM-AxaeOAyeyzSi2KIOo1qnd4KNITyZFHm7r_fabFt6llbPITmeN-DWvqc4EybEqGzAlFlIaA4Fs8trMP4yOvxPFNTQ4TqrtguPrg09bE18SzXGxr9dGsMQM2U9OEL_y0sQyU-LyzIrTA1hK__pVaTwrKJqQ_NE81N-z7JOvtU05VolSOUA7JW0i_JDxf0O3Yt2FpBYW8q7knjPu_i1uTt8-zp17Cq7S6Vmtn3IaTfU-LQWdd_Ic6oNlTtx0ZMwm7fWdS1g&sig=Cg0ArKJSzPpKTflSqqaiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=289&cbvp=1&cstd=286&cisv=r20240214.09505&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DB5E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CnUAKyLbPZcqyMomUid4PnoaDmALygK6vdIbinfGDEmQQASCSsKFoYJXikIKgB6ABiIq_jSnIAQmoAwHIA8sEqgTlAU_QxmRHjF30lGW-_TnswfCTSE7FIdXKMg-CzGNIBe6D4eRP1TUKufd...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216848757676451162752%22,%22debug_reporting%22:true,%22destination%22:%22https://signatureprodesign.com%22,%22event_report_...

0
0

54ms
39ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216848757676451162752%22,%22debug_reporting%22:true,%22destination%22:%22https://signatureprodesign.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211034150152%22],%2222%22:[%22true%22],%224%22:[%2202-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22854416575403095025%22}&andc=true

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16848757676451162752","debug_reporting":true,"destination":"https://signatureprodesign.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11034150152"],"22":["true"],"4":["02-16"],"6":["true"]},"priority":"500","source_event_id":"854416575403095025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 19:26:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16848757676451162752","debug_reporting":true,"destination":"https://signatureprodesign.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11034150152"],"22":["true"],"4":["02-16"],"6":["true"]},"priority":"500","source_event_id":"854416575403095025"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/678068588499727466/ Frame 43F4 7 KB
2 KB 9ms
8ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dec06becfd5dff9e5109678d08ed0b6e4c3aba816aeb2fef00cbfae1ecf63ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 228333
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2309
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 04:00:29 GMT
expires: Thu, 13 Feb 2025 04:00:29 GMT
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF13 0
0 52ms
51ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhuT4AT6hvghp_6QqoJeMzIVsFMN6-6L-J6n2RK1Ov179vwLGAjYRICXtbQAPIXDihGFlMZFeUuwxYV1Jk8bOErTGkLq7l52Q6jWnDo19eMB4SHCa0aSmghuw4OyQ0nI9PK22oJpLIkkPBiWdUPs3HJn71i7XPanNrBU4VwQQ8RK34xTByhtRP-ENQhi7szvOWwYVZ0mLYCLihaFSgEPAhHIHJD9g_uX46m0TvNioVZ8GgN2bnxfMXQECNFWFMqPnMj7JCQPWiTxyXLby3jamxpFtA3EaHpS5znXOjeBE5BfAkQLKXGB8-HwRKig2T4soINQ7GQQ-nVrYLtIOk2yWhZUVFvpcYucAiWhviHr2S-fWjvinvW6GanClGZDmDMAE4eaW8RH_PL3oNcggwkM6wKmKcfRiphVEwesF__1-ru6_mqJqtsX1DD0G01IFermfh6_at0bCFRgk_GLkljhDri633q-rLGfHZRYNqBFvHCi1hnoCSxq96-gxDG9amEI030j3lHMf0QzoFUlZNdvrCH5_tf6VkJ8Ae8cUfaD_J2QPrIw3qgH7rYe1gLF-4lI0mYGq-Kk1lvKduCDhM6Zyqmf0oReaAqJA9Xgb8QuAGKJJXqpk2XyJAWwUKIl-z-_F8dxPFM5_j97NmGKMsB9-tNE9_prb9ik_CAQ8Jc7Zig_-CnPDoE8BFKaVRr4HjRI733p_Crvncse0R06hOoeORy7xbeajTxeiygx0Ag6PSwXcbcorFGdhSmvRUc0ZiNXsju5Eiggj0ZqF5HREurQkXZxOk2A1RBAIeZZ8BaGzO1ge__2q-CfSg0aTYU3KK-OFyLwjuw81l5V-8voatTfVQM2qdSKA_DM_jhe25rMmUSU4XGH48nhKXvLWEsaDwNyo-vj9jCGCLPlw1so0Ooh-ODCdWQfLoUtLlwne8NNEpvhcuzFjq_bxNxlNGKnYibWlR3yb4HYTOsizMph7py5zxoQZiERzxZeBfhSDH34Rc0KeLFtds4tXukqrXTimkkHhGmWjhgnOaiQtEEuJoXNUnIs44R24MwVz79C2uHKFLoe_EAm6RenAfhW_HQ5X5sdKTSQzP8tvIKBVL7mHvCiGmyaXO-ndB_Yx9YlCiTOnHNS3Ollw-jA4RdVGu-t_4eiARB3brBVdCNBeABx3z8qgjhPN_aLRW8VwL_1m0JC_Z5aky0MHPpUV0YNdUwwfNarYVb3hi0l6DzFA2hsXFTvV9YfFDryZRxIDs_BSAsZgWKfqWkagc9fH38gnb1BAxp90DYDsf5iBKoSvKyRxIpH25h8UkiCxh111veQ03_K_Dha76Wm2ZGpzTejnKe8qHabHSYOIi5LDz5z63V_baT6CJtbtT_Ft-9vVEQGf5&sai=AMfl-YT6mL7k3epqzxMoa5SiXCifXnEi6AFQLJMs83cR4SPjt_BwRiyb_KtLpNVGEyEJNkCWbL68uhQ9mPuohc-mr4Y7eGZjd_uoZrMIRbqjkpiTqivJVfvF8Wc2Paj4lz7FiXSoc5Id7qrQV1O6PGWdrDzTcIXJzTf0LO0sZF5VCQZPDxqmLmcBYv-18r173upRmb94etCIXZOyWtUeUTnd9a9y5XcnKshAReM3RcpNNWpCIW43OMhSKdeTf1YX7W3gt4mwqKKIEj8cLjxzSuej9oy0niNcnGek8Eq6sw&sig=Cg0ArKJSzNY8KLO0ni3LEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=321&cbvp=1&cstd=319&cisv=r20240214.61565&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 88BC 38 KB
13 KB 9ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 295771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:16:31 GMT
expires: Wed, 12 Feb 2025 09:16:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 0359 51 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 20:38:21 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/678068588499727466/css/ Frame 0F1E 5 KB
2 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:49:55 GMT
date: Tue, 13 Feb 2024 08:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0F1E 70 KB
25 KB 63ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8591510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zttw9TVhekhQe7ponAa%2BI1jGfQCMaPwuDUrMcRhPEsAG%2FZtHY9QOP9JBQGApA8ArTGvQvHZqNNBHbzyOeBDrYIB9%2BUASrdJNSa2%2Fasn%2BwjunT1XDDMMGL8HE6VxJxNw14I9bSoP9EPdYOjIjoQ%2Bl1TBD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0f9ca09b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0F1E 7 KB
4 KB 58ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5629384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43bnAOlPgA%2B94IQrOjSmZ5A2DNao9x%2B7y4OIryAM%2Fc3kDktUbz4urzWiCOnqMd3Zr7yZ7aixU8k239ehhY0evDYPP2piUMWrTwj39FDmzpNTwK3Jo3RC542iyPeD%2Bb5gXoms%2B6yD91IXbybzsz9b7bDD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0f9ca49b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:11:58 GMT
date: Tue, 13 Feb 2024 09:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 2 KB
801 B 12ms
11ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 00:53:36 GMT
date: Tue, 13 Feb 2024 00:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 13 KB
4 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:47:45 GMT
date: Tue, 13 Feb 2024 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 31 KB
31 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 15:14:11 GMT
date: Tue, 13 Feb 2024 15:14:11 GMT
x-content-type-options: nosniff
age: 274311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 21 KB
21 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 06:17:29 GMT
date: Wed, 14 Feb 2024 06:17:29 GMT
x-content-type-options: nosniff
age: 220113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 25 KB
25 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 19:57:49 GMT
date: Tue, 13 Feb 2024 19:57:49 GMT
x-content-type-options: nosniff
age: 257293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 30 KB
30 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:01:58 GMT
date: Thu, 15 Feb 2024 18:01:58 GMT
x-content-type-options: nosniff
age: 91444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 0F1E 192 B
202 B 12ms
12ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:37 GMT
date: Tue, 13 Feb 2024 09:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/678068588499727466/script/ Frame 0F1E 4 KB
974 B 28ms
27ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:36 GMT
date: Tue, 13 Feb 2024 09:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10479265507807087626/ Frame 4EE2 8 KB
2 KB 19ms
12ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2218f4accb7ba3b0d1bd3eb3dc3c41b50816d3970ff6e2cf558e2c44bb3fabdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 225008
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2338
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 04:55:54 GMT
expires: Thu, 13 Feb 2025 04:55:54 GMT
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C1C 0
0 60ms
59ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSfMymw3R-F3dykhvLZhC2-TuXoVkWn3tsUBv80M6zRebAVXXkzIVyhf6E8mZzNpvsgPdpQisjC9GWoJCyVIw0133dI2dFJlBvZ1_2g6rJGnuL7ZuEe5oDC3D5lJuLq5dxJ0pCX0ytzoBrQem3Ud_p0IGMZjb7dWTVOeX_cDysdN5Ghknb4_pIkUyBlXSzzSmYec9J6QyGiSxu3UblAL3mvS0TQ9CcIXYnhJYyWglHR4xDbmej8fZlvVlR9nmvUUA_qBQlF6X1Os5p5NniBaftsRMQhoCUk0-QsAMXas3bpFoyecslrahUWqEOx5Nd_3tjmahoIp17eVgd6Dh0xhQfeDNy5Fq2XeZxPc5C9UhM08QPyzr_wmqhHp925ZXHdfBeVAGNM6b_i_UWe0M8eAOvjpelOuKJ4-kvbL6EI-HMHgG3thypxYLpL0kAouN4hPibwmSbme5kaLy8Jh_L-ndGC7QftcHlMoXbsS2tJD7TQIH0hH4dWlzxz6S77hS9Qsl5LHOhSMaqUAJvngSf44cj8hV_0KsksCCxRorDwO99ilCg06j748uLEeroXMMY0gLejAs1Lx8VLRkUoIlBMBJZHdYuC8kUxW3KyQMcGxUtGX_GK5yxtBh4oLjxJUC2H7TkaMUJMwoe3VNqXwdYm6vruonctSV1dpqCgNXdHjgzUSvQlazURUV7h_0C2I-SutSUUGM1qkyDqOG2UT43hkaKEWEIzvbwK4v1QsQrfFJRdAp8uU4HXZXAKMz_uQgSRevHHCh7OgNq9ulxJii8XQNnyD1a4QNEADYa5WkK7oj5Hlmt-paVJQ9-Y2vRMBk4LELwc4I7d44yAjlTqCT5BE2OPslRHFacvApbi7DKPXGSGVBI0UfQr8yG0fAcYr9fBs5UGzb6KCAk4UJswU15cuA3eI9FPj76HBBS5amaClzhwB7mV72SUDj7-qepTMUHPBR-ZALrXWDXI3BeXu5eKBlnQx1Lhw94F-Atty0E0DCgB2jqNc6v0BVgpzAllPRfsoVmpAFcZKBSHz9DNKuuwNTFjL7e3x6xowPQzVxb1znTuB6a_XxCt30i2wu4l8tMqpx5P1yOGLHOZxhzD7JN6ByM4lw20oDc4GR5IGwLgXDM0IamjMvy5yZ_dhxItFg1k3KGG04JRU3UybOhgjN-LCvTGAxl3uSenq3Vuby576FAhDKvZ0s1BLZV_wKJNENRjleyITt4CyP0Q6dpDC4-l19gYGSAX7H7oB1n5ePTI0bd_TzTiA5VUchlRwREA0nFJCCmBetq4KN38HPx_jZZlDkFZ2GQtYjTwww9mjat3DG8WE77MJwRxOM0IlcyzjODVMsc2QApQj3CH8amR03Xia0_RO9gzxi2G7R5vcNgUQ&sai=AMfl-YTMnJwFxl810A5tn4ULBPBktxMzQlvWIqL2E3cXjFMRSVTJVZW9kJF62lmHZoJxQ9d_iKjwxpUipjoCrwreQBjJPrp_kNsZRAelKwhnIFt4jlGMigiyNNszr45Nb2d-k9z4smenQjuGv8V2b6cYb9S72CdcgBecpujeX_WkYUWFRwyrxuyo4QB998rxCX_Ebmr8k4DwmayrqvYX9jpY3hyc_PdR7EEnzy5_k4jwVC9ZzIugV2Sthzc3SPZl4NtCAjPj5QAkKXiRR3flAywymFbqbOTSsHjJKibMvQ&sig=Cg0ArKJSzK1yZK1RsFGSEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=256&cisv=r20240214.66173&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 69B4 38 KB
13 KB 14ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 295771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Feb 2024 09:16:31 GMT
expires: Wed, 12 Feb 2025 09:16:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/678068588499727466/css/ Frame 43F4 5 KB
2 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:49:55 GMT
date: Tue, 13 Feb 2024 08:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 43F4 70 KB
25 KB 62ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8591510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDSmtRp2hW2tZrYk093en0QRZDJSbEr20sFjy7%2FfHQM5sNkRXTpg%2BQVQwCM01n8%2Fc8Jxjn5pNTn10nJAQ3HZva406%2BF2VQ1qe7gESnLAvxk4ouGrxikWJ%2F4xY0PrtbI7Ar%2FuyyQ57aGNE%2BT3hDCaKFgU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0fccfc9b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 43F4 7 KB
4 KB 45ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5629384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfOZLtbp4Khooj70FNfeBL91WumVtRBlCxOOJf7AfwiVPzmDdVRzhLKlEGSFXlYmNVtmBYeNK8skc99cJ%2BlwhGPVQqXg2YKtfHulsqxqErt2sXrTc5W1F9EIG7Y%2FL8RGoEwKspBzeW59W49D3MdMg209"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0fcd009b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 2 KB
1 KB 34ms
22ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:11:58 GMT
date: Tue, 13 Feb 2024 09:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 2 KB
801 B 35ms
23ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 00:53:36 GMT
date: Tue, 13 Feb 2024 00:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325946
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 13 KB
4 KB 26ms
20ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:47:45 GMT
date: Tue, 13 Feb 2024 08:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297497
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 31 KB
31 KB 27ms
21ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 15:14:11 GMT
date: Tue, 13 Feb 2024 15:14:11 GMT
x-content-type-options: nosniff
age: 274311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 21 KB
21 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 13 Feb 2025 06:17:29 GMT
date: Wed, 14 Feb 2024 06:17:29 GMT
x-content-type-options: nosniff
age: 220113
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 25 KB
25 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 19:57:49 GMT
date: Tue, 13 Feb 2024 19:57:49 GMT
x-content-type-options: nosniff
age: 257293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 30 KB
30 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:01:58 GMT
date: Thu, 15 Feb 2024 18:01:58 GMT
x-content-type-options: nosniff
age: 91444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/678068588499727466/assets/ Frame 43F4 192 B
202 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:37 GMT
date: Tue, 13 Feb 2024 09:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/678068588499727466/script/ Frame 43F4 4 KB
974 B 11ms
11ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/678068588499727466/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/678068588499727466/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:36 GMT
date: Tue, 13 Feb 2024 09:07:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
36ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 16 Feb 2024 19:26:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/10479265507807087626/css/ Frame 4EE2 6 KB
2 KB 33ms
18ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 17:35:18 GMT
date: Thu, 15 Feb 2024 17:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93044
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 4EE2 70 KB
25 KB 37ms
19ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8591510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KR8xzjfngQRhlFLHtmbkWEAAtnc2URcS2cLQ1hmBRsFKuUQk5x%2FiEIivKqBLnH9RC2TCxQbI7FSQMIqQGrG2GY1YYLPC7YYOmo3m8bLo%2Bi2ge7fEJxsp%2B%2BCIIYkhGKqRqziONkbbQ3Yps%2BwnDnsZHfiQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0fed4d9b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 4EE2 7 KB
4 KB 190ms
172ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5629384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlF1L0R%2FVNcFuJhnYSIuBxrzulUiC6MUnAmNfJbdWsh%2FbeA%2FriGd3JMaYwNBhWyhQfswrk6R3ARAW4rUmjEv3XDKw9VdNDUaHZ8hc7qhIzfcp2nvflX6ezLhIdlBr8xIr2Awb9gtlrG7aBNt%2FI3iJ1Ku"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85682e0fed4e9b82-FRA
expires: Wed, 05 Feb 2025 19:26:02 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 2 KB
1 KB 34ms
19ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:49 GMT
date: Tue, 13 Feb 2024 09:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 2 KB
801 B 33ms
18ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 23:54:28 GMT
date: Tue, 13 Feb 2024 23:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 429 B
351 B 13ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 00:20:31 GMT
date: Thu, 15 Feb 2024 00:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 25 KB
8 KB 14ms
14ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:55:49 GMT
date: Tue, 13 Feb 2024 08:55:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 33 KB
33 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 20:51:13 GMT
date: Mon, 12 Feb 2024 20:51:13 GMT
x-content-type-options: nosniff
age: 340489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33567
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 33 KB
33 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:56:24 GMT
date: Tue, 13 Feb 2024 08:56:24 GMT
x-content-type-options: nosniff
age: 296978
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33601
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 25 KB
25 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:49:21 GMT
date: Tue, 13 Feb 2024 08:49:21 GMT
x-content-type-options: nosniff
age: 297401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25911
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 9 KB
9 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:13:16 GMT
date: Tue, 13 Feb 2024 09:13:16 GMT
x-content-type-options: nosniff
age: 295966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8971
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5-min.jpg
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 12 KB
12 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/5-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 08:52:38 GMT
date: Tue, 13 Feb 2024 08:52:38 GMT
x-content-type-options: nosniff
age: 297204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/10479265507807087626/script/ Frame 4EE2 4 KB
969 B 14ms
12ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 11 Feb 2025 22:07:22 GMT
date: Mon, 12 Feb 2024 22:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 930
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H2 204 csi
csi.gstatic.com/ Frame DBD4 0
234 B 396ms
116ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsp1isi3&c=8786896510248&slotId=4393448255124&qqid=CMD59rbLsIQDFf9TwgUdlGgCJg&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DBD4 15 KB
16 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:49:41 GMT
x-content-type-options: nosniff
age: 297381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:49:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DBD4 15 KB
15 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options: nosniff
age: 297272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:51:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBD4 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CphgeybbPZYDxJP-nid4PlNGJsALzieHnddfZ_eL8EYmTvO30LxABIJKwoWhgleKQgqAHoAGp_-XGAcgBBagDAcgDmwSqBIQCT9CEQhj7_5y16KSfpAgdT_VRX7mvbehiw4vme-cXTSa4WGb1PgnLuORerug2XkgZd4Dk1lXRVsGQrTG7J4JRyK0K9vdPtkgkBgksCQuRxU7SMEAEgib4Besbb0usmVAZkbkofUPKwhfu87cPXMBdP2gyvknzzErzIFWkVNlZsJtx2zz7To3cojdYQ9KgX_-sFka6LkdWJ_Y2s9IHgCqcGvY34skKnojqd4Er3yswSJpLmVOdbPRA26hEhSGEE24gePlTFRjMrPDU7wilT-oYNrzFRk-XNR8ihbPkZxlynvVUuMBekzmL_zTRG4lPW4Sr6O0PdRCyYq_hM0CmQGMvVwJXInTABOmP8u2gBOAEA4gFx7OHsUiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WKzQ7rbLsIQDgAoBmAsByAsBgAwBqg0CREWwE-OQ1hbYEw2IFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1708111562213&ai=CphgeybbPZYDxJP-nid4PlNGJsALzieHnddfZ_eL8EYmTvO30LxABIJKwoWhgleKQgqAHoAGp_-XGAcgBBagDAcgDmwSqBIQCT9CEQhj7_5y16KSfpAgdT_VRX7mvbehiw4vme-cXTSa4WGb1PgnLuORerug2XkgZd4Dk1lXRVsGQrTG7J4JRyK0K9vdPtkgkBgksCQuRxU7SMEAEgib4Besbb0usmVAZkbkofUPKwhfu87cPXMBdP2gyvknzzErzIFWkVNlZsJtx2zz7To3cojdYQ9KgX_-sFka6LkdWJ_Y2s9IHgCqcGvY34skKnojqd4Er3yswSJpLmVOdbPRA26hEhSGEE24gePlTFRjMrPDU7wilT-oYNrzFRk-XNR8ihbPkZxlynvVUuMBekzmL_zTRG4lPW4Sr6O0PdRCyYq_hM0CmQGMvVwJXInTABOmP8u2gBOAEA4gFx7OHsUiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH4L2xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WKzQ7rbLsIQDgAoBmAsByAsBgAwBqg0CREWwE-OQ1hbYEw2IFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DBD4 0
45 B 391ms
117ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsp1isiu&c=8786896510248&slotId=4393448255124&qqid=CMD59rbLsIQDFf9TwgUdlGgCJg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.lf&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DBD4 31 KB
18 KB 113ms
47ms XHR
text/xml 142.251.168.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CLtD3zrNGvtn9rASF8LxZ4JlVoJ06VSgTg0YqlqzHuVTHAV3YRJRPz9lHdPPwwGcPoHq7xga9jni_SUBgyP5WbExuTEg&cry=1&dbm_d=AKAmf-DBNf2okxoHIuTaw3P-AEZT29vVUVn2-qOMGWMDSohUcRiE5ABYns4xnSopkc0EHw6kEqHOEMQmQC_8coRT7lcM_A_h7UHvE_udMjYDZs6u_RaZ2crdla5R4ZYWWqpJ_1jgKYTfe9ODwK875qDeZ3IrUKL7O3Dr3lztsLiBnPNxITHW2vVjE5bjhY5wa3-MsVh8iIsb_r7gqS1v7yB6toU7wsVi1p2b4xp-nDFvaqkzuTeXTlHh4HOVuoaeuqNS_GSoj5wNFnlUEh2n9QdeF-adGGN6_KcyeG5Gc1Ye_q4zwb_WWFjETNm0O_blcUbvkPKMnkeMv5kia-mR6EVB8JoJX6bMqqFQd-qJqvWZgaRn7wcaRSBAE8lexekT8Gbhc85DC5LQAjurjf5E9vLDdv11RYo45ZWxvQG1hE2Nu4ZhWrzm1n2One0AmIZflqboVhdq8_7_7gMhlb83bskhCCFP1nunrO-P3yMaXPBRJ2qbbDw4gDGJz3f9jmIRS00fC4AeZdwPsb60uh3xqis4om-i8dJEyGEJEO-3v7Ul8EptYbO8Z4AuUO0demEfh77x3tS0xxI49LDbAQDKbxqWH7DlZbEUN_rc-KtTcEKG7YnOmi6lac3CExrycurm4ZML1ca3M4JL58BDP6fPEYtGrWq2LKsbb3OBJyunTn3TQ0EGR2v2fxnlM7NxWsNPrNbN9bQHC57OptBXQOnvaFBL7t-PD_SC9klkibyqzYlO3bWsRvvkgIpG7_oj3MrdrFfQr0g3970lnnA60-XhLfd1U8lVZbMFc6Tr1vzfTiCL8fYC_MBWSDXaOV6Kk_JUpq6Mz7ghEkx3bbXKRKzdye_8f70r4-IGPKHJRhrO0Y9m_r96eaw7TPp_TthGSmLc3rbAv7L6ECHoM5jGNw-Ay14Zhk3O9M3Phg58WE6SWEEYqi4h7fu6MZSChKZiwiuvVKPu1omtLl6nJm4xDb-_BG8e3yEWaEXSCvKpC3s7LDy-kGL2DDyJ1ddwrQ3Pbz2aI84QXHgvIdHpzwpwsCWH25grcDqE_ksy3SxFtmLsEdtZjlEkckPi-NbL_pebAIySsOfv83lzgiwW5yiTsdlNVSqDkJcJEi31YPR1aQnXav3Rbwz3svYHOYfLlmz_VZr37Orr4iLVQxcfsdUc62Js6H-XmHsDK28HujniQiPZgEaAZ5FT83s6Vo-WNHuZhkizC7tfJSomK0KGig22Hv3lcNekK2wNGVGgBjj6Hdby1nAtmPjHhTIhMjyc8Bp6ig2ADTbCX-uCd_Az55iKJr8SMPCz4j_NyQadLfouM8pBzBouoF6O3AiyPTET-syT6Scgni8PqG2Twub7HY3ct-iHjF2jyIDe4XiQt3DYH_ZSj-z1WOhdOH7b3gcXp3CFCtIfXD9aXOn9Wn-JR4y-NeJ5qRMLPre5k43rt_bLI1rYzeW7AKTPrurPqiDfE18wOZW-yLkliRZkWlkiGBBeQIESuDNEfL--Sh9IRFNGDomQAB7HoC0zRPaY38HG0i0sOnV09xFwWddAYXube5xkItBR7BA4FnldONNg6Aw2mWGjqpu-B9yBc8YL_KAnipLa4xCOAdfN0xBH-Z2TseEW4yiTf_kMpybUP_n0ehXVksbsvwqyYd2c0yiTe611LAJlA6swWrxHBo7UmNB1Pf6qjUYzDmDuLo70GE6Lw3UkXX3S7LOcWD8TTGuVJskpmWsmzVR78N96YIpJtWWK-nD_MVfGnqGN_LLjpFXH4LZCa9bjufyk9MjwOF2cKR9PzbE7-NZBd4teljJUW8O9ciLzEPCA7ncVXzBDeS56oSW7eMVyZrVsQ3T9LIDujpZcmQP4KVscN0KcjnKHCF3ktKl0pmdf2tQJxqcITX50z6OYvDSB21cfuZwOMjbuIE30ZcK3Wa7BMl-VqFwCOt-bam5WOsEQn2B6OkePq4q5VF3UDCBmZOJZdqWutnEik-KO037aVIU89fFpPc6w7WK0pOledor9IxvVNjiAsAn6qeYeskSBK52bupf2llwkOlIJAJYLCkqVjyvqhyVxWFEHQF4KDDMNCOUZkI3woqfL1dbCCh5-v05zPbUP3_E1RX7jNQPt269v4NxAD0-6Z6xYl-CiNObJQJY0r4JOXhH8cLvxCx6WIBboSVWXgW7adBMn7f6CSIH_mASOYla1CHzIzN9kNXGjYv3eC9zJGPtHx-I-sz_9ljjZ5uYE2WGn9jsqP7SIgopNK0LUKfgyv4XYDHe4xsE3_O4zhPxqgq1xULJ-miLBZOocUQryxeVIRhccy7YPmwhKeBqV6JMpgleNVm-pH3Grmg5dKV-hFw6X7CYATFHz-DpdEtv-vm1Vh8-unsr3yEnAAbc3MQiPhFfzv4TOzXHOu-4bge7hQvV2JCA3kqjMbm6n5N9k2KAy8LOFDphLnDnYovL50ivcvZxfyNM8nUAVwYSg1ZfyYmHqTgom5YkYDDEEhl77K5g-7qB5ODrHMuggVt7fmHF5DGX0yn5QMFL0AagIUVZ4hthEuO4xUycUt89dFfdNsb7zL08ap8utgyUIksGe5h4TdeItsR8BaaVxfty3b65CeTPWGjc9jJ52Dtoizp3_y7zzBDfoZLtbCqb0BnZ8jElXbdXBjsvIbzekdERnQINq9anbZiAUyeVThBqKlVQuEsjpeo8puvpOW8gjmyawi5FyPFbPavbzj9wcgXtWy_2rach8WooPedRIwl8Ub8p9mxai_95e8ohuSjo6s976S2Ym6Ag9rVAWm7iDsV7dhJX1S8lfcXp5a-fKLl9Jg00TFFTM23M6feFlR201uV3xywUsFQor0C_1fCSaAdRpiuaVciAD8pSHRdFR1dBx6LmYy-SgsTAU8LJE7VBTZidO7knUXxacCPZLpMhrZiNPyisN_WkFCbnEbRLSsD5IcLva2RE50PCk98_yuq9PXOvzB9UHFLNt1wHHocGqxpFoT__SnCrjTjZyY9ul3OXecz7Ei8_g9o8POKRZ6bcSiLFbIz0xorRzL9pAi-6GglpWJjGLpzIvH0ulV7a_Qd0qI2fXb-0L7-MZvVMVXineiWlgbkMBF-2AL0tHIuTtfnHDxMQaX8LN3zmeHCFvh9o9BtUUQ9rFytqLOIXHq6DhTypEKPHmobpPvcJLZdI993TDaiYU5ewLIZoxOCtAcuZxctAhzFsGrpqS3MaUD8jbLYTkh1X_-huCQWzijlhQXb_yskbw5we9bMF33VmTEBjNBun4mo8mErp7KYOuvCWX1Jl1KvHLFDyms3dfIJMTu-e8n5MxZeKmxcaGUmJnyxpPqcIxLiiBLiO2wE_IexR5Cv-gxhL9zlDsHdQmknlC3RGRtx7TJnxsM-qWq3XPs1PwWpfjFyMYo5WMM0RI2mTFZLCzNKxAYF2rBZN9RgjZYNBCJpX29jSvBWFTeDDHIJ_iL516wOYahc3oxugA8-H_0HHvE7x26zxbKBvLZolJtN_0-V9cY6fEiDr5tLSSJSsywTOtwo5_cpnHXMA2dBcRnQFlSxNNkH4SKRFIFvH_AJnzh0F0CRxzByGrotA7dT39abUVnWiCqAnLM6z-NB38oa9e_M5sI2KGgLPMIoSx17DGI_HdxK5c8g&cid=CAQSPAAvHhf_2PnUdRj38FNLRllg28IRGt2xMhcQAyg6Adf8v84vhClHPf7QSV3i7esw1Oi2-XTJTj1w74AMqxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.168.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wh-in-f154.1e100.net

Software

cafe /

Resource Hash

0414e2158b948cab14ced6ca3004907eb4245868c8bb830384c3dd0bd42e0d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17774
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 70D6 39 KB
15 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6FF5 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 08:50:40 GMT
etag: 48472445140208031
expires: Sat, 17 Feb 2024 08:50:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DBD4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: badc4ee33c05654e26ca5ff6f608c5ffff9f948ece0e109a861fbcd5922d667e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 88BC 51 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 20:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 20:38:21 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 69B4 39 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6696 0
0 44ms
44ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtEVtia1EY65IZPtc8SBF8M2SsXdfuyKqZClndqaUpB0w_AcgQJy5x6iks5xPeO2X51miHCjG7j-tzqOoJrfwlnMKSJHUbmoln1Hpkarj2_mdBv-VtaK0PCTYeO6xtuAaQxf0ByKUjiU3va5jJmDnIo_kNSC70fyQXzEX_m_PXldTVKgCAjgz0YSsbJEHSqutrxUduwjYQ9vssli2XnispErkK18n3VHgy-DCFIqu2ySVlRtlWJd1fO08kj0sVmd1ESa3womDlRxtLz5U9KH9nDPPJf6l2HjuvD1lIJEFoA_UhsDsBXVfLAOEeXQX1GCb5hmN-qaEcIaE3S8vQ3PXa8umMpoz2_eylyVpHlpcYaJAebwLlkPEI3vhzNOtMQ3WDqkAM74d5DMBuU4MiXWffac0RI5XT7d_nokulH3AIl_CkaM5w2Wb3uElIZD7zrguhXBMvA4qJZaB6kjatfz30IgIxmdhoautXQSVBgGmar1VW1ORE1nByjNNsQy02nI94qFiemQY0xTDl3U2rLCmwQrmawj4iu9Lcc01ItpuXyZrEKr5x8PP6JN1Hxay5GJ5xAPbt1-M8yJz8-IU57eZvVjoUAZ5uK_Wv_ZzTanY_Y1SlvV24y4qGH9-EY71t4uPGcCjuNoexcXPVkqbF7OSMuRPvKhQqqMEGwkkzNjZSo24DlXvwjYfZFzawlPJ18YXgCUhUVsuG6hOmrxFXqqyqEP0AIWI6KYuJbuGaJ0XWHS_O5By3t2Pvqft9mNVRu6qmze17iWoXyUAZM_UWH4wo8Ir8JBzPwqejAZkn8ejs-DyGz-SE_LIdn3luRN3oLC0v_kpLJA4AsIeFNHDkfSmprlHG3w3EV_zUnjaLU7WiidIB4of2DcgP0m0kSVUw6Zp0n_LWaMnT7-1FWLpRZWv7VKjQ-uN7E8rvsbZkOK3y39Q9juYGz2oIY1OymNFQjOw6Oe2qdaA7QpRvsv5drabR5OyJOyDCcSW6SsyGtQNiUJVtMzNfMpC20qmRkfvvd2qlZwgHXeQ3Gdz72V3X4SN9Z_qcJ7DXQNphPLeoVZ3V2MiewGEmdadPEXHSQx_i5NruAD_Yl78P1Ogo55RE4ve-hg5fPzNQQd4-Y-dhOEtQiEdyiAaHYdHOAEATrROdg7ZUI4NevsP2WzBpxdcqgvul5iVC1I8CeDuzsWUhEy5ewzth9vyQ_MKAUqD9K452D4iDkY0IC2MoG1PyZnjVxhMf-0MdXfh_yewPeKmP9YA8f_5IGUM7fPxhhIOJtQdiOfzqh_2AqhuM8uQHjL7ltV04cmk28ZNG8zdX6VqKKT-Q4Ck4eBCmRF38wOJp6iOVCQxIPy7-mlQgAp_zaPTmTTr59YVz--uotpzGlsoD&sai=AMfl-YQe_juUZNmEgPYbytBxb5aX0c8daTpyM-AxaeOAyeyzSi2KIOo1qnd4KNITyZFHm7r_fabFt6llbPITmeN-DWvqc4EybEqGzAlFlIaA4Fs8trMP4yOvxPFNTQ4TqrtguPrg09bE18SzXGxr9dGsMQM2U9OEL_y0sQyU-LyzIrTA1hK__pVaTwrKJqQ_NE81N-z7JOvtU05VolSOUA7JW0i_JDxf0O3Yt2FpBYW8q7knjPu_i1uTt8-zp17Cq7S6Vmtn3IaTfU-LQWdd_Ic6oNlTtx0ZMwm7fWdS1g&sig=Cg0ArKJSzPpKTflSqqaiEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=559&vt=11&dtpt=270&dett=3&cstd=286&cisv=r20240214.09505&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF13 0
0 41ms
41ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhuT4AT6hvghp_6QqoJeMzIVsFMN6-6L-J6n2RK1Ov179vwLGAjYRICXtbQAPIXDihGFlMZFeUuwxYV1Jk8bOErTGkLq7l52Q6jWnDo19eMB4SHCa0aSmghuw4OyQ0nI9PK22oJpLIkkPBiWdUPs3HJn71i7XPanNrBU4VwQQ8RK34xTByhtRP-ENQhi7szvOWwYVZ0mLYCLihaFSgEPAhHIHJD9g_uX46m0TvNioVZ8GgN2bnxfMXQECNFWFMqPnMj7JCQPWiTxyXLby3jamxpFtA3EaHpS5znXOjeBE5BfAkQLKXGB8-HwRKig2T4soINQ7GQQ-nVrYLtIOk2yWhZUVFvpcYucAiWhviHr2S-fWjvinvW6GanClGZDmDMAE4eaW8RH_PL3oNcggwkM6wKmKcfRiphVEwesF__1-ru6_mqJqtsX1DD0G01IFermfh6_at0bCFRgk_GLkljhDri633q-rLGfHZRYNqBFvHCi1hnoCSxq96-gxDG9amEI030j3lHMf0QzoFUlZNdvrCH5_tf6VkJ8Ae8cUfaD_J2QPrIw3qgH7rYe1gLF-4lI0mYGq-Kk1lvKduCDhM6Zyqmf0oReaAqJA9Xgb8QuAGKJJXqpk2XyJAWwUKIl-z-_F8dxPFM5_j97NmGKMsB9-tNE9_prb9ik_CAQ8Jc7Zig_-CnPDoE8BFKaVRr4HjRI733p_Crvncse0R06hOoeORy7xbeajTxeiygx0Ag6PSwXcbcorFGdhSmvRUc0ZiNXsju5Eiggj0ZqF5HREurQkXZxOk2A1RBAIeZZ8BaGzO1ge__2q-CfSg0aTYU3KK-OFyLwjuw81l5V-8voatTfVQM2qdSKA_DM_jhe25rMmUSU4XGH48nhKXvLWEsaDwNyo-vj9jCGCLPlw1so0Ooh-ODCdWQfLoUtLlwne8NNEpvhcuzFjq_bxNxlNGKnYibWlR3yb4HYTOsizMph7py5zxoQZiERzxZeBfhSDH34Rc0KeLFtds4tXukqrXTimkkHhGmWjhgnOaiQtEEuJoXNUnIs44R24MwVz79C2uHKFLoe_EAm6RenAfhW_HQ5X5sdKTSQzP8tvIKBVL7mHvCiGmyaXO-ndB_Yx9YlCiTOnHNS3Ollw-jA4RdVGu-t_4eiARB3brBVdCNBeABx3z8qgjhPN_aLRW8VwL_1m0JC_Z5aky0MHPpUV0YNdUwwfNarYVb3hi0l6DzFA2hsXFTvV9YfFDryZRxIDs_BSAsZgWKfqWkagc9fH38gnb1BAxp90DYDsf5iBKoSvKyRxIpH25h8UkiCxh111veQ03_K_Dha76Wm2ZGpzTejnKe8qHabHSYOIi5LDz5z63V_baT6CJtbtT_Ft-9vVEQGf5&sai=AMfl-YT6mL7k3epqzxMoa5SiXCifXnEi6AFQLJMs83cR4SPjt_BwRiyb_KtLpNVGEyEJNkCWbL68uhQ9mPuohc-mr4Y7eGZjd_uoZrMIRbqjkpiTqivJVfvF8Wc2Paj4lz7FiXSoc5Id7qrQV1O6PGWdrDzTcIXJzTf0LO0sZF5VCQZPDxqmLmcBYv-18r173upRmb94etCIXZOyWtUeUTnd9a9y5XcnKshAReM3RcpNNWpCIW43OMhSKdeTf1YX7W3gt4mwqKKIEj8cLjxzSuej9oy0niNcnGek8Eq6sw&sig=Cg0ArKJSzNY8KLO0ni3LEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=533&vt=11&dtpt=212&dett=3&cstd=319&cisv=r20240214.61565&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 19:26:02 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 6FF5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGO...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNkt...

43 B
424 B

192ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85682e122ae665a6-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 695
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESED7AQOJUUJMHOE5oFApwm7A&google_cver=1&google_push=AXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTJHSb6m04HjILV8esnCNstwdkKt5eyZNtaS0qTdN599lX7Kw_aaBWm6bJSsYzDVJOUSEnPJ6jxLNDFcb9XulG9UGMMNktGOZU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 85682e10d81e65a6-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FF5
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1...

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6fkkbJ4KGTLRp9rg&tc=1

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmT3fmBhfMTeGHbx46QDAqj2Ju1MXesGB7mOBV8srC4h1-GbBswcs0RHwXLb9AoZSjAv3QXkesWkKsD0vlcH6fkkbJ4KGTLRp9rg&tc=1
pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT, Fri, 16 Feb 2024 19:26:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FF5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELnDIkY2xM1LqAQigFhBIw4&google_cver=1&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE08ad63FtS&google_hm=eS1RWUx2NS5aRTJwRT...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE08ad63FtS&google_hm=eS1RWUx2NS5aRTJwRTg2R0Q0cjk0SmVITmNoSmYxYjU5WH5B

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Feb 2024 19:26:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKP4Izl1qfKz3ZLJPnIgSWefoPfxITOhQQ6P5FwS-k2zJHKIisgnQj3ceTTC2u1kbui9TLXgNyeRwRVqnLS8OjJUE08ad63FtS&google_hm=eS1RWUx2NS5aRTJwRTg2R0Q0cjk0SmVITmNoSmYxYjU5WH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 6FF5 43 B
363 B 50ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSf7ZpBOUi51mCuXU5zclSunuQ6pilRFYWgqqEyR_H8tPq9KQwmH0REAhYIBLl7Ui1K8fVzz64wPWzy3G2OGTroo7o2koh1st2u&google_gid=CAESEPBC8yfjMq863jzWbSgcvIQ&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 218921
expires: Fri, 16 Feb 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6FF5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIdoxUsVCECVNXEt4gpMCv8&google_cver=1&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3i...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIdoxUsVCECVNXEt4gpMCv8&google_cver=1&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODU4MjEwMDYyMTI0Mzk1OQ&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH...

170 B
188 B

27ms
26ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODU4MjEwMDYyMTI0Mzk1OQ&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3ikZNT5shB2OJH2NG1gnJ37nXh

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTg1ODU4MjEwMDYyMTI0Mzk1OQ&google_push=AXcoOmTGOMlLASHD80qny4Nz4w8YuUgrml9T8WQaShteQSK1LNDCXf41OX-NfIT1LGq_2K0zGU7vGH3ikZNT5shB2OJH2NG1gnJ37nXh
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame 6FF5
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmSBg8_A1LlFbpozlxtQn8Gy43undOJ6cUMXeOnblUNwkvooAX0e-UpziyeIeiP8lI5zfABMlJk298Cf_-dwX...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1&google_push=AXcoOmSBg8_A1LlFbpozlxtQn8Gy43undOJ6cUMXeOnblUNwkvooAX0e-UpziyeIeiP8lI5zfABMlJk298Cf_-dwX...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=nLBdx_X2WC2lUuR50KYcLE5V9kT8ZyQYDpiB-22ooO8&pi=adx&pi=adxab&google_gid=CAESEFqerraTXD1KDWTZIi7870U&google_cver=1...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5

42 B
260 B

73ms
20ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT, Fri, 16 Feb 2024 19:26:02 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 6FF5
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIX0ZIFOD-wi...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRydYaARFrvNT2KghgUVZGlfq2b9DWr7hRKBMHI8dm9AIp1-kqwOOpShGr3XiUrOGW5Rgpu3VYo6hxqnGT9q8Yaptvae1E3PrjwzQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

33ms
33ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 19:26:02 GMT
pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6FF5 0
12 B 16ms
15ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQW0V9C9lG7Az5alyOWD59NsJc2ow5ktEc8FPLTFpNOwkW9oNKbfjxuZO-hfnAnsh1H0wLhIY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBD4 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcHteybbPZYDxJP-nid4PlNGJsALzieHnddfZ_eL8EYmTvO30LxABIJKwoWhgleKQgqAHoAGp_-XGAcgBBagDAaoEgQJP0IRCGPv_nLXopJ-kCB1P9VFfua9t6GLDi-Z75xdNJrhYZvU-Ccu45F6u6DZeSBl3gOTWVdFWwZCtMbsnglHIrQr290-2SCQGCSwJC5HFTtIwQASCJvgF6xtvS6yZUBmRuSh9Q8rCF-7ztw9cwF0_aDK-SfPMSvMgVaRU2Vmwm3HbPPtOjdyiN1hD0qBf_6wWRrouR1Yn9jaz0geAKpwa9jfiyQqeiOp3gSvfKzBImkuZU51s9EDbqESFIYQTbiAg-LkREL4iwkYx4AInKL8nfDgMsWogur6fFlADP3ga_H2gOt8XIy5B1P41keqGYeEWMuBaPKq-cl5bgvTr0aTN6cAE6Y_y7aAE4AQDiAXHs4exSJIFBggDEAEYAZIFBggbEAMYAZIFCggiEAMYA0iYrHySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwoQiK4GGJGv9_oB0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpYrNDutsuwhAOACgHICwGwE-OQ1hbIE7mp4eED2BMNiBQC2BQB0BUBgBcBshccChoIABIUcHViLTQ3NjE5NDU4ODc4MTIxNDcYAA&sigh=ahszzXa21XA&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAAvHhf_2PnUdRj38FNLRllg28IRGt2xMhcQAyg6Adf8v84vhClHPf7QSV3i7esw1Oi2-XTJTj1w74AMqxgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4761945887812147&output=html&h=280&adk=3232283153&adf=805528431&pi=t.aa~a.4027807430~i.5~rp.4&w=1092&fwrn=4&fwrnh=100&lmt=1708111561&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3144298019&ad_type=text_image&format=1092x280&url=https%3A%2F%2Fwww.geradordecep.com.br%2F&fwr=0&pra=3&rh=200&rw=1092&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708111561449&bpp=1&bdt=1107&idt=0&shv=r20240214&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D86cda33a92a97106%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q&gpic=UID%3D00000d5b03786015%3AT%3D1708111560%3ART%3D1708111560%3AS%3DALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg&eo_id_str=ID%3D569a505a313c3ab6%3AT%3D1708111560%3ART%3D1708111560%3AS%3DAA-AfjZxoBpwEwsiZOsc0CtxO5eq&prev_fmts=0x0%2C1092x280%2C1092x280%2C1092x280%2C1092x200%2C1092x280&nras=2&correlator=7848482955897&frm=20&pv=1&ga_vid=1511135010.1708111560&ga_sid=1708111561&ga_hid=1824659108&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=254&ady=2004&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31081035%2C95322433%2C95324581%2C95325067%2C31081233%2C95322329%2C95321866%2C95324154%2C95324161&oid=2&pvsid=2661440145104977&tmod=1749862325&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=3
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 6696
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1874223/77019497/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20833644696&bidurl=https://www.geradordecep...
https://static.adsafeprotected.com/4a.js

2 KB
1 KB

21ms
20ms

Script
application/javascript

2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:45:01 GMT
x-amz-version-id: mquyMYJqCoGbAXGMW2KDLOw2mw5xZIC.
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 348061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: LzZMDbCV932p2WMp20eKKekzdhh7PQsOtwlQ1PeiWvXypN3Eap_6Aw==

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D4C8 91 KB
23 KB 93ms
25ms Script
application/javascript 2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4437346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: J747oG4g1RDeDGoWNpvSITa9tkfO2gmnWHchNq_FT4dVwtFswfNR5Q==

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame DF13
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1874223/77019475/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep...
https://static.adsafeprotected.com/4a.js

2 KB
1 KB

24ms
24ms

Script
application/javascript

2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:45:01 GMT
x-amz-version-id: mquyMYJqCoGbAXGMW2KDLOw2mw5xZIC.
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 348061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: THE4dOO6-bFY08IZS6rSDy0ynAqbHXeDJJQVEY2t9yyK-YGr2V2_4A==

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 400F 91 KB
23 KB 72ms
43ms Script
application/javascript 2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4437346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: lHGHvxufnJYuUeHRJ6EWo9DyI_7xfDddvqxQLxa9W1Ps-khSEm2vVw==

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 8C1C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1874223/77019492/4.js?ias_dspID=3&ias_campId=1015060172&ias_pubId=pub-4761945887812147&ias_chanId=1&ias_placementId=20843742424&bidurl=https://www.geradordecep...
https://static.adsafeprotected.com/4a.js

2 KB
1 KB

25ms
25ms

Script
application/javascript

2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 18:45:01 GMT
x-amz-version-id: mquyMYJqCoGbAXGMW2KDLOw2mw5xZIC.
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 348061
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 12 Feb 2024 18:45:00 GMT
server: AmazonS3
etag: W/"2105f244154aad4862ff53a961b1f1a4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 1RzT7NViBVO3iFFsJXTH-xYCmXed1-pck3oSgsh-LlC2Q6InFmUePw==

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 77D5 91 KB
23 KB 47ms
47ms Script
application/javascript 2600:9000:2127:7c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:7c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 a1c66294cb416b399374a845b97656d2.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 4437346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: NMWkvI4i2dIKGefx3NMc_1hIr2QwYnaTkEOKVqfnLgJC9d10FyCdFA==

POST
H2 204 csi
csi.gstatic.com/ Frame DBD4 0
45 B 127ms
117ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsp1isj5&c=8786896510248&slotId=4393448255124&qqid=CMD59rbLsIQDFf9TwgUdlGgCJg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DBD4 41 KB
15 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 02:38:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DBD4
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

74ms
12ms

Fetch
video/mp4

2a00:1450:4001:5f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8309736A6877F4FF9943DB58F628FE2695D63C40.3193B98AF040EEE5EF05DA6B2CB4E53CC82F0542/key/cms1/cms_redirect/yes/mh/qT/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1708110637/mv/u/mvi/2/pl/52/file/file.mp4

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:5f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 19:26:02 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4890667
Last-Modified: Mon, 16 Oct 2023 15:59:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 16 Feb 2024 19:26:02 GMT

Redirect headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8309736A6877F4FF9943DB58F628FE2695D63C40.3193B98AF040EEE5EF05DA6B2CB4E53CC82F0542/key/cms1/cms_redirect/yes/mh/qT/mip/2001:ac8:20:271::1e/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1708110637/mv/u/mvi/2/pl/52/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame DBD4 453 B
588 B 45ms
41ms Image
image/png 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-4761945887812147

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:16:02 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6696 43 B
216 B 537ms
176ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ac76f0b6-9cbe-cecb-e404-cfea2fa7869d&tv=%7Bc:4pWPXH,pingTime:-3,time:152,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:152,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1*.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1c1*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6696 43 B
215 B 537ms
180ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ac76f0b6-9cbe-cecb-e404-cfea2fa7869d&tv=%7Bc:4pWPXK,pingTime:-6,time:155,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:155,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1*.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1c1*,rmeas:1,rend:0,renddet:IMG.us,siq:18%7D&tpiLookup=ao:www.geradordecep.com.br*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DF13 43 B
215 B 690ms
353ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e537b87a-4e1a-9e34-99c8-54c990aab4d3&tv=%7Bc:4pWPXX,pingTime:-3,time:126,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B121~0%5D,as:%5B121~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1*.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DF13 43 B
215 B 515ms
178ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e537b87a-4e1a-9e34-99c8-54c990aab4d3&tv=%7Bc:4pWPXZ,pingTime:-6,time:128,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1*.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1e11%7C1e12%7C1e13,idMap:1d1*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&tpiLookup=ao:www.geradordecep.com.br*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8C1C 43 B
215 B 686ms
350ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=9f67683d-7f02-b105-d20e-837b36f77266&tv=%7Bc:4pWPY5,pingTime:-3,time:101,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:101,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1d14%7C1e1*.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1e1*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8C1C 43 B
215 B 685ms
351ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=9f67683d-7f02-b105-d20e-837b36f77266&tv=%7Bc:4pWPY6,pingTime:-6,time:102,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1d14%7C1e1*.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1e1*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:www.geradordecep.com.br*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6696 43 B
215 B 658ms
352ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ac76f0b6-9cbe-cecb-e404-cfea2fa7869d&tv=%7Bc:4pWPYA,pingTime:-2,time:207,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:782,beZ:784,mfA:786,cmA:787,inA:787,inZ:791,prA:791,prZ:795,si:800,poA:801,poZ:823,cmZ:823,mfZ:823,loA:937,loZ:939,ltA:989,ltZ:989%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:207,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B201~0%5D,as:%5B201~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1*.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1d1.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1e1.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1c1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:18,sinceFw:188,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DF13 43 B
215 B 652ms
354ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e537b87a-4e1a-9e34-99c8-54c990aab4d3&tv=%7Bc:4pWPYJ,pingTime:-2,time:174,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:801,beZ:802,mfA:804,cmA:805,inA:805,inZ:807,prA:807,prZ:810,si:815,poA:816,poZ:833,cmZ:833,mfZ:833,loA:929,loZ:931,ltA:975,ltZ:975%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B169~0%5D,as:%5B169~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1*.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1e1.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1d1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:15,sinceFw:159,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8C1C 43 B
215 B 476ms
179ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=9f67683d-7f02-b105-d20e-837b36f77266&tv=%7Bc:4pWPYK,pingTime:-2,time:142,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:814,beZ:815,mfA:821,cmA:821,inA:821,inZ:824,prA:824,prZ:828,si:832,poA:833,poZ:849,cmZ:849,mfZ:849,loA:917,loZ:918,ltA:956,ltZ:956%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B134~0%5D,as:%5B134~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1d14%7C1e1*.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1e1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:18,sinceFw:123,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/10479265507807087626/assets/ Frame 4EE2 8 KB
8 KB 10ms
10ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10479265507807087626/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10479265507807087626/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:07:33 GMT
date: Tue, 13 Feb 2024 09:07:33 GMT
x-content-type-options: nosniff
age: 296309
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:15:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 874C 23 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 218510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 06:44:12 GMT
expires: Thu, 13 Feb 2025 06:44:12 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C1C 0
0 41ms
41ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSfMymw3R-F3dykhvLZhC2-TuXoVkWn3tsUBv80M6zRebAVXXkzIVyhf6E8mZzNpvsgPdpQisjC9GWoJCyVIw0133dI2dFJlBvZ1_2g6rJGnuL7ZuEe5oDC3D5lJuLq5dxJ0pCX0ytzoBrQem3Ud_p0IGMZjb7dWTVOeX_cDysdN5Ghknb4_pIkUyBlXSzzSmYec9J6QyGiSxu3UblAL3mvS0TQ9CcIXYnhJYyWglHR4xDbmej8fZlvVlR9nmvUUA_qBQlF6X1Os5p5NniBaftsRMQhoCUk0-QsAMXas3bpFoyecslrahUWqEOx5Nd_3tjmahoIp17eVgd6Dh0xhQfeDNy5Fq2XeZxPc5C9UhM08QPyzr_wmqhHp925ZXHdfBeVAGNM6b_i_UWe0M8eAOvjpelOuKJ4-kvbL6EI-HMHgG3thypxYLpL0kAouN4hPibwmSbme5kaLy8Jh_L-ndGC7QftcHlMoXbsS2tJD7TQIH0hH4dWlzxz6S77hS9Qsl5LHOhSMaqUAJvngSf44cj8hV_0KsksCCxRorDwO99ilCg06j748uLEeroXMMY0gLejAs1Lx8VLRkUoIlBMBJZHdYuC8kUxW3KyQMcGxUtGX_GK5yxtBh4oLjxJUC2H7TkaMUJMwoe3VNqXwdYm6vruonctSV1dpqCgNXdHjgzUSvQlazURUV7h_0C2I-SutSUUGM1qkyDqOG2UT43hkaKEWEIzvbwK4v1QsQrfFJRdAp8uU4HXZXAKMz_uQgSRevHHCh7OgNq9ulxJii8XQNnyD1a4QNEADYa5WkK7oj5Hlmt-paVJQ9-Y2vRMBk4LELwc4I7d44yAjlTqCT5BE2OPslRHFacvApbi7DKPXGSGVBI0UfQr8yG0fAcYr9fBs5UGzb6KCAk4UJswU15cuA3eI9FPj76HBBS5amaClzhwB7mV72SUDj7-qepTMUHPBR-ZALrXWDXI3BeXu5eKBlnQx1Lhw94F-Atty0E0DCgB2jqNc6v0BVgpzAllPRfsoVmpAFcZKBSHz9DNKuuwNTFjL7e3x6xowPQzVxb1znTuB6a_XxCt30i2wu4l8tMqpx5P1yOGLHOZxhzD7JN6ByM4lw20oDc4GR5IGwLgXDM0IamjMvy5yZ_dhxItFg1k3KGG04JRU3UybOhgjN-LCvTGAxl3uSenq3Vuby576FAhDKvZ0s1BLZV_wKJNENRjleyITt4CyP0Q6dpDC4-l19gYGSAX7H7oB1n5ePTI0bd_TzTiA5VUchlRwREA0nFJCCmBetq4KN38HPx_jZZlDkFZ2GQtYjTwww9mjat3DG8WE77MJwRxOM0IlcyzjODVMsc2QApQj3CH8amR03Xia0_RO9gzxi2G7R5vcNgUQ&sai=AMfl-YTMnJwFxl810A5tn4ULBPBktxMzQlvWIqL2E3cXjFMRSVTJVZW9kJF62lmHZoJxQ9d_iKjwxpUipjoCrwreQBjJPrp_kNsZRAelKwhnIFt4jlGMigiyNNszr45Nb2d-k9z4smenQjuGv8V2b6cYb9S72CdcgBecpujeX_WkYUWFRwyrxuyo4QB998rxCX_Ebmr8k4DwmayrqvYX9jpY3hyc_PdR7EEnzy5_k4jwVC9ZzIugV2Sthzc3SPZl4NtCAjPj5QAkKXiRR3flAywymFbqbOTSsHjJKibMvQ&sig=Cg0ArKJSzK1yZK1RsFGSEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=725&vt=11&dtpt=465&dett=3&cstd=256&cisv=r20240214.66173&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 19:26:02 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6696 0
26 B 45ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvSim63NWfJ4EJPV6yGU3MVR7mix5s1JL80SuP03CVoyfasXVT4Z7Q5xfUspVwGOkG-0PrD_rg92BN3aI0dg6G0RmZ_P8uSRtwnWJMa_87EQqtuCvt-sN9NjwYV0FKrzF87JaM1D1lN6ruKMMMeHhYxalw_e6qgdX9GyOi4lFegm8ekmMtt0G6JOtE7buDTlZxN5-067s187kUj&sai=AMfl-YRIbyEdtxJIImUnJJb1i9NsQh9DKdfXY0tpHJ7wbpr0MdJ-BOiB84mXcaI9K5jGapylmFlM57vkGlRODpw6qWrUl85IlsQBKu0CpNKwEi8ZFOsjofbLStaDJtQh_g&sig=Cg0ArKJSzAp2MngwsBXzEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DF13 0
26 B 44ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssGGFOe3W4Q6vPGAwkVZZy7WSDDV8Bv5tc5NPbFUA4SU-b_yc9F_WAPyoShNu3Ho7NB5dTPSgg0OB6cj2vnCiwOwV_iU3UND2BwixEfP-LiJNLALJxcRIcjapE9FHqHE8brYYOfbLT9l3kBhMWvFJCML-rgHvHvlA847m_sieIl_P0JQ8yphbQhLLZh6ZefkcaRUXpIqM_PnN3D&sai=AMfl-YSCUrTItqafVZms4nY0RLH-dyJijznqzED9oR4nhMPZx2zMpx4U-7X63nDP4WCzWIW8p6M4Z-lRyP65ZfKHJPPodwAUiGxyINkL7maXX4uWXiDqZ_nY2l9xVQxtxw&sig=Cg0ArKJSzK76ATsu3oVtEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C1C 0
26 B 42ms
41ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEwhlTfmMSNjrDeRZrH1oUfP312zNl86AZL3nwnCTuWpnDFKAbryNl3vA7GrXsO96auyPyFBXlkiDvhd9vYY57kXjlFM9zseuKOeH86iqdIVAluyZ_T8KnVvVhPnahPzBLIj-G04YCYEpe-YK0ZRS2LKS_aMyRM51rvRot37x3uX_5fr81ZCwm5ojFOnR-pfm-94Va4k6UQFsW&sai=AMfl-YRFdpkzGS7_bpMndaBfNm3fvbJaPHnyZjwngd735P0YeHcFoOeHZ0LnMRlsTaec-fEcYfeouGSwVZjeXevSEgjTgVXY_42oAL9tGh85aP2jIpba2XRgWRarKupAnQ&sig=Cg0ArKJSzJ1RnW3fbcLVEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DBD4 447 KB
0 74ms
12ms Media
video/mp4 2a00:1450:4001:5f::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 16 Feb 2024 19:26:02 GMT
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4890666/4890667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4890667
last-modified: Mon, 16 Oct 2023 15:59:27 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 874C 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 70D6 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BH7_UybbPZe7SKuyl9u8Pp4aaiA8AAAAAOAHgBAI&bg=!iYqlisXNAAZN4L4YbeA7ADQBe5WfOM_jCtPVOjgqKKiKeo7c38l53xmQFSQrkgNwAPOlWP-wEPltzsoWFPEN8fDlR0gGAgAAAVxSAAAAAmgBBwoAUY_9fGqjUMb3jJBn6G_E-21Gd8VxGoZ9wYJrXO9ytVyGlrj2cd6s5ftQieQHuqNQMZkZWVmKiX0bJ7M2xPUvarlrahOzok72kRaDu7SnMRw9SpkDIMZgmLRXJkxTDhTUii136rlMHLdV-VB1cfXtkwqO583FHVZEqd1W30LhD3y3A7rxXaoUwKulR-qUbrcpprOjlOu6PscfdIcrq1Qn4uwS_FRlcO7dMPUSflJl8aQSfAXB-gZdrERuGVTwjToXTPivTTscGdhNCyiiz--pM0ETvbPeUWbtmhBORQ_esK4J_quUJvmRqMITM1mvRTkaMWzKBlDz452aFUWMKoHihMOuwnghXaSALYTz2qg03-jzOP-OKNlE9S1Avew3sND4gR3Rc6_be3EaJoRjobnOvQFvP1wWf3pGNbC3XZ9svGXzuJp163bwoEZhQHZ4hSJy57xkHYhAp1S6oilXWrFz893hZWJ3oblW3OfMU4tXgk7CEjYYwiz1-XHrflqzpkXinpEVmg6ofB3QiEa9_Em0yophJB_2CA-JnygPN4zLGVlzEdPEUIye5FlPga5A-ztenZcRQc15CRY56tJJmVt4S0VFlOtg7q7oOnGCwyS6mVmeKSofinuYbJhL0U40g7Gh27663ewX_l273L-Hkmswd98Lq7khEfZM3wMe0d6QIYExlp26bFLSC5z2iZVC0OWfNOGde0_PcZUw2HhsrbJIkoDCOKo3chRBXWjO0oUwqQjL5rs7bi3J2ZTypR2xqnUeHHtCX7MWFe8iMZgabGGoKvBjpwM2whbQ_NcZlP3ArPbc6cXmteIbYEsP8QcBqUw72ylkirYZ52kH2QJ54ueu-kW_qL6pUQvDfLx7xKhV1yv1yWBkW7KMUBLWxu2S4T_P3d6ty3FsqVsZ48GpkXio7BWqubad6ZMuJm2eIFBaLV6cR9SpXTK_EgtDoyJryfQxUADsycOcTUBjjhrrXVQf1yMewLWMNfpSua8t7DnVkAbg2-f_ytvQe5cWuFj6s3LS72Oghg6EUQHd0wev3yCakhpaqKZsijW1hIuc6KDYrkhUI7OWBKQ20Ipnl9iMVgDWEpGC6FGPo25fNd2U3SSwluvBb_TQTpXQUiY1yiLc96mnd7KzALoFGW_sEKyaYmIMBFETPIA3CZjTlXx8nSvD8VuYr0QO

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88BC 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B4rhUybbPZa2FLLK59u8PoqaSiAQAAAAAOAHgBAI&bg=!AwClAE_NAAYBC1i-IQs7ADQBe5WfOOiqCSUf3Oy6yOS2QTh1ayIvIjJR8u5I3z_NlYvZ3zon6mn8I4975uimUz5lqVn4AgAAANZSAAAAA2gBB5kDEN6EJgPPPN_AgE_seeSwHwqtSgL4DYoIejmDstk2zEbncRoCWODHLzyjFnkU93kDuZdLYiGs-bUu1AwzNoXWUBrWTg1qfpFKPa2yFKMHScRxkC9TIIIRK6sT5NGZdifsU8g_Nmvl0YuxUizm-vrM5HTTu0laXh_QVNPQxomoNu4OY90SnmitGdIBPyCDHzYwi5sl0egjS5YRKUzIAXkTIHMXQzjPgwmBo9mt-ZZlFnDIpYDhKBtjF2HcWDx35jsO0SWn1HYlf6CWVVHTR2Z_B2qT3j7PShPB9Bi-guO6ClDHTHBxNJaSqm3xAp7GIHGAgIuM2CLroF_w9a4ky4_fmCg-YRPDkLaKaYjA5dWxE5z-LDjWthn9wgNONQkeklrn2z5_OY6y1Eb37Zr-lxcZQhVxo6WRTPXMXEiSwy3CvAfondxx1r_B8MVsmg_yeP0cwaR66i-kSspNTcvrU57d20vtCEK4SgOoYaDMXC0pk0pI8rZ9IpcVr04tWNLUFnQZSdUQWELfC-BCghXuGi8Hj3FbsBfsZ1MIc0FiB6ltKTRF-1b3-NtWXsQcwtlyQg_Sf-0gsbx_K1uo9nzUoM20pE8xcGwn2-Jx5OVisQyR40jKFNUi86eE6yeELvv1tRIyeX_RfA1xOSbC7NdMweUKDWCLV0Z4_AJgmcsWc6OdQYQBaBY-TreUBLYVhzRb4jL8RVlqAKN-2bU_3YmlLKYYH6GdR0ZG4F6uHP3ccugbKjA0QrJb-5wlY9Hygp39mFjE9TJtOC3K0fmVl2OIPjjyvXzWoJTAWgXf953a-bpMxbVmR85LJiq3aJXd5V--jDM1GTw58XC4oa_X44m91uvkskQ3GDCxWxQ-n8Mz0ZAQjetjl8SfnfVkLROznwyBuSDHEMFW2ZsYgMDf8kLgqZG18EDuVr32hlz_hGjsPhFvtrluu1BvcFQGKWupPi-Fs4eYAhOKPATgwHmyCnLx4AlKJkbsR4w89wi2fKM74Lbxk3jjsCC5gjPpmE8bC0qeRtj8-8KUtE3a29g04dfPEbVrORo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69B4 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bk9KkybbPZbWqLLes9u8P2L6JMAAAAAA4AeAEAg&bg=!MDOlM3zNAAZN4L4YbeA7ADQBe5WfOA67BAQHdrLWWB97mFn6YXcVz1svrxJtoCE99Ja6DgeOx9Od6RR3b3F5TKdKnaNEAgAAAOVSAAAAAmgBB5kDDoVXHVo5c0Dgc_Iyojky3R3eILBIAUeQA3OIbd6gapPPPd5trhRyJJGFd3J5H22pLTc9KkJ-SWxCP86xYHx718YomianJDHP2ZFW53chtEJNuSujo7dPx41jaXXIFutgwLS-rKbY4doIq5CUQnSfU_U3XcmfV4C7SZRqHRCpfV-mUj1q26quLUxIgu065E7Lhf66MlZ5E0UHXKLFS1RSnifIGxa0w9vvVuLYHZ2eUCRgqJwI6-ri3U8Sc3DZJ29mFEkdKngc6IDw7uXpEFfrjGdA0QmG260593k6VbBlobmvjFcKFKDRMN3HPFSF1m5zuif_h9rlz8llYmtQDKwQrrjyHXd2r6i4s8LNob238mctW4OYIyw6S7DzcmYl2fQTAu0g--yEoJJOCnySyM-ToSJ7SxWr-yU5zX754slerLrEIPTPZGInrI4LMOQEd3ExgL0X9B0zOnkfi1VNyBTW-RKaSc6rRbKwT2gzGeNpQZXFW4xC8aPrqu7Vf6USseCP_AwXVHSn3fbBNdGETtuZLduNIXe_tYhU2m1HuydPmsp91TKW-x-Shi8K6Cjmn3yisbeVEHE6N8UYVUsOKoyV5R9adyJd20tFYgePiN9emxqN6yEFgrQpaCvvCLiYfZRnwgjpu3Io_jnsxQoYzn-j3K8_MuPmeypBZc17xA-fRnKS--tC4Et5Q6LTwbaoDtCtSnBKg6EkCwjEgY2-X7M03AiuLJ6nkyofnezznqmP_PX4THyEzPmzzJiWby3Gum1yphrA0z0vvo_FI6Cmq1qcDJMQVZAnCrWRFbXvXeIohQRWyB9Ye1ZqAnOjlfVXQxcgxlvTHKP-yHabv-aIDiGZRh-rDLrh9-NY8cZWNPEsxz-75PuA69rQYW0res3pUovGu5cHBRhLfHRSi2JM_UNI7FkcefEAHjT-gqm9HSuTbRXYxIg-08djwNNPbkmZdSKIiqVjLGex6SoVRx_TghhmTSJ2aOw8eLtWMFQ_py6Lhruuw4a2OZBhY9Q_Rk84D_mqRSZh-7W6VLZ3cUiO0IAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8C1C 43 B
215 B 464ms
354ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=9f67683d-7f02-b105-d20e-837b36f77266&tv=%7Bc:4pWQ1F,time:323,type:e,im:%7Bpci:%7Btdr:177%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:323,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B315~0%5D,as:%5B315~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u4tM2Br+11%7C12%7C131%7C14%7C15%7C16%7C17%7C18%7C191%7C1a%7C1b11%7C1b12%7C1c1.1874223-77019497%7C1c11%7C1c121%7C1c13%7C1c14%7C1d1.1874223-77019475%7C1d11%7C1d12%7C1d13%7C1d14%7C1e1*.1874223-77019492%7C1e11%7C1e12%7C1e13,idMap:1e1*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:220%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 874C 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9d0eyrbPZcGmE4WGb-SpkLAJAAAAADgB4AQC&bg=!zM-lz4DNAAZN4L4YbeA7ADQBe5WfOBHG_kvuA-941MXXMzq4spvn6KQ1CL1mdyNaMgf7c3eQzqemo7VYpLSlvZyH9IDAAgAAAD5SAAAAAmgBB5kC72ag9x4llFnH0wM9h1NiLFQkqZIzjIW9foaQmC3P9esoAzITFcv8INqeICV0ggw3-tpceeEZKQuvOoUGe6cEW6k3uEOs--ZgzXTakWkS8mj_U1IA6Qyf3frSnQ_UKYKDJdpBI3NOJmmh51LZlzF8rFjcGaY5ddPgPp1jn4D2rT2xuSHB2HnqKPoPutocIschBQ1spGbY_MvfdMR5esp0Z5uBMg4mz_JP0noPr9qKtsXNtFy7YGDTvAPjeejbMkcbbav9lxAThFANMdvbmiqcW5VsrR_I-uFJlGSz8lILeSdsM1yA33rmxcHXMe88UeHolwwGDx7AU6AuKEii9hajZxWIFjQLtL8sb6vmJt8HcsAPJuMDc_mplvZqUN0SYeqBv2M4W_EwH9lMDIubDOyeGBB5KN2HN8Vx4gnyW2qmBhmjydD5z3wqa_-iemFf3SoUgX-Yi-9DcwySPAchlPJF9Ww7wWZc9VRTZkeLRRlfVkLQZX5rECJSKAJlyTlMj_q-ZLbfcXpbYJXMzijYzA2f-1cD12FTRtv5B0rHlXrXTfx7yNckCKRKpzLxlo8bNoDDkihEGONwDU1MqTaXiq5pyVh5QeX8ExodAMAywwBJbRxzOUID2JjpJOwFA5EYrE561QPXhDk2sl48tDSSkv01au8m-CJTTTzuE01VWoKCuBkr7pr0-TE7nGx0JaPiv9y3ekC6-94c5VkLStlpX2VRp8glsPDnX7lqpPztYqweV0jOFhCFyCLGsUwzGc3eqNV3EOM-rAIarfbbnR_Ux8rXw-9PDKBdhzvHK3l3yLLgHj7Bw3chFgocAXvHSaN6-dCT5bUDfdPFJcmc8ZyhAHBLpBWfrdWzQdJXCMhg4mfGYGyGUbR1oYrBQGXAwubiKkkAMIatTE-MICwrqLG9ahcKAGWD37kNSP4GGAJuy0W-R6vre7pvn5jnQ3uJuOakSrtywxL6i65kxOcUG60jb3Mjca-NJx0Bkfm3owaryvRRzL4

Requested by

Host: www.geradordecep.com.br
URL: https://www.geradordecep.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6696 43 B
215 B 351ms
351ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=ac76f0b6-9cbe-cecb-e404-cfea2fa7869d&tv=%7Bc:4pWQ3v,pingTime:-10,time:512,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708111562857%7C%7C0eed447c390b74fe3147a3356e474757%7C%7C1605e69839cb81a076535f1842285622%7C%7Cad91fdd926844c95f2b186e95bac833e%7C%7C0aab6167f50ac906d9667f9c1591ed55%7C%7C09bd59cb71eef7de06334e3c6c523d98%7C%7C65faaeac335bb353c3e5c3892690a998%7C%7Ce2bffa2b23c531178e37c60af155ce7f%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:02 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DF13 43 B
215 B 345ms
345ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=e537b87a-4e1a-9e34-99c8-54c990aab4d3&tv=%7Bc:4pWQ3H,pingTime:-10,time:482,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708111562869%7C%7C71a642f349bc96e61d601708a6fe5820%7C%7C1605e69839cb81a076535f1842285622%7C%7C5bcb30ce1b80d12e61020ad4d2e2b301%7C%7Cf7f9e2fe082acd841158928c5a80ab43%7C%7C93126bbc4199e3abbc0f2f57abb3f557%7C%7C8c68b7f106931a76f7f1a8b55786bfa4%7C%7C16393946c7111495a56086374334b9a5%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8C1C 43 B
215 B 332ms
332ms Image
image/gif 2600:1f13:800:7781:2b49:c39c:c642:eb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1874223&asId=9f67683d-7f02-b105-d20e-837b36f77266&tv=%7Bc:4pWQ3T,pingTime:-10,time:461,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjEuMC42MTY3LjE4NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1708111562881%7C%7C6e2bde57c95113bdaf75f0136bbbc5f1%7C%7C1605e69839cb81a076535f1842285622%7C%7Ced4fa78c4744a2301cc2b9de911b564c%7C%7C81ea5875c0d2aa0c35875a74821b7da8%7C%7C71ce206df84b0c5af4f1ae3e6f124904%7C%7C3a7c12ccd309b048321024c4ab7b559c%7C%7Ce9b446fde1c3cc265f6d44870fa463a4%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240214/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2b49:c39c:c642:eb Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C1C 42 B
64 B 61ms
42ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvq8gSFmYoSTVoD9GvzhFWEEYxoBZhxAmMCiNQKuLLV1SQMLLReOvgadutM8_nH4HqVjVyjbZG63e-a_cCf9c0Vb_0-tQafLZ_uNHMRSri6m5Y0BGUH9ldR78aZn0symzWFtQsO1NpmEUg2PIBxZOrwXk1KwktrLzhovWvKX0rr&sai=AMfl-YSfKAmx4KtmtuwxUgJdEcNJSxmAtSx4bpGMv5l4qRpqxV4tCft225RZSbMzemAlJpO7B7_XGbrSVSNXhya_zn5rvv_GF3dj5VtWs6VBg_wH_9EgfPNNdlhpKu9_mPbEEcBRDl16JsgX-lbOP9kr&sig=Cg0ArKJSzAodA3dxLhS8EAE&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=480,933,1000,1000,1000&tos=480,453,67,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=404436100&rst=1708111561606&rpt=359&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB5E 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstD49ZhYxk5cbUtgClZnFm3Cl-hiWuSMkooG6JV5imbilBThfkbJsYKzosgo4J-JRG6gLymYBb2c6mZW6tCb1m6lt7mniOErVZHhwkt3FFMX1bQsFE8qrtE7RX-l7az-qLV9jxO5Fq53VrnrqFympKIPpiuRqTWOTjKmg&sai=AMfl-YQY6bW7EBI9L7Avh3XzR5erGLXFo0UmnhS365OlXrPAvVljqf0Olih3kgivotWu7SnDiGFHw9ETcA2mu-LSbNPMe3mUXGU6UfQcBH3sUYZlXl-gubz-HJBXSjSDE7lPz_yTV03tgemdsU4diY6ybg&sig=Cg0ArKJSzCbs-ZSCbcI6EAE&cid=CAQSTwAvHhf_VClyqQ5gRM3-wklRkHqqFb_WxdefeeQuAJidZ3YMgoqHm2DpU3Drkccamby9uHovHHJRsaBkr2PHYHv57nHOxloLxd5oJN7MqqAYAQ&id=lidar2&mcvt=1000&p=0,0,280,1092&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=387046663&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=404436100&rst=1708111560673&rpt=1418&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240214&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a02e45a6acd38adc3001151d83d16cadee2302c7653597024d7cb3f673187882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12319
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6696 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7988b58c9e941b549be3928bb57ca1da795c7d9bfc8d0a4b837ddc4c4129672f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DF13 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3886b84115a277570810a6030416f590f15b426db83d536673542b575e81669c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 19:26:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1501 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 125129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 08:40:34 GMT
expires: Fri, 14 Feb 2025 08:40:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D45 829 B
559 B 17ms
16ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

691b15e49e738d51514307583c298909c61198fdd64c5a26e25b2735dcbd47a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--grLgvs9zVkuYlTEdQUvPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geradordecep.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--grLgvs9zVkuYlTEdQUvPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 19:26:03 GMT
expires: Fri, 16 Feb 2024 19:26:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1501 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D45 0
0 41ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240214&jk=2661440145104977&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame DBD4 0
54 B 116ms
116ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsp1isqf&c=8786896510248&slotId=4393448255124&qqid=CMD59rbLsIQDFf9TwgUdlGgCJg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ss~atrd.sv~vil.123&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240214_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1501 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R3vg_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:26:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240214&jk=2661440145104977&bg=!Hh2lHVLNAAZN4L4YbeA7ADQBe5WfODJ8teqqNUKKGttKC9LGhkpzyakBtGyxxfr3-qfmLp00eoDt8XNFcWosbXsc7zSKAgAAADBSAAAAAmgBB5kC2HdSvpWKZxqGMpHZpqQeI1VNIjT1LtWLQO3bhb-mGTRLzkX2H7uzpQOEuGFSmReDy1_1yLONHLfxbEoeo6jGbYJiACCIAUvh510rj5nd2qZrKS2jcb1ziGOx7NnKOp3NoNY_HL53TWDrPTmD_2kpmBEfDTCcZKbNWop4J-U7xISddognsdH2rq0-2MLxvMmvtVPci-Rz2BXw3VnHZ2Fs0otpqaWToK57yj9TCpXPLAE26qtbPY8uuotdqD_uy4fUpUv6XWN6jVzDksZWmALIx7KPDACtKUOLnoT1b5lklPICFAHa1M5cIIUZueVpY4r6W9qWTYys1B9OAMt8ldln75nGOh2mP_6GiPCUMf67ie62Qn306_KzJZMtS6g3AznQKmOJE_ERIFGlA9puN0-pTkQ1-8p-xPmdPoU2mwlzkFvIiqTIaj5tQE-E9QbGw3ds5lvik0E9V_VLBVcVfRRTGo4MTkdR82mqFlhgfOqq12GThNEJdMfUSCuz_Wqs8cp4WL6yyorbvYZHx4HVEGfCtr4rjcGhFMFVJb4uVGGoEPu0jc5tnKXLuseiBu4fPI8eq5qPzp7dcap70HIZ7KfPkfPgh5MbuKONfLi2XytoiqTRPc-EMH3ikuO1ITmo__kQV4pUGAe7DQUKh-rETPhNha46pXa1XKR9T_O6CbN7I_CxNbXkEzuo8p5vNdefTqezn-yEeK6VjPwydn9RKpWJVvzz6INS7ICpqF9a6ZbraNNBjxu0Fzcd-IwnwMrpLb846ChfoY5JOyen4vGsxUzVGEpQGoffo-vKHdpoutMIgfg7uLJ6ltEGREgayRqEOAbbpGKjUxk3pnq1YXr8azcH3Qkz27Lbyw5FOwAx4ouDw7WDu9nhcFq5OeVCRa4yj_o7AJxAUCKyJeCdEXueYlo4JAKtLrBtpj019ZSkefvt7R12yY-9lSbIGdqOtlsI296CLsvP1vc8PNwp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.geradordecep.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6696 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5535137240174&version=m202401290101&ct=76&x=1&cor=4102862945201756700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C1C 0
20 B 38ms
37ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4102506230559&version=m202401290101&ct=76&x=1&cor=2445104663725784600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF13 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5759891948640&version=m202401290101&ct=76&x=1&cor=10678909258493161000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6696 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTo7RVFMtZd3N32IdgoP7LRbiVkz8NqxZrqP4NsXajswoqkL80yFRiRr1NbUtjX3416YBBD9FWAOWMt52bozZGjHq9w0i5K9z7Es8dCIPOJCD3Zi3wGYLKnV7eRIurM_gPfy7k_ngzvXr6qXceZxdu0535VaPV9qtW-CwgEtaR&sai=AMfl-YT53WO8dDNEBCpuTwQaEpH2BgEJLTt0JAzri72_teqoiih0Owc1JoisOoVWQVSTypHX2VVrf-fXhO7dnuqqTnTFRuruQCh1fOCAA9OqvgMZVki8emmndWpU-hGMInUDJY3YhDJk4JaxQgGDd45H&sig=Cg0ArKJSzJaxRssJQAVBEAE&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=404436100&rst=1708111561563&rpt=387&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF13 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssId3AC_vdzFmY9AejytGv-DeyNkc-tXTzAvYiZ7uAS93T_7LOqdBh0XL75qbVYS71x_VgiUNFPzSH1mhKiAe0CH6lZLLmcJGx7PmVxaqbrMAouTqEQLFYeUTKJ-LN0xU8ZMtUIu8Vzmt_szQMXqlVLV247vfVg1Jr6C_UNCpg&sai=AMfl-YTVNpLLcwh1M8XF0nuhdJrzL3ZHXzd4Vr32oXe9J3NQZX_dGy28F8akvmMdFWTq-4FpK6_CpfmNmGYBE2sZmMBBAWAy7w_KPUDR1YBFBS6grGY0aJoJ4tUEVt7xZ3GmF7wSSFjIahkyk2ndbT52&sig=Cg0ArKJSzCxM5OgT99iEEAE&cid=CAQSTgAvHhf_A7CNaXSFb6GfulXvIDoWPAFK4bk2kawkTySUmfa4BSYWdAW_R7FdZ5UWFWV0IX2QxKVWu8BrU2B7d-Uv19gN9YNwaMEDFZciGBgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=404436100&rst=1708111561586&rpt=377&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 19:26:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geradordecep.com.br/	1970-01-20 18:29:57	Name: _gid Value: GA1.3.1682870141.1708111560
.geradordecep.com.br/	1970-01-20 18:28:31	Name: _gat_gtag_UA_17536895_21 Value: 1
.geradordecep.com.br/	1970-01-21 04:04:31	Name: _ga_75EYQ743ZZ Value: GS1.1.1708111560.1.0.1708111560.0.0.0
.geradordecep.com.br/	1970-01-21 04:04:31	Name: _ga Value: GA1.1.1511135010.1708111560
.geradordecep.com.br/	1970-01-21 03:50:07	Name: __gads Value: ID=86cda33a92a97106:T=1708111560:RT=1708111560:S=ALNI_MaIQVnzgfp6bFHw253pO3szzDGf5Q
.geradordecep.com.br/	1970-01-21 03:50:07	Name: __gpi Value: UID=00000d5b03786015:T=1708111560:RT=1708111560:S=ALNI_MZ38vVni19QKBmND2h9zd0UkK6ZYg
.geradordecep.com.br/	1970-01-20 22:47:43	Name: __eoi Value: ID=569a505a313c3ab6:T=1708111560:RT=1708111560:S=AA-AfjZxoBpwEwsiZOsc0CtxO5eq
www.geradordecep.com.br/	1970-01-20 19:11:43	Name: clever-last-tracker-56690 Value: 0
.doubleclick.net/	1970-01-20 22:47:43	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:04:31	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-20 20:38:07	Name: CMPS Value: 2210
.doubleclick.net/	1970-01-20 22:47:43	Name: APC Value: AfxxVi76Y0DKhkAzmKgO5Dg9OnfJryF0h-Cy1cGvpjNNNFU4sZ2-Kw
.adnxs.com/	1970-01-20 20:38:07	Name: XANDR_PANID Value: yuGPPsjzpi_SPQ5u8gLLHBBLMxymfSGvJ6Gts2geEh4MkPHL-nG0uGLqmyruf-qY6q8Bi22-BH29ACdD3HR35XLB0KON1mjcBdHmGdEARXM.
.adnxs.com/	1970-01-20 20:38:07	Name: uuid2 Value: 4992600425268526394
.doubleclick.net/	1970-01-20 18:28:35	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-21 03:14:07	Name: CMID Value: Zc.2ybmqPPEAAG6UAAHsrQAA
.casalemedia.com/	1970-01-20 20:38:07	Name: CMPRO Value: 2210
.doubleclick.net/	1970-01-21 03:50:07	Name: IDE Value: AHWqTUlSsh7a_GMIchz-DnXp3zJlJsY54hOK77feKhsBBNqC1_toeef_nqfuElVU77Q
.googleadservices.com/	1970-01-20 20:38:07	Name: ar_debug Value: 1
.creativecdn.com/	1970-01-21 03:14:07	Name: ts Value: 1708111562
.creativecdn.com/	1970-01-21 03:14:07	Name: g Value: hXfk8YhWkzjgVjc50Hz9_1708111562421
.adform.net/	1970-01-20 19:10:17	Name: C Value: 1
.yahoo.com/	1970-01-21 03:14:29	Name: A3 Value: d=AQABBMq2z2UCEJZ1AGVnAYMMFotqMbXLy6QFEgEBAQEI0WXZZQAAAAAA_eMAAA&S=AQAAAjOy49pHJ-Bl4qlzvWAzms4
.adform.net/	1970-01-20 19:54:55	Name: uid Value: 1858582100621243959
.tribalfusion.com/	1970-01-20 20:38:07	Name: ANON_ID Value: aLntuJpkijcDifqAbPsoMlGLZaXXcm8uY9L0wCJ1TvnZcrYxQEgIurbWpbZbYZaDXcKS5qIBcunHO2Xs3JEaZdocg8FrN

139 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.geradordecep.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
bid.g.doubleclick.net
c1.adform.net
call.cleverwebserver.com
cdnjs.cloudflare.com
cm.creativecdn.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
csi.gstatic.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r2---sn-4g5e6nsz.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
scripts.cleverwebserver.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
ui.cleverwebserver.com
www.facebook.com
www.geradordecep.com.br
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.181.226
142.250.185.226
142.251.168.154
172.217.23.98
172.64.151.101
178.250.1.9
185.184.8.90
192.241.141.27
2.16.97.41
2001:4860:4802:34::36
2600:1f13:800:7781:2b49:c39c:c642:eb
2600:9000:2127:7c00:8:48e:53c0:93a1
2606:4700:4400::6812:2a64
2606:4700::6811:180e
2606:4700::6812:18ad
2607:f8b0:4001:c5c::78
2a00:1450:4001:5f::7
2a00:1450:4001:808::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:813::2001
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3601:8a10:6709:5018:5354
34.240.0.127
37.157.4.28
37.252.171.53
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02e88f180655112fff6b7e61b9d5e10f94652d17983f6b4c4af64dcfc8037dac
0414e2158b948cab14ced6ca3004907eb4245868c8bb830384c3dd0bd42e0d5d
078e0985ea6818ca64ade8a892872cc2b3b82c8e51c6c5f28738ea60ef3c1af0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c3484406cb109a7cf8c1100d4e2f307a2df7c08a490c4b9a5e7af7d0ceda3b8
0de6bf3a854d7b6af927528775296000921edab2798e2882cd805f280770bb31
0e33434b042c688fa1972d51e9c103fe592fca7a4dd50358c08449c7b0f5cb4c
12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0
1310b5fcceeb992ee68e19e63b640a0b8c976c84df9cfbe7c86f560cb91db33e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
200f412fc76589d1833699b2be6dc03901befd36ad15355347988b86b8c4ac75
2218f4accb7ba3b0d1bd3eb3dc3c41b50816d3970ff6e2cf558e2c44bb3fabdc
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3410c41ecbf4f6591e534da7336102feb54c37574e90287cdabc5a47519b043c
3498d9fbedd26b6b7ef0bf1fbefb11567850a3c584e2f804e43c24b93122ae2c
3886b84115a277570810a6030416f590f15b426db83d536673542b575e81669c
3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41dce01535b6b64ddd622821ba98c1a9a25ea33ca2256948943d9704e0fd1b24
4219de5f0ca7f22b37020e6678c1bbedba4c3530ecff943a9de51bbe833366ca
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e5ecd033195f9bc51fb43490cf34de7ffe42e0828b6e1d84a18c9021353419
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
462ee8149f21bb533b1bace4d6a8cdc6c9b7f150cbcfaf1619b1fdb32e0c1942
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f832eb2e911cb43614e2b9be7083e8c40cc5fefc8512f59b6b5c4ff468841d5
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
5554e6a343019a1a2aa0c7f245f192a0c6b43c36ce789886213963378355d5f3
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5747910be5b88a086513e9871701218e5fba55091e661deac3c5af93dc75ec16
57e8437204b46d129b7990ba20a98e6b26175ed131f60cfb19ec50f639f8cd6e
58c7b6bffabba04d72d8077b9efcfb4f7a6478b9e66c5b07a3a32e3cda3b1877
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
691b15e49e738d51514307583c298909c61198fdd64c5a26e25b2735dcbd47a5
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6448035dec0a5e4309b6020fa309d0f2630651bb01def833cc409e0fdef99e
6dec06becfd5dff9e5109678d08ed0b6e4c3aba816aeb2fef00cbfae1ecf63ed
6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b
70a135756a8ceae7ace08b7a684539f821ff5b8f61fa37f14e55cfa030fb0fa0
716b2a35acfc8e6a247c9e4d9e3c32dc2354b3a8a6e6481835a64b783a5ba4a3
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
7988b58c9e941b549be3928bb57ca1da795c7d9bfc8d0a4b837ddc4c4129672f
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
826dd1f5c4acf3e828e03e22aaaf9cd31a64e2d8413a4f33cc9062a885fe321c
83c8a18f3637cd30d3e3d387e7f21eea917d52b5a466df6e88cb68ff44df79da
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
845ae7772b4bde28686a2a21d95fc1b9e9ce5223db1172c182d325d6f6c48d86
848536686a6e7e46d97513420a5b381823adf1c2e8169e009aebb16774cb4e3e
86081b16052ed61d175793a538134432d860330c83484abab4e3b31b655d72e1
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
957456efcd78e43e461d13e0586a24ec6428c4450e5f0005e362bc07b6cae07d
97c372674941d21d6889276c5803def407cd2223a411520ed53c7cffe322c37c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02e45a6acd38adc3001151d83d16cadee2302c7653597024d7cb3f673187882
a34d3e5bb3e2e1035ef369d1dc4277514dee829c2511f80b18a79f9d4dca33b2
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8e61dffbb5af750ce76b47548cbf797e709aea6476cc73b8f1cab688a0fdbe2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
ad393a4d199e746ce55f05fe6d35a31bffceb0546071cadbd94dc1c4a22f4d36
b0eae77b277d8ad31b1a10cdec84187ccbe59caef417d1b81068c5df44f62dca
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5eb737e20fa11ace6ddbc922d8538dc52384cddd4364a0330316b8e7bfe6c44
badc4ee33c05654e26ca5ff6f608c5ffff9f948ece0e109a861fbcd5922d667e
c01626395cf8ca2503118cc6e347502f848964b5917425659176d1ba65935a22
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c97238c3c1826119a2375a234401dea3631ad1ac29973bdf94bba87f0bcc80dc
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
d09dd002cdf8c4c75e79eae2a6dbc0b7570a49d0fcc38f9ae9184f3f69a8376d
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd
da83742b7fb2249883e450cc5f0875420b06e4990871256b38b98a51572585fb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27
e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
eb21822dbf89641285c534464bde88585b53be428784960269a13e92c65067eb
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b4e4c004fd4c616051fea51e4e22bd2dfc19d7803442b2d8b4e1e9031e1fb
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f1beb636ec2eff3e25cd882211a8676f0bcfddb952afc133e8f4764bb2e8d2d8
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

www.geradordecep.com.br Open in urlscan Pro 192.241.141.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

246 Requests

93 %HTTPS

67 %IPv6

23 Domains

40 Subdomains

32 IPs

7 Countries

3112 kBTransfer

8547 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geradordecep.com.br Open in urlscan Pro
192.241.141.27 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

93 %
HTTPS

67 %
IPv6

23
Domains

40
Subdomains

32
IPs

7
Countries

3112 kB
Transfer

8547 kB
Size

25
Cookies

246 HTTP transactions
9 data transactions