www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baixaki.com.br/
Effective URL:
https://www.baixaki.com.br/
Submission Tags: falconsandbox
Submission: On February 07 via api (February 7th 2024, 8:04:08 pm UTC) from US — Scanned from DE

Summary HTTP 291 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 56 IPs in 9 countries across 44 domains to perform 291 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on November 28th 2023. Valid for: a year.

This is the only time www.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 71	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
9	2600:9000:244... 2600:9000:2447:2000:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:2251:b000:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:f000:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
4 7	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 3	108.138.189.90 108.138.189.90	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:213... 2600:9000:2134:dc00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2.19.11.162 2.19.11.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	52.71.60.78 52.71.60.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1 4	5.135.209.97 5.135.209.97	16276 (OVH) (OVH)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::ac43:4637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.95.152.229 13.95.152.229	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
30	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	178.32.197.49 178.32.197.49	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8 15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
6 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
9	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	191.235.248.36 191.235.248.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	178.63.52.121 178.63.52.121	24940 (HETZNER-AS) (HETZNER-AS)
1 4	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
5	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
2 4	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
2	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	18.134.223.160 18.134.223.160	16509 (AMAZON-02) (AMAZON-02)
2	2.20.213.154 2.20.213.154	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	63.33.221.51 63.33.221.51	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	89.149.192.75 89.149.192.75	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	13.42.167.62 13.42.167.62	16509 (AMAZON-02) (AMAZON-02)
291	56

71 179.191.182.65 (Offenbach, Germany) 2 redirects

ASN52580 (Azion Technologies Ltda., BR)

baixaki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.baixaki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bk.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2447:2000:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:b000:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:f000:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.215 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.189.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-189-90.mxp64.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ab (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2134:dc00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.11.162 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-11-162.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.60.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-60-78.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.135.209.97 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu

adapi.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.197.49 (France)

ASN16276 (OVH, FR)
PTR: ip49.ip-178-32-197.eu

euw2.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (San Francisco, United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.70 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 136.243.149.243 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 191.235.248.36 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adoptprodstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.52.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.52.63.178.clients.your-server.de

hal900020.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.102.164 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

hal900012.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.121.248.44 (Saint-Martin-d'Hères, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:d0a:2321::2 (Nuremberg, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.223.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-223-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.213.154 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-213-154.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.221.51 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-221-51.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.149.192.75 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.167.62 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-167-62.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	546 KB
46	ibxk.com.br bk.ibxk.com.br	482 KB
40	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 ad.doubleclick.net — Cisco Umbrella Rank: 157 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 187493	307 KB
25	baixaki.com.br 2 redirects baixaki.com.br www.baixaki.com.br	270 KB
17	redintelligence.net 2 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37466 hal900020.redintelligence.net — Cisco Umbrella Rank: 234885 hal900012.redintelligence.net — Cisco Umbrella Rank: 233701	254 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	138 KB
10	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	6 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	207 KB
10	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 81512 me.jsuol.com.br — Cisco Umbrella Rank: 100735	92 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2720 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 97	2 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	7 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
6	smartadserver.com 1 redirects adapi.smartadserver.com — Cisco Umbrella Rank: 36485 euw2.smartadserver.com — Cisco Umbrella Rank: 16884 ssbsync.smartadserver.com — Cisco Umbrella Rank: 726	2 KB
6	tailtarget.com tt-10162-1.seg.t.tailtarget.com — Cisco Umbrella Rank: 114670 m.t.tailtarget.com — Cisco Umbrella Rank: 182934 b.t.tailtarget.com — Cisco Umbrella Rank: 68084 t.tailtarget.com — Cisco Umbrella Rank: 23350	2 KB
5	medialead.de pv.medialead.de — Cisco Umbrella Rank: 43026	2 KB
5	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 161616 osp-assets.pn.vg — Cisco Umbrella Rank: 233973	78 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	418 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 86699 udr.uol.com.br — Cisco Umbrella Rank: 104875 tracker.bt.uol.com.br — Cisco Umbrella Rank: 91333	3 KB
4	retailads.net 2 redirects cdn.retailads.net — Cisco Umbrella Rank: 168115	11 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 26690 api.webgains.io — Cisco Umbrella Rank: 62843	19 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	195 KB
3	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 33697 usr.navdmp.com — Cisco Umbrella Rank: 39489 cdn.navdmp.com — Cisco Umbrella Rank: 26146	6 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1625 mab.chartbeat.com — Cisco Umbrella Rank: 2677	26 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6562	622 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 175	4 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 702	588 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 549	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 687	890 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 819 r.turn.com — Cisco Umbrella Rank: 4264	869 B
2	awin1.com www.awin1.com — Cisco Umbrella Rank: 16791	1 KB
2	futalis.de futalis.de — Cisco Umbrella Rank: 279942	801 B
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 221792 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 241029	99 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61820	3 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1222	576 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374	643 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 794	710 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 53021	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 144946	923 B
1	windows.net adoptprodstorage.blob.core.windows.net — Cisco Umbrella Rank: 890093	5 KB
1	smrk.io p.smrk.io — Cisco Umbrella Rank: 242109	610 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 419	535 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1392	201 B
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10709	37 KB
291	44

	Domain	Requested by
46	bk.ibxk.com.br	www.baixaki.com.br
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.baixaki.com.br pagead2.googlesyndication.com c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com tpc.googlesyndication.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.baixaki.com.br c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
23	www.baixaki.com.br	www.baixaki.com.br cdn.pn.vg
15	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	hal9000.redintelligence.net	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com hal900020.redintelligence.net hal900012.redintelligence.net
9	tm.jsuol.com.br	www.baixaki.com.br tm.jsuol.com.br tm.uol.com.br
8	fonts.gstatic.com	fonts.googleapis.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com www.baixaki.com.br
7	ib.adnxs.com	4 redirects tm.jsuol.com.br googleads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.baixaki.com.br securepubads.g.doubleclick.net
6	fonts.googleapis.com	securepubads.g.doubleclick.net hal900020.redintelligence.net c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com www.baixaki.com.br hal900012.redintelligence.net
5	pv.medialead.de	hal900020.redintelligence.net c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com hal900012.redintelligence.net
5	ad.doubleclick.net	1 redirects c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com 8019191.fls.doubleclick.net
5	www.googletagmanager.com	me.jsuol.com.br www.baixaki.com.br www.googletagmanager.com adv.office-partner.de
5	www.google-analytics.com	me.jsuol.com.br www.google-analytics.com
4	cdn.retailads.net	2 redirects futalis.de
4	hal900012.redintelligence.net	1 redirects c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com hal900012.redintelligence.net
4	hal900020.redintelligence.net	1 redirects c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com hal900020.redintelligence.net
4	adapi.smartadserver.com	1 redirects
4	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	1 redirects www.baixaki.com.br tpc.googlesyndication.com
4	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
3	www.gstatic.com	www.baixaki.com.br c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
3	www.googletagservices.com	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com www.baixaki.com.br
3	www.google.de	www.baixaki.com.br
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
3	sb.scorecardresearch.com	1 redirects www.baixaki.com.br
3	tm.uol.com.br	tm.jsuol.com.br www.baixaki.com.br
2	api.webgains.io	analytics.webgains.io
2	onetag-sys.com	1 redirects
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	8019191.fls.doubleclick.net	1 redirects c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
2	www.awin1.com	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com hal900012.redintelligence.net
2	futalis.de	hal900020.redintelligence.net hal900012.redintelligence.net
2	b.t.tailtarget.com	tm.jsuol.com.br
2	static.chartbeat.com	www.googletagmanager.com
2	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
2	baixaki.com.br	2 redirects
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	ssbsync.smartadserver.com	c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	um.simpli.fi	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	track.webgains.com	www.baixaki.com.br
1	adv.office-partner.de	hal900020.redintelligence.net
1	adoptprodstorage.blob.core.windows.net
1	cdn.navdmp.com	tag.navdmp.com
1	t.tailtarget.com
1	euw2.smartadserver.com
1	usr.navdmp.com	tag.navdmp.com
1	disclaimer-api.goadopt.io	www.baixaki.com.br
1	tag.navdmp.com	www.googletagmanager.com
1	tag.goadopt.io	www.googletagmanager.com
1	tracker.bt.uol.com.br	www.baixaki.com.br
1	p.smrk.io	cdn.pn.vg
1	osp-assets.pn.vg	cdn.pn.vg
1	id5-sync.com	ced.sascdn.com
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.baixaki.com.br
1	ced.sascdn.com	www.baixaki.com.br
1	m.t.tailtarget.com	www.baixaki.com.br
1	udr.uol.com.br	tm.jsuol.com.br
1	me.jsuol.com.br	tm.jsuol.com.br
291	72

This site contains links to these domains. Also see Links.

Domain
www.tecmundo.com.br
nzn.io
www.megacurioso.com.br
www.clickjogos.com.br
partner.canva.com
click.linksynergy.com
bit.ly
adobe.prf.hn
net.geo.opera.com
nzn.gupy.io
goadopt.io

Subject Issuer	Validity	Valid
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2023-11-28` - `2024-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.jsuol.com.br Amazon RSA 2048 M01	`2023-08-03` - `2024-08-31`	a year	crt.sh
*.uol.com.br Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
pn.vg GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
smrk.io R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
uol.com GeoTrust TLS RSA CA G1	`2023-09-11` - `2024-09-22`	a year	crt.sh
goadopt.io GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 01	`2024-01-23` - `2024-06-27`	5 months	crt.sh
pv.medialead.de R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.futalis.de R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.baixaki.com.br/
Frame ID: 3D2A63ED570E639E7A3C6ABB5C029D26
Requests: 143 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: E2B45378BE85EFA9B60093B05CFD7D9E
Requests: 2 HTTP requests in this frame

Frame: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60D28173C3BACB4DA6973D3D3DA03C43
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 293318E5911C5288D7ABCE6D3C83DA71
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: CC54522397ED31CE97B5ABAA10D89207
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240205/r20190131/zrt_lookup_fy2021.html
Frame ID: 8D3AE1FA279201442B77D00D93F331BC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs
Frame ID: AC1030BC81182C5A36001F1B3DC9C96F
Requests: 15 HTTP requests in this frame

Frame: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8A7207EB98E8F7C2D0AC821F96118828
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs
Frame ID: 543CDA50E5EAF2A0D5FD6F81C58586F3
Requests: 16 HTTP requests in this frame

Frame: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7424526458470A6F9E90936DC67E84D4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNU5Nzwl2oA4XNPjvTtLFJ1mwPwi5wI5y_8scAbHR_OtGNjp-SMyj61T6uoM166oKYky5cpTNejR12pEsofytZaCjz5t_WkOGcHZj_7Nj2TUIEvH7vO003-kLoamiIU2CdoXt_w4HcC9f70bQLU94unoI8rBzC-f0Ip8V3er8uPK5GyqR0w
Frame ID: C64C90A5B7E9B526DAC318868CDD95DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUjxRfimmAdnPwV4r2vignKVTjxMJ-IzVR7HC1a7MJrzxMbiTZ-rxwGRpdnmQ0b4W0odT7WyUt79NQArlIqvWs4Gj5lv042gnvdCl1gfuMIXBsEcNpd6rxMIVoVj1Yl4ykVvdzJFXu3dRMpXSsU7suW45BeAuBndxdxuKcuA9DsUyreu_4
Frame ID: 04298CB80ADD13471AE7CFA18A07B8A8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 391C18F0B9499AD5EAB54106E7492725
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFBE98A7CAA21E3DB7124D336CDE0762
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1707336243&plaf=2%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707336242976&bpp=3&bdt=3422&idt=281&shv=r20240205&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5482d8c6f430498f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MZu2ZCFQKGC1XGQPrQelOCiHaIJrA&gpic=UID%3D00000d5321553b95%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MbHMNWGOhviyD77b8LPynWNyoUCNA&eo_id_str=ID%3D6308ab99ef9ae28f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DAA-AfjaATLF1TmhIIT_g7oH3bQME&nras=1&correlator=7755932585393&frm=20&pv=2&ga_vid=1173118734.1707336242&ga_sid=1707336242&ga_hid=1372859529&ga_fc=1&ga_cid=1356005516.1707336242&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080796%2C44795921%2C95322434%2C31080873%2C95322329%2C95322897%2C95324154%2C95324161%2C21065725&oid=2&pvsid=1677658623350006&tmod=413635992&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=300
Frame ID: 5524D691CEEDB9AD6590375F576ABBB1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 925B5FD274551EB6E1F72183B34C07FE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 417A6E81CE9BF377CD0AC625E68723C2
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=46236200220383004444990012593020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E6B7CA16D91CF7FBA379E7C992FCF7C5
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283
Frame ID: 245EA05E0A79CAD636831B8F8008A655
Requests: 2 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: E4364A6E924738F86BCB39794F255E91
Requests: 3 HTTP requests in this frame

Frame: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Frame ID: 971551AB50C3D6261A68BEE2EBB3E4D5
Requests: 9 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64032200205360504444554012593012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 191CC525B3FF18157C16A1FCF0B28157
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284
Frame ID: 9D12CBF8AD140DBB2184FFCA0C3340AD
Requests: 2 HTTP requests in this frame

Frame: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BC939A494A6DE244F435583957AD9EF2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AAFDB14D6630B2A111B0A98FC8B2ADFD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA5E88F355BFD0EC21EF5E2A446B73D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC9EB7A0CD3F47500A5FE2A9CCFCC220
Requests: 9 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504
Frame ID: 3C959498A422F90A8CACFFBA57AD12D7
Requests: 3 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Frame ID: 3C9F8ABAA16103952F02D543A82AC2ED
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js
Frame ID: 4863D6403CF1D5FEE39604691904CDBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baixaki - Milhares de apps e jogos para você

Page URL History Show full URLs

http://baixaki.com.br/ HTTP 301
https://baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

291
Requests

93 %
HTTPS

49 %
IPv6

44
Domains

72
Subdomains

56
IPs

9
Countries

3238 kB
Transfer

8241 kB
Size

56
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tecmundo.com.br/videos
Title: TecMundo Videos

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/teste-de-velocidade.htm
Title: Teste de velocidade

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/cupons
Title: Cupons de desconto

Search URL Search Domain Scan URL

URL: https://nzn.io/#contato
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/

Search URL Search Domain Scan URL

URL: https://www.clickjogos.com.br/

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/

Search URL Search Domain Scan URL

URL: http://partner.canva.com/ZQ3JWq
Title: Tenha mais de 100 milhões de recursos premium com o Canva Pro

Search URL Search Domain Scan URL

URL: https://click.linksynergy.com/deeplink?id=PcZhvZUGtEs&mid=42431&murl=https%3A%2F%2Fwww.xbox.com%2Fpt-BR%2Fxbox-game-pass&u1=baixaki-carrossel01
Title: Aproveite descontos e vantagens exclusivas em jogos com o Xbox Game Pass

Search URL Search Domain Scan URL

URL: https://bit.ly/49nwHiS
Title: Eleve sua segurança online!

Search URL Search Domain Scan URL

URL: https://adobe.prf.hn/click/camref:1100lrhP3/pubref:baixaki-carrossel01/ar:creativecloud/destination:https%3A%2F%2Fwww.adobe.com%2Fbr%2Fcreativecloud.html%3F
Title: Assine o Adobe Creative Cloud com 49% de desconto e tenha mais de 20 ferramentas de edição.

Search URL Search Domain Scan URL

URL: https://net.geo.opera.com/opera/stable/windows?utm_source=nzn&utm_medium=pb&utm_campaign=baixaki
Title: Navegador Opera - Navegação rápida e sem distrações com o bloqueador de anúncios

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/produto/279728-fone-ouvido-jbl-10-modelos-40-desconto.htm
Title: TecmundoFone de Ouvido JBL: 10 modelos com até 50% de desconto

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/279698-jogo-gratis-steam-te-coloca-freira-ajudante-diabo.htm
Title: VoxelJogo grátis na Steam te coloca para ser freira ajudante do diabo

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/279729-criador-yellowstone-trabalhando-nova-serie-conheca-landman.htm
Title: Minha Série Criador de Yellowstone já está trabalhando em nova série! Conheça Landman

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/seguranca/avast-ciberseguranca/?utm_source=tecmundo&utm_medium=cta-canais-exclusivos&utm_campaign=avast-ciberseguranca
Title: Avast Cibersegurança

Search URL Search Domain Scan URL

URL: https://nzn.io/
Title: Sobre

Search URL Search Domain Scan URL

URL: https://nzn.gupy.io/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://nzn.io/exclusao-dados/
Title: Solicitação de Exclusão de Dados

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie
Title: Minha Série

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/the-brief
Title: The Brief

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel
Title: Voxel

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baixaki.com.br/ HTTP 301
https://baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

Request Chain 116

https://adapi.smartadserver.com/4656/call HTTP 307
https://adapi.smartadserver.com/4656/call?cklb=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1

Request Chain 192

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPiMzNJEZAiU.Whr4UsCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

Request Chain 194

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2ODgwODM2NTgwMTE0MjAwMg%3D%3D

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1

Request Chain 196

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPiMzNJEZAiU.Whr4UsCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

Request Chain 198

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkzNzI1OTA3Mzc0MTY5MTg5Ng%3D%3D

Request Chain 207

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK32t5KDmoQDFayl_Qcd5kMILQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Request Chain 221

https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 222

https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 229

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46236200220383004444990012593020&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283

Request Chain 237

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=64032200205360504444554012593012&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284

Request Chain 262

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504

Request Chain 268

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1&google_push=AXcoOmQA_YCipy73sfmjYVp89h2SCAD6wo1XzHMjC6NeFFmicenG_rKHo2y0R6TVZxav54YxnsrlPQrhHbl8h0zfz5vvHIuS8d8z7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0MzY1MDM1MTY3MTI2Mzg3OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1

Request Chain 269

https://um.simpli.fi/gp_match?google_gid=CAESENsMXn5A4mCiPXSoXqU7Cjw&google_cver=1&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2d12r8qvOG-s-0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F5D9468EC6644C89033117B2ED1FA24&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2d12r8qvOG-s-0

Request Chain 270

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBB7pFlWj2i-IerKfgB-AY0&google_cver=1&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvByl8_RCiuc1AUZNfGFGRKkUzk5Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFNDN1gxN0otMjMtN1FRSA==&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvByl8_RCiuc1AUZNfGFGRKkUzk5Aw

Request Chain 271

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH3z-bPqmHAbb0DHRZWrdj0&google_cver=1&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH3z-bPqmHAbb0DHRZWrdj0&google_cver=1&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ&google_hm=IH50AGZHY1uGSdZxQCCDOxK9

Request Chain 272

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI0dmPnqn_qzW1CeHvzvNjQ&google_cver=1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1707336244060 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fe277662-7397-4c36-a22f-09b3575ebc81-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA%26google_hm%3DA_4ndmJzl0w2oi8Js1devIE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&google_hm=A_4ndmJzl0w2oi8Js1devIE

Request Chain 274

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBBQB5nP-THyXq9EJvEubq8&google_cver=1&google_push=AXcoOmRWb_Sha2JgwcGze41VNHs2YWnOX0MyTL6XP_QMbEEF44wNM2Dsvw_zMrMfOfVv-_UzUPKM5_nHaLh-WUIdGaeiN1-DfKPoLT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRWb_Sha2JgwcGze41VNHs2YWnOX0MyTL6XP_QMbEEF44wNM2Dsvw_zMrMfOfVv-_UzUPKM5_nHaLh-WUIdGaeiN1-DfKPoLT8 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 276

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

291 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.baixaki.com.br/
Redirect Chain

http://baixaki.com.br/
https://baixaki.com.br/
https://www.baixaki.com.br/

199 KB
31 KB

2501ms
566ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

/ Next.js

Resource Hash

e0a40de9156383190a80f61ab39446efb7b47ee82d60d91eec9b459d152ee42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:03:59 GMT
expires: Wed, 07 Feb 2024 20:08:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
version: 3.0.7
x-nextjs-cache: STALE
x-powered-by: Next.js

Redirect headers

cache-control: max-age=300
content-length: 162
content-type: text/html
date: Wed, 07 Feb 2024 20:03:57 GMT
expires: Wed, 07 Feb 2024 20:08:57 GMT
location: https://www.baixaki.com.br/
server: nginx

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 115ms
62ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4e1990dd9900184432f53264e3cc4410f10575f7c937ffc994e5054ddb8810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29583
x-xss-protection: 0
server: cafe
etag: 20 / 19760 / m202402010101 / config-hash: 13022314258480772321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:03:59 GMT

GET
H2 200 01153404079042.png
bk.ibxk.com.br/2024/02/01/ 44 KB
44 KB 1550ms
629ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/02/01/01153404079042.png?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4fa6bc2d340d73dfa39dc2aad620ef6c18d647cd7f6aee8b45edcbbf651cf6d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 108067
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 45166
expires: Fri, 02 Feb 2024 18:36:13 GMT

GET
H2 200 f9bc0d62fd0adc4a.css
www.baixaki.com.br/_next/static/css/ 14 KB
3 KB 133ms
133ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:03:59 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:03:59 GMT

GET
H2 200 9a1e30072b12ed16.css
www.baixaki.com.br/_next/static/css/ 12 KB
4 KB 243ms
242ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/9a1e30072b12ed16.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:03:59 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:03:59 GMT

GET
H2 200 c99e2bd6d429f7bb.css
www.baixaki.com.br/_next/static/css/ 124 B
386 B 354ms
353ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/c99e2bd6d429f7bb.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:03:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:03:59 GMT

GET
H2 200 2c2dfa59234d7097.css
www.baixaki.com.br/_next/static/css/ 1 KB
642 B 461ms
461ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/2c2dfa59234d7097.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:03:59 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:03:59 GMT

GET
H2 200 5360.ba2cdf142814fdf0.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
3 KB 171ms
170ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5360.ba2cdf142814fdf0.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 5192.61cfd4d5795a4697.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
2 KB 295ms
293ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5192.61cfd4d5795a4697.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

eaa9ab6a453b08f674a98cdbe87c3dfabcbb857113a37e2084afc47efcfcd1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 5667.ff0c60e8e0e46189.js Show response
www.baixaki.com.br/_next/static/chunks/ 378 B
538 B 498ms
496ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5667.ff0c60e8e0e46189.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 9370.a198f17fc359d2ab.js Show response
www.baixaki.com.br/_next/static/chunks/ 81 KB
28 KB 609ms
607ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/9370.a198f17fc359d2ab.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 6165.abd9219a761e3fb5.js Show response
www.baixaki.com.br/_next/static/chunks/ 13 KB
5 KB 718ms
716ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/6165.abd9219a761e3fb5.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

ddd3ce5c733e04011314e3fd1832a4a525f03a9b62ad2b3348f42d5213664791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 1733.d60aaa15716e0d81.js Show response
www.baixaki.com.br/_next/static/chunks/ 3 KB
2 KB 825ms
824ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/1733.d60aaa15716e0d81.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

00e048de0769316782958affb433958edc4633a88e40026e6060d9f2ce133d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 4321.b765ee4b1b85f5f4.js Show response
www.baixaki.com.br/_next/static/chunks/ 1 KB
782 B 782ms
782ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/4321.b765ee4b1b85f5f4.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

a10e20613db5438d11bb90276d180351351fe544a5668556cc4d9c9af4a399f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:00 GMT

GET
H2 200 7977.48481e262407791c.js Show response
www.baixaki.com.br/_next/static/chunks/ 31 KB
8 KB 764ms
763ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7977.48481e262407791c.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 21:26:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 7210.ebe05da746aa9623.js Show response
www.baixaki.com.br/_next/static/chunks/ 5 KB
2 KB 682ms
682ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7210.ebe05da746aa9623.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

0e958649e6e64e1567901095ba7b50bb253a35bb3ead1a40d58469d44c9082e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 webpack-5199c064b75e312d.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
3 KB 683ms
683ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/webpack-5199c064b75e312d.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

919699aeef5a22f4b7a7c74fee7fe1747aa481fe6e7c78804be8cd9377a997b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 21:26:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 main-7e04035264ba73fd.js Show response
www.baixaki.com.br/_next/static/chunks/ 126 KB
39 KB 687ms
687ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/main-7e04035264ba73fd.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

bd96f5382a588d9c81a9abc95dff9fcf067dee7112e89aed8904f034492e1651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 _app-b182b434aec9efbe.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 238 KB
75 KB 707ms
707ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/_app-b182b434aec9efbe.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

043101c9f6d0b6cc8c87f0b73b9127d439e21aee8bffa1f9e1b678156f218224

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 21:26:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 7899-8ff7a6b4611fdbc1.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
4 KB 718ms
717ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7899-8ff7a6b4611fdbc1.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 11 Jan 2024 17:55:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 177-89dcbb9480015c7b.js Show response
www.baixaki.com.br/_next/static/chunks/ 182 KB
51 KB 831ms
831ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/177-89dcbb9480015c7b.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:01 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:01 GMT

GET
H2 200 index-8f0d443da7bfb88e.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 23 KB
6 KB 828ms
828ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/index-8f0d443da7bfb88e.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

0ba90cb51345c9930452694fa5873ff972ab01afbd8aebb7238280edaef27cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:02 GMT

GET
H2 200 _buildManifest.js Show response
www.baixaki.com.br/_next/static/nzBO02zns8Qqm0T3_cXkX/ 4 KB
1 KB 825ms
825ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/nzBO02zns8Qqm0T3_cXkX/_buildManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

1ae49785418651789e5d4065e40836ad8109349602a7dd80e8b8cae3bb95fd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Feb 2024 21:26:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:02 GMT

GET
H2 200 _ssgManifest.js Show response
www.baixaki.com.br/_next/static/nzBO02zns8Qqm0T3_cXkX/ 374 B
452 B 843ms
843ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/nzBO02zns8Qqm0T3_cXkX/_ssgManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 21:26:53 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:02 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 18:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6144
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 18:21:36 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 80 KB
18 KB 136ms
43ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: a6d02fa71cb0668b43f8589ada34c6a551dd098543c9aa55e1c9f6ec55125598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:03:58 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 13:01:21 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: AMS58-P5
age: 2
etag: 6fc77b1c675f60c8ba737d31995c36d6
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 18077
x-amz-cf-id: mMHr6MShr8g8NFOPKXJ3lYmzgeFGA8NtE1nzC5dMB2M1270KPwp-AA==
expires: Wed, 07 Feb 2024 21:03:58 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 17180102227005.png
bk.ibxk.com.br/2023/02/17/ 1 KB
1 KB 1078ms
632ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227005.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 690
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1266
expires: Tue, 12 Sep 2023 11:34:22 GMT

GET
H2 200 17180102242009.png
bk.ibxk.com.br/2023/02/17/ 962 B
1 KB 1077ms
631ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242009.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 760
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 962
expires: Wed, 06 Sep 2023 19:42:32 GMT

GET
H2 200 17180102242008.png
bk.ibxk.com.br/2023/02/17/ 784 B
932 B 832ms
832ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242008.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 777
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 784
expires: Wed, 06 Sep 2023 19:50:38 GMT

GET
H2 200 17180102227007.png
bk.ibxk.com.br/2023/02/17/ 908 B
1 KB 812ms
811ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227007.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 665
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 908
expires: Tue, 12 Sep 2023 11:34:23 GMT

GET
H2 200 08111936759001.png
bk.ibxk.com.br/2023/11/08/ 2 KB
2 KB 812ms
812ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/08/08111936759001.png?ims=fit-in/120x33
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 1087
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1662
expires: Thu, 09 Nov 2023 14:26:04 GMT

GET
DATA 200
OK truncated
/ 153 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 14194056736000.png
bk.ibxk.com.br/2023/06/14/ 13 KB
13 KB 1038ms
611ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/06/14/14194056736000.png?id=sprite-tm
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 8534
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 13130
expires: Thu, 09 Nov 2023 13:25:12 GMT

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b3bce3c1b15a775ce649ad31875c6dba16c4df5b1b48dc879f4ed175b8f04e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 22115518870014.png
bk.ibxk.com.br/2024/01/22/ 55 KB
55 KB 1032ms
611ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/22/22115518870014.png?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8e13cf298d7066e2fd9273194055d53806b567294d81c246a83dcb33bba5b9fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 215668
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 56344
expires: Tue, 23 Jan 2024 15:11:44 GMT

GET
H2 200 26114249427020.jpg
bk.ibxk.com.br/2024/01/26/ 43 KB
43 KB 785ms
785ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/26/26114249427020.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 84b3c2c4c2de02d8f0c63f5b707e71571a7e1d0cd375431817e03a3cbc75e16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 19679
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 43996
expires: Sat, 27 Jan 2024 14:44:18 GMT

GET
H2 200 07175154326015.jpg
bk.ibxk.com.br/2023/08/07/ 2 KB
3 KB 1027ms
608ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/07/07175154326015.jpg?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 527dab5e3cb7c7aaf68f30ec478a4ba06a1d39f4f6ffda8f6c6c7f1624cc86f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 12736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2500
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 24134647326055.png
bk.ibxk.com.br/2023/08/24/ 3 KB
3 KB 1025ms
606ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24134647326055.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b80752a98735c74cc0a908b9a6cb6e8332ec3f7effc7b646f2d3dc3f66960286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 15326
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3370
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 15134917932005.png
bk.ibxk.com.br/2023/08/15/ 2 KB
2 KB 716ms
716ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/15/15134917932005.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3f9c74b7349b1c19b614e66a7516ba9c652a8f47b55c75f8cdde02c3d72f91ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 42019
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2026
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 25124848394039.jpg
bk.ibxk.com.br/2023/08/25/ 2 KB
2 KB 582ms
582ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/25/25124848394039.jpg?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1ce30851a7cf6f3641312079f5050ba5aa2af667fe8a05a77e1a1a3378337fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 12899
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2086
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 11160636711030.png
bk.ibxk.com.br/2023/12/11/ 2 KB
2 KB 354ms
354ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11160636711030.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e0a33296a73e113cab1deff66aee1e7ae7ffb2731f6c839fbd2dfd331d4a026b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 5901
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1936
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 08180032227026.webp
bk.ibxk.com.br/2024/01/08/ 3 KB
3 KB 1026ms
608ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/08/08180032227026.webp?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 585a0107be50af87bd7514e6b4aacb375c2d7f36fd5dab216a50751b3fb52052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 7682
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2562
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 14195310960036.png
bk.ibxk.com.br/2023/08/14/ 2 KB
2 KB 1026ms
607ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/14/14195310960036.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8d37612880480efed1ce51abc1fc6195724a0ed41dee5e31806228e3884b3159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 13842
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1632
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 24101828553011.png
bk.ibxk.com.br/2023/08/24/ 1 KB
1 KB 355ms
355ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 807b8c941e0511d97b5161f070ac03f8cbdcc52a5eba1cf324c67f9375ed10da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 6955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1100
expires: Wed, 10 Jan 2024 18:12:30 GMT

GET
H2 200 24095747603005.png
bk.ibxk.com.br/2023/08/24/ 1 KB
2 KB 356ms
356ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24095747603005.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3bae9c23992a3a8f853adf10725c8914f6ad9c6bda715eea7953db479578d0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 6018
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1504
expires: Wed, 10 Jan 2024 16:06:02 GMT

GET
H2 200 05091214442003.png
bk.ibxk.com.br/2024/02/05/ 2 KB
3 KB 1028ms
610ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/02/05/05091214442003.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7d6f5effbbc27c84d02d00e27314803b3c712f34aaf84e65074d65003e6c5108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 2192
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2550
expires: Tue, 06 Feb 2024 12:12:43 GMT

GET
H2 200 08180032227026.webp
bk.ibxk.com.br/2024/01/08/ 4 KB
5 KB 1029ms
610ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/08/08180032227026.webp?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a8bb6d92eedf4015e70e3ba031f4b93ad395c36210199700a24b306dc2c3074f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 7682
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4534
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 11160636711030.png
bk.ibxk.com.br/2023/12/11/ 3 KB
3 KB 1028ms
609ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11160636711030.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0916161b872cb4ab6f1dfa7c20750a8fce580a4d5c32ba25e186b94fec118e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:01 GMT
server: Azion IMS
x-original-image-size: 5901
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2754
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 31154355784115.png
bk.ibxk.com.br/2023/08/31/ 2 KB
2 KB 245ms
245ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/31/31154355784115.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7d6d22eb94eafb53137ff8a33ebbda431cc11343b4fe629c96e0085987b1163e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 43121
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2264
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 11192759702048.png
bk.ibxk.com.br/2023/12/11/ 3 KB
3 KB 25ms
22ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11192759702048.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f9daf103110d320d6e4f7ddedda404a5f342e950e478041f5f8b547cf7e481eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 336366
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3074
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 24101828553011.png
bk.ibxk.com.br/2023/08/24/ 2 KB
2 KB 26ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b6eb5e289aa7f91751efe70065d7ff71a9513e6252a7be3bb4c28f9421269550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 6955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1760
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 18133808956021.jpg
bk.ibxk.com.br/2023/08/18/ 2 KB
2 KB 27ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/18/18133808956021.jpg?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 87cfa18cefdfb554a12d9fce7b0937e3bb7eeff563f56314c04c13897891dec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 42736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1798
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 21144751404060.png
bk.ibxk.com.br/2023/11/21/ 3 KB
3 KB 27ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/21/21144751404060.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: eabf077afee9223da9d576fb1c8d876f717ee32f7fc28d18afd4d191af235b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 792
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2572
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 01143827571005.png
bk.ibxk.com.br/2024/02/01/ 3 KB
3 KB 28ms
25ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/02/01/01143827571005.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a4c220e31adf7c0c1336d6d2c0f650165200d61466f9253689b108ba279aa03c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 43585
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2886
expires: Thu, 08 Feb 2024 18:45:23 GMT

GET
H2 200 23121835934447.png
bk.ibxk.com.br/2024/01/23/ 2 KB
2 KB 26ms
26ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/23/23121835934447.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 357a4039dd60a8815aea248de302d940fb2a8382a10a97a0b2d34e9b5ba9f169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 2822
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1996
expires: Thu, 08 Feb 2024 18:30:02 GMT

GET
H2 200 23121804696368.png
bk.ibxk.com.br/2024/01/23/ 4 KB
4 KB 25ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/23/23121804696368.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: dcf248657f7ecf60d7d503e15b6a88b90a137710788271fa50b090af18d419b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 8821
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4234
expires: Thu, 08 Feb 2024 18:00:49 GMT

GET
H2 200 22141527583017.png
bk.ibxk.com.br/2024/01/22/ 2 KB
2 KB 25ms
25ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/22/22141527583017.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8ebf49a81d75e0a6098d0d6eb5e73e6e90fd524643f4c0ea51f401b87e4517e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 3890
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2346
expires: Tue, 23 Jan 2024 17:17:21 GMT

GET
H2 200 19164213503199.png
bk.ibxk.com.br/2024/01/19/ 2 KB
2 KB 26ms
26ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/19/19164213503199.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 04b6ba0d565ef83556df0460ce7ab14673b9f985273ddc3644cfd4314b734fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 20676
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2406
expires: Sat, 20 Jan 2024 20:44:32 GMT

GET
H2 200 22154047484262.png
bk.ibxk.com.br/2024/01/22/ 6 KB
6 KB 27ms
27ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/22/22154047484262.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 92a0df9b4bfc5a6c6dfb537b041fcd69491fd4af423dd1932d7d40ce6d72662c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 55760
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5740
expires: Wed, 24 Jan 2024 14:07:24 GMT

GET
H2 200 05114918235006.png
bk.ibxk.com.br/2024/02/05/ 4 KB
4 KB 28ms
28ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/02/05/05114918235006.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5eea93c6883e2e2b2aeb5e038b0d50da7daad464d7ac8a478d942ea30c1d4278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 52592
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3646
expires: Thu, 08 Feb 2024 03:01:34 GMT

GET
H2 200 22115518729012.png
bk.ibxk.com.br/2024/01/22/ 5 KB
5 KB 29ms
29ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/22/22115518729012.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 95de0014daeb695ac009d3d7573ca466f492353333ad0b0a1d314f353e3e75d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 90924
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4870
expires: Tue, 23 Jan 2024 15:08:50 GMT

GET
H2 200 29175707169016.jpg
bk.ibxk.com.br/2023/11/29/ 4 KB
4 KB 23ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/29/29175707169016.jpg?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4f85492c07bce94a5c0bc651b12d1d0638851a0545d596e49f51fff8607ddafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 5871
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3962
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 21155329528064.png
bk.ibxk.com.br/2023/11/21/ 2 KB
2 KB 24ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/21/21155329528064.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: da82f01428de41bebfedbedfe2758031978fdb83814ef13c05cd5d1c483cf3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 4241
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1700
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 29145127606164.jpg
bk.ibxk.com.br/2023/08/29/ 5 KB
5 KB 25ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/29/29145127606164.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3e6545bb52550280f4f6fd9cffe595e39dc7b825780d02dcf64429de2e196527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 60346
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5038
expires: Fri, 19 Jan 2024 12:04:57 GMT

GET
H2 200 18143007743225.png
bk.ibxk.com.br/2024/01/18/ 32 KB
32 KB 26ms
25ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/18/18143007743225.png?ims=300x198/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5bd5c712945c7fd4bb37df802aa3908700cb9ac127bb70bfa7b878f51b3e1995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 42961
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 32534
expires: Wed, 31 Jan 2024 15:42:34 GMT

GET
H2 200 18135955917037.png
bk.ibxk.com.br/2024/01/18/ 33 KB
33 KB 27ms
27ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/18/18135955917037.png?ims=300x198/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c3af1fbc2739496098aa893434005af29595ced58abb620a02b51b9af1c2a23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 41819
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 33750
expires: Wed, 31 Jan 2024 16:13:15 GMT

GET
H2 200 05145940151002.png
bk.ibxk.com.br/2023/12/05/ 6 KB
6 KB 28ms
28ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/05/05145940151002.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4bf23ab2768519d256e54c43cd4b1b0847337268901eaf706be8e8056c47ede4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 301395
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5768
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 30142301499004.jpg
bk.ibxk.com.br/2023/11/30/ 6 KB
6 KB 25ms
21ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/30/30142301499004.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0fa5e8321fa9c5f29b423dfedd6938f1e3adec63bed2a4eb483b99d306773862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 213677
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 6332
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame E2B4 197 B
694 B 78ms
24ms Document
text/html 2600:9000:2251:b000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 497
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Wed, 07 Feb 2024 19:56:26 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Wed, 07 Feb 2024 20:05:43 GMT
last-modified: Sun, 07 Jan 2024 14:59:48 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.23.0
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: 6SdOUKpLzvpcN28Z_Ztg15Up41JjQR1iXBwE7nWe_GsOP7zPZITmxQ==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 29ms
29ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:24:23 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 19:15:11 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: AMS58-P5
age: 2377
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 5277
x-amz-cf-id: PvgSQtGbHrMmFwL1a5ObtXLCIee5qGfb0nOAQw1kQWrqNCWDW9yCWA==
expires: Wed, 07 Feb 2024 20:24:23 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 157 KB
19 KB 34ms
34ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 61cbad870f9c0130fb7e34db92e176c31301f12af220878a3ce9120f256f158a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:22:14 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Wed, 31 Jan 2024 21:40:51 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: AMS58-P5
age: 2506
etag: 7621b94439b129616406246ed7cfce31
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 19115
x-amz-cf-id: WSJ8C1RPPtxuRl81FxOL79pvWgm_rmd1RnSszytACLnhQBOczn53yg==
expires: Wed, 07 Feb 2024 20:22:14 GMT

GET
H2 200 gruponzn.js Show response
me.jsuol.com.br/aud/ 24 KB
9 KB 863ms
218ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/gruponzn.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 666a0b4a808d43c1c467bffbbd3852002b41a8ae83502d84a222d86dcbec3af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2024 16:42:07 GMT
server: marrakesh 1.16.6
etag: edd45007b46de48fba76354e20f3f87b
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 9012
expires: Wed, 07 Feb 2024 21:04:00 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 9 KB
4 KB 34ms
33ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=s4dr1r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 84bc1c57983acda4970c9843b9fc8d7683334b4cf124a2bcb8b68331663612ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:20:07 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jan 2024 20:48:33 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: AMS58-P5
age: 2633
etag: c75a50be10858427d65c81034a67d020
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 3340
x-amz-cf-id: lToNF6ZYYVlZrrUa5I9JvR3a0JBk2Sazts0q6uJj0GXK_GkWhJ6bew==
expires: Wed, 07 Feb 2024 20:20:07 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
525 B 200ms
123ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:00 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame E2B4 4 KB
2 KB 28ms
28ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:27:29 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 2191
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
last-modified: Tue, 05 Jan 2021 18:00:13 GMT
server: marrakesh 1.23.0
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: 4rAgulufy4o_z_DxQDi1P-JaIp-QUsb4Po6KfBI2oeJ7-P5YhTPQ5g==
expires: Wed, 07 Feb 2024 20:27:29 GMT

GET
H2 200 / Show response
udr.uol.com.br/ 142 B
619 B 295ms
215ms Fetch
application/json 2600:9000:211e:f000:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f000:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 9c28d9cc6f143b820a2f563b3ce9506672cd80ed8de8ac172dc7f621f8d39c35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:00 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-C2
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.baixaki.com.br
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
content-length: 142
x-amz-cf-id: uFo0luhcslok3p_TNwTGkjo14v2cTnUKUPe6pB7w8rArkhAxjkYeDA==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
705 B 129ms
43ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:00 GMT
an-x-request-uuid: 3c36ef75-c591-410a-9098-ff34cfc18dd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.133; 217.114.215.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
m.t.tailtarget.com/sync/TT-10162-1/ 43 B
129 B 165ms
124ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:00 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gruponzn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 952
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 07 Feb 2024 21:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 86ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NLKGGWEN9F

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/gruponzn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63620a0dba1a8cb2c34349eec33dfb249661e332c5a772f905565ee947f99e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 20:04:02 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/6036356/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js

11 KB
4 KB

33ms
33ms

Script
application/javascript

108.138.189.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Server: 108.138.189.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-90.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a3b8c616cc8b88edddc9991c5be70eef6b2b368d70688f2c18ceae508ec1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 04:21:52 GMT
content-encoding: gzip
via: 1.1 3adede23987e8394f5ea9efa0347562e.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jan 2024 15:54:04 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-P1
age: 56531
etag: W/"83a683db1bde449cc8fc5228209ca9ca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 0f9oLEHx0DNRu8_SEREX7eHiRgi4AtBPZCdRoCoGFI14x_Oq4DOE-Q==

Redirect headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 3adede23987e8394f5ea9efa0347562e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP64-P1
x-cache: Miss from cloudfront
location: /internal-cs/6036356/beacon.js
content-length: 0
x-amz-cf-id: VdEf6Ov17R97pd98L7SNcWJ89f0JDHvpZGXLFm6DHI2qHTMeUcaiwQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
211 B 28ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1372859529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAEABAAAAACAUK~&jid=771816331&gjid=1652423659&cid=1173118734.1707336242&tid=none&_gid=1356005516.1707336242&_r=1&_slc=1&cd1=Parceiros&cd2=Grupo%20NZN&cd3=Grupo%20NZN&cd11=normal&cd4=1173118734.1707336242&cd66=1707336242009.w53s7rf&cd85=d22d3859-6c05-48d8-8c6a-60e738d2db23&cd87=none&cd88=none&z=822346945

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26114249536021.jpg
bk.ibxk.com.br/2024/01/26/ 20 KB
20 KB 149ms
149ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/26/26114249536021.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ad021b7689741b5fe942c68bc2c782cf8b128a604f7344e5877dd2a67e26eeb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 10426
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 20730
expires: Sat, 27 Jan 2024 14:45:55 GMT

GET
H2 200 05114918110005.png
bk.ibxk.com.br/2024/02/05/ 36 KB
36 KB 26ms
22ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/02/05/05114918110005.png?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8d337fe2fbb59d4bc749208f77af949ff3f0161c20f90225850a64f446515d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 29835
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 37062
expires: Thu, 08 Feb 2024 16:12:54 GMT

GET
H2 200 22190712473015.png
bk.ibxk.com.br/2023/11/22/ 19 KB
19 KB 27ms
23ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/22/22190712473015.png?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c0ad4b5f0900cac6c3de73cb4b66956e765e781fc184447b961c7427387797fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 36998
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 19346
expires: Tue, 09 Jan 2024 21:01:18 GMT

GET
H2 200 26114249270016.jpg
bk.ibxk.com.br/2024/01/26/ 41 KB
41 KB 25ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/26/26114249270016.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 97e2394bf9a7f8da8be58be92b63ae2b5dae9980ece6ce5125ecd14075edd5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 19983
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 41582
expires: Sat, 27 Jan 2024 14:45:55 GMT

GET
H2 200 24180053039677.jpg
bk.ibxk.com.br/2023/02/24/ 45 KB
45 KB 26ms
25ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/24/24180053039677.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 68bcca0fa058fff40d15b8e0b5b68c71f664d7d428501220d4dc73175b7023ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
server: Azion IMS
x-original-image-size: 34368
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 45916
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
85 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41fa3f4dd84335e6366c58d8f91784bee4e953fa38da2dbca60011e32528e692

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86553
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:35:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 20:04:02 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 79ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-NLKGGWEN9F&gtm=45je4250v9175965131za200&_p=1707336241249&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1173118734.1707336242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707336242&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=424424148&ep.publication_type=normal&up.uol_id=d22d3859-6c05-48d8-8c6a-60e738d2db23&up.cookie_consent=none&up.login_widget=deslogado&up.socialclass=na&up.age=na&up.gender=na&up.subjects=na&up.microsegments=na&up.cluster=na&up.team=na&tfd=5852
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NLKGGWEN9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 88ms
30ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NLKGGWEN9F&cid=1173118734.1707336242&gtm=45je4250v9175965131za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NLKGGWEN9F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 107ms
57ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NLKGGWEN9F&cid=1173118734.1707336242&gtm=45je4250v9175965131za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1845299276

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3fef45121c5bbe390c2c49542cd819db4ac02c7372fc8a937b9679cc1487bc68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 20:04:02 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 34ms
34ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1372859529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAEABAAAAACAUK~&jid=2083413365&gjid=175251500&cid=1173118734.1707336242&tid=UA-144680-1&_gid=1356005516.1707336242&_r=1&_slc=1&gtm=45He4250n81PLT9M46v848907248za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1822602975

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushnews-launcher.js Show response
cdn.pn.vg/push/ 1 KB
1 KB 139ms
41ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3868f0d5d745fca408931bd18ffc5e54f0d996d5574ac8bed05511bfed3a0683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 41286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-server-side-encryption: AES256
last-modified: Tue, 06 Feb 2024 17:09:48 GMT
server: cloudflare
etag: W/"5aa08289fff8764830ff52ded8e29e5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJVpvk%2BzRFaRJgYYWSYVGNnlUSod1KcMiO8KFe7LKKdT%2BPZqGQ6NGkUCJEIhES1c9jhW6weR6VIt%2FuOn%2B68kXw%2BG4ad3rjuZWj4p7PipmCNkt0KS0icolJ3QO%2FLX9AUV30QSaUD9eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 851e3d5abe0830d6-FRA
x-amz-cf-id: XSOJLHyrGidXOkc3K65k8WO7NH3VJTTTPjG6eDoAPZ4o9k8VL3X2rg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 166ms
46ms Script
application/x-javascript 2600:9000:2134:dc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:dc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 07:29:22 GMT
content-encoding: gzip
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: MXP64-C2
age: 45280
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: SzSVOHqw800GgB2ue7m_r7WUdYPX6kPAetmRbtfvMTikkq3OVtL3HQ==
expires: Thu, 08 Feb 2024 07:29:22 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/4656/ 107 KB
37 KB 210ms
69ms Script
application/javascript 2.19.11.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/4656/smart.js
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.11.162 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-11-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e2b78f09df95329c3babde414180f16392089187c022a864323c920354d014ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37097
Expires: Wed, 07 Feb 2024 22:04:02 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 43ms
42ms Image
text/plain 108.138.189.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_fpcu=9bc82dcb04204370a3a2dd81f4898cff&cs_it=b9&cv=4.5.0%2B2401261228&ns__t=1707336242254&ns_c=UTF-8&cs_cfg=111&c7=https%3A%2F%2Fwww.baixaki.com.br%2F&c8=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&c9=
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.189.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-189-90.mxp64.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 3adede23987e8394f5ea9efa0347562e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MXP64-P1
x-amz-cf-id: gfUF9goDiCHENYOb3txGr31oN0PQ5rgId8WGLSJE6diE0upc-IBSXA==
x-cache: Miss from cloudfront

GET
H2 200 conversion.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 15 KB
6 KB 32ms
29ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:24:24 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jan 2021 19:37:55 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: AMS58-P5
age: 2378
etag: f7a535aa8ca1d0acd1bff039eb80acff
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 6125
x-amz-cf-id: i1uc_3apKXFxXkC03hreWRDkDUhIqjpFCYpdZLgSlYzuCyymWfF3Zg==
expires: Wed, 07 Feb 2024 20:24:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
30ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144680-1&cid=1173118734.1707336242&jid=2083413365&gjid=175251500&_gid=1356005516.1707336242&_u=6GDAAEABAAAAACAUK~&z=1569151063

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
tm.jsuol.com.br/modules/external/tailtarget/libs/ 21 KB
9 KB 34ms
33ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:24:25 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
server: marrakesh 1.23.0
x-amz-cf-pop: AMS58-P5
age: 2377
etag: aeb8806857f0c1b9f7f6b8d4ff48230f
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 8357
x-amz-cf-id: 7VST7R6jGsjXr1Pn0OY-dE76z5WLQy8rAO6fXbp2v_jYHqk8jZoFQg==
expires: Wed, 07 Feb 2024 20:24:25 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 111ms
59ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=1173118734.1707336242&jid=2083413365&_u=6GDAAEABAAAAACAUK~&z=1939228232

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 56ms
55ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=1173118734.1707336242&jid=2083413365&_u=6GDAAEABAAAAACAUK~&z=1939228232

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je4250v874209990z8848907248za200&_p=1707336241249&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1173118734.1707336242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707336242&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&en=page_view&_fv=1&_ss=1&tfd=6045
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 31ms
31ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJP529EVF&cid=1173118734.1707336242&gtm=45je4250v874209990z8848907248za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
57ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJP529EVF&cid=1173118734.1707336242&gtm=45je4250v874209990z8848907248za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1543601071

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 71 B
141 B 133ms
126ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 7dd9223da61e1cfaf86dd16c4cf5f9b2956a9a106e2e2b66147127475b961f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 52ms
52ms Script
text/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 18:15:12 GMT
server: cloudflare
etag: W/"cd84669e738afa72934a854992fe41d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqdrM8%2Be35QZoYIuGUXlCiNt0wVowAJlck5QtRZM7iqZx6wDcPTRLAkH46PJv3xT4fy5C3143K%2Fq951Z2IXaVXU1RYPM4eO4TLaXnvMENYI8JRFx74zE1LBmRIwGpNRiFLH32Dnfaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 851e3d5afe8c30d6-FRA
x-amz-cf-id: EiXfKZKfyKqmna3HjYw0DNNFIkj9_HOI980TuLHylM-3QwVG3uKfpA==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
34 KB 692ms
692ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677658623350006&correlator=2287979151369393&eid=31079527%2C21065725&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cdesktop%2Cleaderboard_top%2Cancora%2Cleaderboard_middle%2Chalf_page%2Csquare&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F5%2C%2F0%2F1%2F4%2F6%2C%2F0%2F1%2F4%2F7%2C%2F0%2F1%2F4%2F8%2C%2F0%2F1%2F4%2F9&prev_iu_szs=1x1%7C800x500%7C1920x750%7C1900x935%7C1920x1080%2C728x90%7C970x250%7C970x90%7C1x1%2C970x90%7C1x1%7C728x90%2C1x1%7C728x90%7C970x90%7C970x250%2C1x1%7C300x600%2C1x1%7C300x250&ifi=1&didk=606830616~1219620439~3093749535~4122620516~445717446~3618103558&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707336242406&lmt=1707336242&adxs=400%2C436%2C-12245933%2C436%2C997%2C997&adys=0%2C211%2C-12245933%2C3702%2C3084%2C3094&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1600x-1%7C728x250%7C1600x4603%7C728x250%7C257x0%7C257x0&msz=1600x-1%7C728x0%7C1600x-1%7C728x0%7C300x0%7C300x0&fws=516%2C4%2C640%2C4%2C4%2C4&ohw=1600%2C728%2C0%2C728%2C257%2C257&ga_vid=1173118734.1707336242&ga_sid=1707336242&ga_hid=1372859529&ga_fc=true&dlt=1707336239554&idt=577&prev_scp=%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&cust_params=UOLID%3Dd22d3859-6c05-48d8-8c6a-60e738d2db23%26referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=1286048242%2C3987075887%2C2460663856%2C2443166763%2C35649785%2C3654451204&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5926bca54cd3debd8b5c008457910116760ae4618024998ae5050caa016a4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35287
x-xss-protection: 0
google-lineitem-id: -2,-1,-2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60D2 6 KB
3 KB 107ms
33ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:02 GMT
expires: Thu, 06 Feb 2025 20:04:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 378ms
122ms Image
image/gif 52.71.60.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=baixaki.com.br&p=%2F&u=BD6o6XsXxpBDNeOT&d=baixaki.com.br&g=55260&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4635&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.baixaki.com.br%2F&b=6128&t=xNehPCYf07IDqAKLVmKlrs0wbMx&V=143&i=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&tz=-60&sn=1&sv=D1Vcc3Bsc_8MDFvMaqU9EJTC8BRCW&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.60.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-60-78.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 45ms
45ms Script
application/x-javascript 2600:9000:2134:dc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:dc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:19:21 GMT
content-encoding: gzip
via: 1.1 7c3241a948c4d88d2b9d7793615eaf0c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: MXP64-C2
age: 2681
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ujy_7oNeMvKeC4GLL5HKVTfgKjRbA6gNjYPNJqBgwc9EqGVo8DyKvQ==
expires: Thu, 08 Feb 2024 19:19:21 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 240 KB
64 KB 43ms
43ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442f1dcc6e34fb1fb96d2d55a3163b32c12292d5bd4b870c699ac9b50b8f4ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 aca4cfc16ad0f84e78738cc400bfb7f4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH55-P1
age: 91562
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-server-side-encryption: AES256
last-modified: Tue, 06 Feb 2024 17:09:46 GMT
server: cloudflare
etag: W/"a02fa19f7c612774b06d1cd0fae06f13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hcw28R9g0%2Fwug7iR%2BpmLX%2BlNyi8m1f2uAf34O6s%2Fu5vcZntvcUun%2BvFhC%2BY%2F25gRLOAPF1yMQhPifc9xeAfGls4O0XhjCeYyFreLgBYivbMnIzMu3Doi8vsdE6Y6LC18KPoWSuuzrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851e3d5b4f3130d6-FRA
x-amz-cf-id: ghTnr9FL7UXHi4pJvfHm9ocIweX3ywrVr4Dl-0ShjvBTJp-ho9fWhA==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
483 B 194ms
68ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=baixaki.com.br&domain=baixaki.com.br&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7691eaa8c71c03cce156b53d84ff310a3f96e7359fad51333b12a12b5bfaef96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-cache-hits: 1
date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 2185
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 125
x-served-by: cache-fra-etou8220065-FRA
x-timer: S1707336243.634177,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 05 Feb 2024 19:27:37 GMT

OPTIONS
H/1.1 204
No Content call
adapi.smartadserver.com/4656/ Frame 0
0 329ms
117ms Preflight 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adapi.smartadserver.com/4656/call
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://www.baixaki.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.baixaki.com.br
date: Wed, 07 Feb 2024 20:04:02 GMT
vary: Origin

POST
H2 200 102.json Show response
id5-sync.com/g/v2/ 251 B
535 B 91ms
25ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/4656/smart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

730299c17ab71a0475ca16e0e2b7f8bfcdc5e1c1b8e7140fb32b61b4617c4c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.baixaki.com.br
date: Wed, 07 Feb 2024 20:04:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H/1.1

200
OK

call Show response
adapi.smartadserver.com/4656/
Redirect Chain

https://adapi.smartadserver.com/4656/call
https://adapi.smartadserver.com/4656/call?cklb=1

3 KB
1 KB

42ms
41ms

XHR
application/json

5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adapi.smartadserver.com/4656/call?cklb=1
Protocol: HTTP/1.1
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash: b16d074fd4fdef3ade9ebf4b4b834c2935f8df0d9abf93648b44424c4cb10b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.baixaki.com.br
location: https://adapi.smartadserver.com/4656/call?cklb=1
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pushnews-sw.js Show response
www.baixaki.com.br/ 95 B
364 B 134ms
134ms Fetch
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

version: 3.0.7
date: Wed, 07 Feb 2024 20:04:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 11 Jan 2024 17:52:08 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Fri, 08 Mar 2024 20:04:02 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 147 B
584 B 126ms
126ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007F30E2C3657D06CA8702BEDF06&tX=b.52&tZ=577311321&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 454084caeff0e68366d72d6b2cb97db005f4b25a297c35a6a4b6f43c1c4f4afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.json Show response
osp-assets.pn.vg/ 4 KB
2 KB 103ms
33ms Fetch
application/json 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/5bf881a8-5b79-4aea-b103-91e5386249de.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PXEDTH8KD97X1M8N
age: 35580
x-amz-server-side-encryption: AES256
x-amz-id-2: REUvrFR7EkT7KWhZwezcS1Ff9PzLfGOLXYCgeTavurHLwV0aE9yoRyZlHvqE/EUfYyHKpZP1QWU=
last-modified: Mon, 17 Oct 2022 15:18:42 GMT
server: cloudflare
etag: W/"4466c94390027d272a7ef7edb68cf327"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKlff3I75znjgYFp%2FqrMmsM%2FKWlDKLiGaE9Tx3o1lhvjPXLtGO2YIh2OT%2BJncpXdgpLKKB86zDffxRy4rL3I7WXrB7n9lBqvY2zk2kcUnQox%2FdUWe9wTiUP5A8rj3YVPiCNAHbfXwQwyvNFcOqA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 851e3d5d1f5865e1-FRA

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 91519
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-meta-server-side-encryption: AES256
last-modified: Tue, 06 Feb 2024 17:09:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yVE0TaBLf8cYy%2FWDuRAkj%2BLVIWeB5Fw4kDo4nRd%2Bw2AMEquuQPpDYfU2tDMCyBSuvQst9m7qgcxuRJTyAQwwP0K%2B8eOLVy5C%2FyGLogaDWAnTupdc90PvKKWx121BKU%2FNkTHpMSxRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 851e3d5ca94230d6-FRA
x-amz-cf-id: WE-MvKPtYpyVLcYda4LHm976gOBBSLILMhD1Udl5V6E2O8YTG5KVyQ==

GET
H/1.1 200
OK / Show response
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 482 B
610 B 152ms
56ms Fetch
application/json 13.95.152.229
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a793e42b96003b1651206625487d59ffae4df4fb1be3dc07710b1b3b6faea36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:02 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 1056ms
214ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Connection: close
Expires: Wed, 07 Feb 2024 20:04:02 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame 2933 213 B
700 B 31ms
31ms Document
text/html 2600:9000:2251:b000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 9
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Wed, 07 Feb 2024 20:04:02 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Wed, 07 Feb 2024 20:13:53 GMT
last-modified: Mon, 04 Sep 2023 19:30:04 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: oemK3W8UzCdIZJyWgQbJUXv8oPk_hOaM1MAgGAzPKkY-o6yUN3qb2g==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame CC54 213 B
697 B 231ms
231ms Document
text/html 2600:9000:2251:b000:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Wed, 07 Feb 2024 20:04:02 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Wed, 07 Feb 2024 20:14:02 GMT
last-modified: Thu, 15 Jun 2023 09:25:10 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.23.0
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-id: rezshhp6Jk8YanljV3yDCt32kcJ9wkfkZvR3-mgj0ax2Ag3BQ8C66Q==
x-amz-cf-pop: FRA60-P3
x-cache: RefreshHit from cloudfront

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 137ms
88ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68f67f87e1c568fe26437ef0b37b090b416f9ab8cfc0629c5c9ed765a56f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12429
x-xss-protection: 0

GET
H2 200 injector.js Show response
tag.goadopt.io/ 326 KB
99 KB 134ms
70ms Script
text/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c6086e35af2959663bbe81f4ab5a514fe36c03dcaa8ed528f85ef80d41b0f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34263
cf-polished: origSize=333973
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
cf-bgj: minify
last-modified: Wed, 07 Feb 2024 10:32:59 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWrEy5Xz0FTjpwq%2FRpsMgcr8Mp4shto7VldTxY2jjHrrHOoRumCw%2B%2BDc38qSYeBr%2BYanxpXzApa2tTRb6pk1HojnvcTWzvLftOcFm3nq5pqyHLeCJdP6CYfj6R4%2FOZ5sORD42fbOFbk7amrK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 851e3d5e0c085d9c-FRA

GET
H2 200 tm13767.js Show response
tag.navdmp.com/ 17 KB
6 KB 93ms
43ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13767.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 12:53:14 GMT
server: cloudflare
age: 556
etag: W/"657afaba-432e"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 851e3d5dfb3136df-FRA
expires: Wed, 07 Feb 2024 20:54:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 113ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc62d07ee31b6a09ca4623334f43939fcbe50b2f578edbd41b1b4662017f0d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51627
x-xss-protection: 0
server: cafe
etag: 4851127433906187460
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 07 Feb 2024 20:04:02 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1372859529&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=10&_u=6GDAAEABAAAAACAUK~&jid=&gjid=&cid=1173118734.1707336242&tid=UA-144680-1&_gid=1356005516.1707336242&gtm=45He4250n81PLT9M46v848907248za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=2125341099

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 07:13:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46261
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1372859529&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=25&_u=6GDAAEABAAAAACAUK~&jid=&gjid=&cid=1173118734.1707336242&tid=UA-144680-1&_gid=1356005516.1707336242&gtm=45He4250n81PLT9M46v848907248za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1092263482

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 07:13:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46261
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca Show response
tt-10162-1.seg.t.tailtarget.com/ 78 B
116 B 125ms
124ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=494595232&env=_ttq_tt_uol
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6cd637854af6709a4dc77e5ddbe438c7ee60f31678d3e1bee2ef441135acb0de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame 2933 43 KB
10 KB 31ms
31ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:36:51 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 1631
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.23.0
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: lo1FEQIMjVsvPQE1Xx6PIe47XgxcjKSc0FOHtpALh2Qre5fSGIyYTw==
expires: Wed, 07 Feb 2024 20:36:51 GMT

OPTIONS
H/1.1 204
No Content call
adapi.smartadserver.com/4656/ Frame 0
0 28ms
28ms Preflight 5.135.209.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adapi.smartadserver.com/4656/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 , France, ASN16276 (OVH, FR),
Reverse DNS: ip97.ip-5-135-209.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://www.baixaki.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.baixaki.com.br
date: Wed, 07 Feb 2024 20:04:02 GMT
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 20:04:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 127ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br&aplac=true&bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbec7553602541b7afd63e1e7fb2d7f8f7ccf8788c341c8a1e0d3b9cfc1f76b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140915
x-xss-protection: 0
server: cafe
etag: 10648533246879953163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240205/r20190131/ Frame 8D3A 9 KB
5 KB 77ms
22ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240205/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 12:26:24 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 12:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 157 B
846 B 462ms
451ms XHR
application/json 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a2b5bbe1da4bbd5034327f80902b8f015a1658b0fbd724cdc7a621d70006219

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
server: cloudflare
etag: W/"9d-Qkg+Fea8LpZ7fOZMkOuixa5xvYQ"
vary: Origin
access-control-max-age: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3%2B9I2DCDFL7N1OSi1U%2FExYwfRCFVJBjn%2BnakwRxNWDW%2BrwQmjFGi0BxNWvlq0MGUyvgOXJoZ4duPMDWUs48Yr8xjMKjvHNYPfrqFFWyqjoF%2BQaeya084mKenytzeg130BHwbDXL2P%2F%2F9QgtXcpz%2Bc%2FsOenS7hk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 851e3d5f0d525d9c-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
311 B 170ms
169ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a2cb4923ae61407f9297a2f993f94e8a543775ce2e1a25dedd818168dfa8c69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 851e3d5efd0136df-FRA
expires: Wed, 07 Feb 2024 21:04:03 GMT

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ 43 B
270 B 138ms
33ms Image
image/gif 178.32.197.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=5489118066455448852&tmstp=8499732053&ckid=5822646468924601365&systgt=%24qc%3d1307768743%3b%24ql%3dHigh%3b%24qpc%3d99084%3b%24qt%3d25_2694_38932t%3b%24dma%3d0%3b%24qo%3d5%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1707336242960&envtype=0&opid=1ad588f8-3cc4-4d5c-a9eb-6896fa7e74a2&opdt=1707336242960&siteid=641832&tgt=%24dt%3d1t&gdpr=1&bldv=15708&pgid=1941998&fmtid=122662&statid=6&visit=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.197.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ip49.ip-178-32-197.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 20:04:02 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
256 B 145ms
125ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=_gottingen_lower%20saxony_de_1707336242659_3648182149&tJ=&tU=0100007F30E2C3657D06CA8702BEDF06&tX=b.52&tY=1&tZ=222417728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401291952000/ Frame AC10 196 KB
55 KB 143ms
59ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3eca9711527fe0ef176061b86ddb6380ac65012af5295dc8594e1fd40b43dc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56077
x-xss-protection: 0
server: sffe
etag: "1ed25d76f90879fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame AC10 15 KB
5 KB 171ms
87ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952f4a545636082660a36e042a5fc4f08833978338cb85b731a8c8cdb6a1f9c3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "68ac9d88d2f391b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame AC10 95 KB
28 KB 164ms
80ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e7fb9faad8a5fdc642832ba0bcf65ae0f6205d7f9ae124b08ecfc8e7e579

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "2d02fb878b5fde43"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame AC10 5 KB
2 KB 172ms
88ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b5110727771b2c728a77387937413360b7c81afe6b78c2d379f9382d5762f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "705bfb43384be481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame AC10 40 KB
13 KB 160ms
76ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a5eb2c4ba6aebc816c3005f46a65cc24cc3f3c4945cd7ab0b9d47975c7afb7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7c9e2849f5b8f3a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AC10 4 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:28:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC10 3 KB
3 KB 24ms
23ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:50:46 GMT
x-content-type-options: nosniff
server: cafe
age: 83597
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:50:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AC10 344 B
569 B 23ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 3760
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 08 Feb 2024 19:01:23 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 193 KB
54 KB 651ms
650ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1677658623350006&correlator=4313673873837104&eid=31079527%2C21065725&pied=Eh4KHAoaQ0tqYS01R0Rtb1FERlMwQnZ3UWQ3eGdBaFE.&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D5482d8c6f430498f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MZu2ZCFQKGC1XGQPrQelOCiHaIJrA&gpic=UID%3D00000d5321553b95%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MbHMNWGOhviyD77b8LPynWNyoUCNA&abxe=1&dt=1707336243131&lmt=1707336243&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1173118734.1707336242&ga_sid=1707336242&ga_hid=1372859529&ga_fc=true&ga_cid=1356005516.1707336242&dlt=1707336239554&idt=577&cust_params=UOLID%3Dd22d3859-6c05-48d8-8c6a-60e738d2db23%26referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=2792147645&frm=20&eo_id_str=ID%3D6308ab99ef9ae28f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DAA-AfjaATLF1TmhIIT_g7oH3bQME

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc21b6152673f272b851d59e78f7955a8b4d4a462b1e3297caf4f80ed04fc5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54860
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 44 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 15:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17486
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14246
x-xss-protection: 0
server: cafe
etag: 1834480086689483259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 15:12:37 GMT

GET
H2 200 container.html Show response
c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A72 6 KB
3 KB 25ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:02 GMT
expires: Thu, 06 Feb 2025 20:04:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012401291952000/ Frame 543C 196 KB
56 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3eca9711527fe0ef176061b86ddb6380ac65012af5295dc8594e1fd40b43dc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56077
x-xss-protection: 0
server: sffe
etag: "1ed25d76f90879fd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 543C 15 KB
5 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952f4a545636082660a36e042a5fc4f08833978338cb85b731a8c8cdb6a1f9c3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "68ac9d88d2f391b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 543C 95 KB
28 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e7fb9faad8a5fdc642832ba0bcf65ae0f6205d7f9ae124b08ecfc8e7e579

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "2d02fb878b5fde43"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 543C 5 KB
2 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b5110727771b2c728a77387937413360b7c81afe6b78c2d379f9382d5762f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "705bfb43384be481"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012401291952000/v0/ Frame 543C 40 KB
13 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012401291952000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04a5eb2c4ba6aebc816c3005f46a65cc24cc3f3c4945cd7ab0b9d47975c7afb7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 05 Feb 2024 15:28:29 GMT
age: 189334
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7c9e2849f5b8f3a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 04 Feb 2025 15:28:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 543C 6 KB
779 B 66ms
33ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:49:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 543C 3 KB
3 KB 24ms
24ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:50:46 GMT
x-content-type-options: nosniff
server: cafe
age: 83597
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:50:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 543C 344 B
402 B 26ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:01:23 GMT
x-content-type-options: nosniff
server: cafe
age: 3760
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 08 Feb 2024 19:01:23 GMT

GET
H2 200 container.html Show response
c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7424 6 KB
3 KB 24ms
24ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:02 GMT
expires: Thu, 06 Feb 2025 20:04:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7237800025717612873/ Frame AC10 11 KB
11 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7237800025717612873/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

200d423c6a92f6b30962639b5bc12ffd5722dd89c44288e79a1a4357bc38cfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 19:03:33 GMT
date: Tue, 06 Feb 2024 19:03:33 GMT
x-content-type-options: nosniff
age: 90030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11399
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 10:50:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2914349705548515401/ Frame AC10 3 KB
3 KB 27ms
27ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2914349705548515401/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 19:04:40 GMT
date: Tue, 06 Feb 2024 19:04:40 GMT
x-content-type-options: nosniff
age: 89963
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2705
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 15:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AC10 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de739e14ef691c50489eada706b9031c815f962fbf7624a67f76b24ae404f81f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8008800563270761925
tpc.googlesyndication.com/simgad/ Frame 543C 35 KB
35 KB 26ms
25ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8008800563270761925?w=400&h=209&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b21c5f9f57baf05b6bf4dfc0dbdf43665922781cd672eecda73c2c67dd7c780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 09:21:58 GMT
date: Tue, 06 Feb 2024 09:21:58 GMT
x-content-type-options: nosniff
age: 124925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35834
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 14:58:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 16811845893769643110
tpc.googlesyndication.com/simgad/ Frame 543C 4 KB
4 KB 42ms
42ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16811845893769643110?w=100&h=100&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a6f12edae940aca5a959fc80f819f48fb0aa911fc2473abd695fb068946fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:55:21 GMT
date: Tue, 06 Feb 2024 18:55:21 GMT
x-content-type-options: nosniff
age: 90522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4225
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 07:36:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 543C 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 543C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 758a743a185a227092ebc1d63575595c5e41b7e2810067ffb1b1b2af1e9a8fb0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame CC54 43 KB
10 KB 32ms
32ms Script
application/javascript 2600:9000:2447:2000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:2000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 19:36:51 GMT
content-encoding: gzip
via: 1.1 ec87b0eaae98600539e64627bd582e82.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
age: 1632
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.23.0
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: Tv5CCefz9j3GiaLQpHnOtorEt91t8ZneILSAmoHkZdhtkCPHpxDM9w==
expires: Wed, 07 Feb 2024 20:36:51 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C64C 624 B
536 B 63ms
61ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNU5Nzwl2oA4XNPjvTtLFJ1mwPwi5wI5y_8scAbHR_OtGNjp-SMyj61T6uoM166oKYky5cpTNejR12pEsofytZaCjz5t_WkOGcHZj_7Nj2TUIEvH7vO003-kLoamiIU2CdoXt_w4HcC9f70bQLU94unoI8rBzC-f0Ip8V3er8uPK5GyqR0w

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
expires: Wed, 07 Feb 2024 20:04:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8A72 93 KB
33 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A72 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtVuz9-JuBGYtw6RLakQHyQXMCzW3q3RvfLgaStfIgteB-tP7dzziYSdWOohAyHDlAoylChftuDrtaemJ-JFlx6OxhsXF8EoXPx5Bdbygz77Chu8I

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 8A72 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 8A72 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A72 205 KB
65 KB 152ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0429 624 B
505 B 60ms
59ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUjxRfimmAdnPwV4r2vignKVTjxMJ-IzVR7HC1a7MJrzxMbiTZ-rxwGRpdnmQ0b4W0odT7WyUt79NQArlIqvWs4Gj5lv042gnvdCl1gfuMIXBsEcNpd6rxMIVoVj1Yl4ykVvdzJFXu3dRMpXSsU7suW45BeAuBndxdxuKcuA9DsUyreu_4

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
expires: Wed, 07 Feb 2024 20:04:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7424 93 KB
33 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7424 42 B
63 B 54ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJo9ofqfSpVahRuuIBednrRROopZwXJhSSuWMg0sUAcAZ-iedJUaaA635Qr6jJlAu6YIYo0RYQn-LJCiG79kYsZnIAC2SsF8vK40GeY0J7NIZXzYc

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 7424 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame 7424 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7424 205 KB
65 KB 107ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 391C 13 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 15:59:24 GMT
expires: Thu, 06 Feb 2025 15:59:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DFBE 829 B
998 B 36ms
35ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

73484227af4b6fdd9934f59c9af9cdaa3b94d60606bc55bde5ffd7f8301fbc80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AL_vJ1ax8j2bWyjdHHPfnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AL_vJ1ax8j2bWyjdHHPfnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
expires: Wed, 07 Feb 2024 20:04:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC10 16 KB
16 KB 111ms
54ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 125629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:10:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AC10 15 KB
16 KB 78ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:50:29 GMT
x-content-type-options: nosniff
age: 90814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:50:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 543C 15 KB
16 KB 82ms
28ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:56:55 GMT
x-content-type-options: nosniff
age: 7628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 17:56:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 543C 15 KB
15 KB 98ms
45ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:55:04 GMT
x-content-type-options: nosniff
age: 90539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:55:04 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 153ms
152ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=141957f87ab8758719cfaeef2910&acc=13767&url=https%3A//www.baixaki.com.br/&tit=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%EA
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 851e3d605f6036df-FRA
content-length: 6
content-type: application/x-javascript

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5524 7 KB
1 KB 215ms
215ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1707336243&plaf=2%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707336242976&bpp=3&bdt=3422&idt=281&shv=r20240205&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5482d8c6f430498f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MZu2ZCFQKGC1XGQPrQelOCiHaIJrA&gpic=UID%3D00000d5321553b95%3AT%3D1707336242%3ART%3D1707336242%3AS%3DALNI_MbHMNWGOhviyD77b8LPynWNyoUCNA&eo_id_str=ID%3D6308ab99ef9ae28f%3AT%3D1707336242%3ART%3D1707336242%3AS%3DAA-AfjaATLF1TmhIIT_g7oH3bQME&nras=1&correlator=7755932585393&frm=20&pv=2&ga_vid=1173118734.1707336242&ga_sid=1707336242&ga_hid=1372859529&ga_fc=1&ga_cid=1356005516.1707336242&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080796%2C44795921%2C95322434%2C31080873%2C95322329%2C95322897%2C95324154%2C95324161%2C21065725&oid=2&pvsid=1677658623350006&tmod=413635992&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&fsb=1&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br&aplac=true&bust=31080873

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9155740e0abf2a959e4dbc31b1694acb1797e4dda7fe1bd8340a72dc296fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1034
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
expires: Wed, 07 Feb 2024 20:04:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=app-background-ads&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=app-background-ads&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C64C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1

43 B
337 B

64ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNU5Nzwl2oA4XNPjvTtLFJ1mwPwi5wI5y_8scAbHR_OtGNjp-SMyj61T6uoM166oKYky5cpTNejR12pEsofytZaCjz5t_WkOGcHZj_7Nj2TUIEvH7vO003-kLoamiIU2CdoXt_w4HcC9f70bQLU94unoI8rBzC-f0Ip8V3er8uPK5GyqR0w
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4d1Sg480cDxDcZkej2%2FYTDArYSe1OsUOL6gn05vmu9kEs7%2F%2BprBLsfXVkvLxnAl%2Fl7xE1SjpgcPxlVQmlQ89Dz9NR4A9vZPhLUzPgsGrJ1LRBQIiTgMFscp6USoxL1Yglb8RJs8NyalVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e3d61d8d34522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8YHwJMdMLpgwQyJojRvSO2nExUECW135q6QkwPy8oTfGpR1nALuuWRC390CAiGhE259z8wBP6LfGr%2F9CFm7fO%2BqDz0kugW0IOR7KrFJ9j3jiJS%2BqwP6lTFdUGLnmYAW2Mfz5s4yJYI%2Bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1
cache-control: no-cache
cf-ray: 851e3d615f974522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C64C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPiMzNJEZAiU.Whr4UsCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2

43 B
731 B

77ms
77ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNU5Nzwl2oA4XNPjvTtLFJ1mwPwi5wI5y_8scAbHR_OtGNjp-SMyj61T6uoM166oKYky5cpTNejR12pEsofytZaCjz5t_WkOGcHZj_7Nj2TUIEvH7vO003-kLoamiIU2CdoXt_w4HcC9f70bQLU94unoI8rBzC-f0Ip8V3er8uPK5GyqR0w
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GK47B5e0CVCdTxH8fZXd3%2Ft1n29FZ4zo1dNmj%2FbJ8whi8fU3DcAboQ8NXg72Onl66Vc35J2T3lM4D0jDIMSyx7M9j4XNW2SgMtS5uamhdz57rIEVMjCK0h3NKdhcLLatRYedXmtqjGH%2FpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e3d626ccdaca9-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C64C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

43 B
1 KB

35ms
35ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjglrvGATAB&v=APEucNU5Nzwl2oA4XNPjvTtLFJ1mwPwi5wI5y_8scAbHR_OtGNjp-SMyj61T6uoM166oKYky5cpTNejR12pEsofytZaCjz5t_WkOGcHZj_7Nj2TUIEvH7vO003-kLoamiIU2CdoXt_w4HcC9f70bQLU94unoI8rBzC-f0Ip8V3er8uPK5GyqR0w

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
an-x-request-uuid: 0d1bbddd-babd-4563-b094-c90078f9247a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.133; 217.114.215.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C64C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2ODgwODM2NTgwMTE0MjAwMg%3D%3D

170 B
232 B

31ms
31ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2ODgwODM2NTgwMTE0MjAwMg%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
an-x-request-uuid: 9aae32ac-f2a2-47df-90b8-0d02424c0cb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTc2ODgwODM2NTgwMTE0MjAwMg%3D%3D
x-proxy-origin: 217.114.215.133; 217.114.215.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0429
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1

43 B
327 B

61ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUjxRfimmAdnPwV4r2vignKVTjxMJ-IzVR7HC1a7MJrzxMbiTZ-rxwGRpdnmQ0b4W0odT7WyUt79NQArlIqvWs4Gj5lv042gnvdCl1gfuMIXBsEcNpd6rxMIVoVj1Yl4ykVvdzJFXu3dRMpXSsU7suW45BeAuBndxdxuKcuA9DsUyreu_4
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfRCSR6JbhTOxLdMwcWwxKCcOD44kFvF9GNTVhIchszESjXN6KgUFBsjQLyFez8x4F89GJ%2BTi3N3zfLuy4PF60fS7MKpaqOTknY0%2BqyYBCoc8j5Y342jf8auF5x%2F0XWoD1RwOFLIMVY9oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e3d61d8ea4522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niCtDp%2FbhActNGT%2FjFUDSsZ34RIa1hPLI8bKuM5kL2rzlhuT3IHQ1GZLwJmRYOgA42rIEHTFtPljwkSkVltaOSuMbZbRx4O6uSuPm1LvB6yEQu56BDKAgHRnH6KDv5iTplIQ80CRR5Figw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEAgwU86DmBs6KhUZLrlOthk&google_cver=1&C=1
cache-control: no-cache
cf-ray: 851e3d615f9f4522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0429
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcPiMzNJEZAiU.Whr4UsCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2

43 B
770 B

80ms
79ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUjxRfimmAdnPwV4r2vignKVTjxMJ-IzVR7HC1a7MJrzxMbiTZ-rxwGRpdnmQ0b4W0odT7WyUt79NQArlIqvWs4Gj5lv042gnvdCl1gfuMIXBsEcNpd6rxMIVoVj1Yl4ykVvdzJFXu3dRMpXSsU7suW45BeAuBndxdxuKcuA9DsUyreu_4
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mV3YPN92alUZ%2FCr7CCsI4UcAvEgy9tRxqpKJxMmc2UFXkQ7iXRrHajPGdk6llYM1tCnX80xcP5FcSjy1nq25c54%2F7uqxdjfERURBV0SWuOECT3qa3XRUGAEfKNUi0U5Mru%2FRZr%2BPlfJfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851e3d626cc3aca9-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMUA9HU03ZinfIgWJG5yRjE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0429
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

43 B
1 KB

40ms
40ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNUjxRfimmAdnPwV4r2vignKVTjxMJ-IzVR7HC1a7MJrzxMbiTZ-rxwGRpdnmQ0b4W0odT7WyUt79NQArlIqvWs4Gj5lv042gnvdCl1gfuMIXBsEcNpd6rxMIVoVj1Yl4ykVvdzJFXu3dRMpXSsU7suW45BeAuBndxdxuKcuA9DsUyreu_4

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
an-x-request-uuid: 52d03920-81dc-4d08-b835-75ffd10b08ca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.133; 217.114.215.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEM2en5fPM6YTazV_1h_H4VM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0429
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkzNzI1OTA3Mzc0MTY5MTg5Ng%3D%3D

170 B
243 B

33ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkzNzI1OTA3Mzc0MTY5MTg5Ng%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
an-x-request-uuid: b2e83e74-cb1a-43b5-8131-c0f8eeec1f4f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkzNzI1OTA3Mzc0MTY5MTg5Ng%3D%3D
x-proxy-origin: 217.114.215.133; 217.114.215.133; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A72 0
20 B 52ms
52ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1135987285287&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A72 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1135987285287&version=m202401290101&ct=77&x=1&cor=9726261383312600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8A72 20 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtGqiD6BO5_8KXBGKjUQYFVsWXvqwnta_ZkR3ghB4TA446jF_c8o6pbxvit5DelRsEptm0CfAnsPS1aS38NH-Vqj9kLzrfyrEExfWS6vFCwbb-SoMb0TY2VShD150CTzdnBQNMbL-BZ7J-aBt6CfE8LXC1mKqj9B6vANbTHkPyeNmwfY0&cry=1&dbm_d=AKAmf-B-zAXT2Gc64tM35clM3nkZtXZWZSTSEUvZY-IqrmrrudZP9kM4QWKy4U2FQnzzyxVseqmINL8NSMS11DeeBlL9uywUSgC7fwkwRWIC6L-8I6XhnuHIaNEen95-qfVoJBi3YNdV1XLLPRVdhfvTbFFfyKHTcUtFjzxtDzhbyW93JHFBt_xI2vTGkFarqG3w-z6-1ei9Go1nErOxNYUmtwn0dtAdXQAUPIGb5Uw5_aaGi95d-gdo9t3nsa79bV9mjrKv6o_ugwBsJK29drzo3-h9-E-gxrZ4n30g7p31p9MdjdEOrXoYhCsEh82_E5qOcZ5edlfr9D5DN40z9FAsWTaK5pzDeepwTKtVkqhGq0vhrdf063rZ5McQUSu9dsM5to_aQUIZlUROIiXAIwokdlHgoYZgqYJN-Fx8H4srutCIve51vg8hHM_gnhQ39Kg4YSY-r2KNu6Xn4_fTHvhD142CinrTHJIfAiBwvdZmmQGiWc6xsnGakSTgnnO4f9fZBtyl4pRgjLTxP1fECyLg7yJiNkh5st7JoCO90hDs6AIu_euvB7wNTg0ZkbK69zqQINetvLZJG3-BRCRuda0sKvUFqCH42P4dceG8Inji4J12fyVFPaEEVCk1wHTFUCFArVE_1-XBKEFrY_YgCT2e2-NK2SD-EGEaHRGrZuLHWxELlzMHu1O53bDvf9BiiloquExhkF_1Fp6axM6VqjPiZdjB2yEM3gtn22IzJCTqjvM_L3VvulgtxDPN7D-TqB_uYoqr14cg6yBRPpUZTf_3pfimZDE0K3SUxyvXt7hmzx5xDizCfcBjjs_HuIOt3KQpOzgfE-FAKm4HgjkmWPwNmamPpk5bIbgNFoaZ2lpJlaIB9s2XUgh2ropTQJ8CbWjJIF12dJYbaaOlyBDfC1vCFfvX6c3aP7O5FGDa3LXyIyv4gtjeVyABbjQi5id_3zGHJb3K34BbyaNNQyR8ouMilXOOZh-RqrDM8Tj8O_I_1lQ2cV3hFomImAWdaBFuGq0AJYndN33l-h2G_A5XyFmZ85TUqW1tbvjCZc2E4XiA9pF2EfbCTTkscgm4wXIbBC6FYuDVrUsFLhYLSlhQGYBiAws54TmkjbeCbNhEyLrcfJtgOq2P1Z4Gr2XcfrI1X8hq73PlqHRnbqN33AWLQ1czDJyf9W9fLMSJJrcZMMOqOqCPyuMtu-X2FlxcZtUhTkKgkFqUXWgUdcIuznx65Ksnoa0oNSHX5mTjpYGJHYFjwyHTVLjVoeEpZpcy-voNyJAdrLo_AJZjFfqgCWLSETMSRTUsZFTRNthWslz-7DV19WcCKKc5XZfkO-bH-exRw0u4yD6O7QVU2ArBIMbeAPo-2r9kixQ62Lb-RGiwZhZ7FopkUf6nliPtbXeonSA0DY4DyNBIz97kZuzDbgp7m9s6MEPz-Wt3hFyFO4H2YaWvIJMAzSrejih4GvmbuIhevnQiwbABGuXIbxbckVYFh5Cqnc5YQeiBBf_Rzjf9k-bS_NgUwER2b_OzmklnMR-dt7lwZdnqmWHJ2qFYbwFFyhGibZa4tDommkMDgFrCSjTOYIRXKKR3UMmKoPuwVXnvwygxyMF_5XX6v2OaHViasLlLKrCOhXRL1Qm2HVVPxb0WqSK_OSLKrNCexA2c07okuvxwscsOJiydoBo9QAxiULhn8HbJdApyhY-ZqiRdrzx9NdBCaqPuFGB7smpQ8yUtBm0DvJYv4MKL6JFyKL6DJ0apgQs-8vIViLYL-UzhUmCMKdWCmaNz-TXyjyeHCblJcTSjFm_WzWkCNXlNTjAK-RIAVWiv40qaqn1naJKwtOKF1GYRpk1ZXo3ODDBbchAPmirzPiz3uKMEbMLIunRfNZ9e0LohHRfqeDrOARGvGFPSt98bpLA6GtQqMMGNXcc8qXcwBfgKR6WmXjgpt2_yJk5pEXfUwl04TJ8fF8w3UQLA1XLmYUk7-I9b97J3nUgFzjhpEx5l8U8G-YMhFED7GM1wlva691NCByqRGp_fJVxzaDoYy5I4Yo_bUvbHJnRG1OJNMlqgAPc5J4E7NmAAniNo_5CNZcpB8VxTFXi_iJ_EN5nVz95s62G4p2mGFn2j44cyUKMumonSCQrP4eQ7KBvasfo7y7ahJqgznIO3HKyxafhG6f3xyoT9DycULROhEYLzqTncoMurjZ3In-YIt59aeKwnOXic3p482LLe8W_EQSR8Pbdsr19wV9VcveI_pkMExloVGh3tQP9s2HUk88AKtHFRkvgBSL4iMNbV25teHl22X04CEvf0Sn1Y5rfATeHDmMIu4a4gRygQaANQqI6_bQ8erVHMXWlAak0RgQMt_9MpP6BcsxEpAY7uWhOO5EMJdLP9Hc-7Pp0EGf10ljz35iKyxa7jWNj5rsjypOkROibDDemmoVgGitP35QHVKK21uPB3Rkyx4AiphYZq5a8-oxzeWarHPB0m298aAOqUqHcrrXuQ02vWjwPKQaCDLyko1TCzbJFaSKpK2y2PevCvHU188cxueEeG1qCz5Nf2ni23G7ufQsY4RzzqFCUYFZb2jeZnopW3FI0OOnLwPdadBigBPAccurXPjuzpZ0zu0X6pz8xrLs6KAgokF3foMQNe7W309_nqku04Y4DBEvQMRQ8YZ1BNxTfku7HhwP4Se6AUzyc-VYV2TWMC7PptbbD0WaJjXJ0GU4xZqHQM7YdYNHx-9C02y6zIjtn05xJHxbR2s4uh9H1f-NiG0zEVYA_OlTkeMmkNi4iJGvLJmfX5BYwqZw1UdgtvE1Bu0zogKMHftF5nT_R0leRDrxQiQpxZlWM9LDITZoRRraUu6uJfPuFDeUSpOQZ6XoKOOMOoohdRcqultZOdFMOHRynplqEwus3FPCWyhDOXoAc_wJUbl9MSYQg0jm3iR5SJ-llcC3nq6TuFk4ClD4Ti_bfGWTc0j8H6CKdZmtS5IlbW6cBcG0gvO3ojJkcxwmnFOtLRip06ZlhfKZjZotBD3aLqHtakBvfu8saiZsZd3alJUl5V9fUGE-eJ-YvEcHUclCDsMKQswZHPZvy8KbF30NQZBzhk0BKbQ30zy4id4JxiRKIcok-JJ2bihf8nShchpAljWzwR-pQC5WQG2lIZ1tFz7RO_JkOdEYJO3RtHNJtAmfdYHB_QVSB_nVLTEAi3fq5b2eFQ-aOvyGjeQ2NpRO7vuWMk55f3L8qZ2VPWRREeVbYc1gQt00kgnFTBm09X4ajSywaJsa9o4l2aZOG_SevdJiODxQSJqXcGtXz4MCNiGjx0pFc5260V4M33CwScIadF_FgRWjvanIEkkPtmmCFDbmhZEP_ecP4uM5RdkzC7sAJPMkRUDMciLZMmY4f79usMlq3soEjAsfHupXKkkQ9sILVPao4NS4evjggpEv66R7GsvFK1rBHjUgjyykkZlJ8bBE3NQcCXmbVxqCjXOgUK0hj1kNsK4QPaKDFo-118ttOVf7WSlnaCfZQtmWJrXT36WPUvCIQkR3aaPBV3A4pYm6AXqqB6JnuCG4mu-0iuxzb4cJPMqJx8CwTdFdNH73_uVqeWyQtOwh02zIGvm8Ird4A2oMhUMBoARuZ5UbVOEI8kQNoF5YZfgThu3ZIphQY48xEvpWT4JGyLmbCp5bCa2DY87jQW7BSauaQ8O3s2cb2PstBFTSCDMLOW_rPy8t-DzNfHxzxds69cwXqFNn6FhPja9B809eEXeGiFyr7Hsg-kV-mRlOj0ARDYjH8A7M6x0nDBPm12mQKiwoG6XKG6QR-TSmR-YIASGylLDewq6swZmZAev7nWMmiqD6sHy0DhoqhohS6YF2mym6IINHFgleTggO3zFwfRwhtdtDVQU3LUvAzgFCIP0_YxNZrXxINwozRlQG3iKb40v1eL4Q7_AvW9tqaudx5csJbpztipq2I5d4vYnY3FZg&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9726261383312600000&adk=3047537734&idt=71&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

267f68e1983953cb2664778a41f51b79234dca69b709aeceeb398727f82e0e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13463
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DFBE 0
0 51ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=1677658623350006&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7424 0
20 B 51ms
51ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7852110589723&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7424 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7852110589723&version=m202401290101&ct=77&x=1&cor=9223404187252285000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7424 20 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhJKUlsJQWDJ3UG_hUTtxLOUf6d2qhP3VhsIz-YXQcnA4v1fDKAsGpcYWmUJa8I4mq4Vj-crUklkc-fSlXyleSubUesc2Y9tVBHeHHQzP_EiyH-hMUNb1QXPSTJF6KU7pnZWbAi3LwNz6BV_jt6lPCXAJmUFMjr1vCrM-obMFLGw1Vt78&cry=1&dbm_d=AKAmf-AiLDrYwYWLNp5RtF_rafEYWg4e53JoZFghjiRuGvrREERZV6vqqU6gPwjZrv0WJ6vLll12RNJ3qkpUR_-KNhsOKryZPbqbMTG4BjgGqgGnmJfoZtmw0GEOKBv3oO94LjyW8ddWJdpJKPutn51-GHW-xgyirBDgcCRB8tV60QyPqxcc9yKQBAkHJg42luDfqG-64PyEt48AcXUlXU_PMbvOIrR80jaONZq2M3wU5LNBrCBiuAoWJSoObnmTR15gtDt-M9B0DuRcJ0iCOKSDxL6hkWbIvdodlTxtNAfFXb_laSANDDzH9GDWL-Ol0FTPm_82llmvwIKa2ZeYGrJ9is0OIOZUrwQ1mAyG2pjP4qRQERPkDSarhzdecYuxwo0DWuxOhG7tvV94vuyhB4S7SJgfZhZXOJt25AUMuydELFkTkbQoq2Y8rZ3OeeL8oGkroQi-MpR84BqsRQ3pSaZPLdUdFMgMGADHhlFU6pFpstg5bHrQVTY-BepucDlKFP3apk1BOhzMPUpLe5H9f7S-JDsZvIuvETlCKYzzLJGV0tPvpZGdKTPOEknq4b0Zz53eEhybbvGxxiGP_zeyCzseLXRlfgById3M6aN__frZt39Nlj6TvNdJwK1T85x_33KZEAvQwDTQ9LxlGJELRt5WZ5SgK5JeacGNN6645Sn2Oc4341k_P8DTP8Wne05_ch3DTyJIKHpInsITE4NPAc_tJKR9lKOKdWpFb1p2m6bMAFJcNCcvcs4sJRfr4ueJopaixCW-fcfFBG0WMhF5l1LVcvD0zIWWI8KLg8wFhnezBseotKGSJEfHtvuIowEHmV6wXRL8MfieCtEi6phMSMfKUJAM0cAHiU8GOutgRMYjjYb67mjcUnZWsIjaFRWCvEQ7psa7bS6AsAU9Pb04kG7ZhEQq4-1CGaB5EjA88c3wA2h5Tmvm8TCTfC1HWQ3-sdwvRlBuNfTol0A5m0QYNULEW1rdRo61RYB8d_iKCCvQbY47a8jvJrKGcm3LF6DvWx88jiao01-3_atn_S-V2h5xDeUPzxuCKTHKZrBqbHyDc3gljmbnbRNPLTBIx7loXaD5Tzx1CeH4hJVPosrk_Sl2CLKhcr7-zWO6MDYCKkRtyxr4YQRiqecnxt1YYyOOjhcSS0qG8moMNWYXbQ6RD_i8MxoygQQrvfB9tVNEGzADFXXQtHkrqOyoR8CSDliu-XaxswRk5WKMRrf3LisJl25e4RgoMcRasoOp5xkr6BQCMqCRQChMFN9Eojtj_15o5YbMV__8isAxY4qLpFKQpDpYp3ZfZWXe3Qpf7vg9dd34TbF8No_JfmlRI1VBFCT5MXo8mPz77YTTiMq6U6WfJKAgq-DJr1YiKdy8Brllq6XmsRASeZW2Q_2A91cwwcc9pQNTP2qWwDd5xofdbMwNRobJElX-WwGX7AppmcB_cTqUP_mveFSNhUhX2KJIvk8tyteoRhjN72iNwLZzODWJ5qq785zXoz8iiMb-COokSxpdUBu2H9e1a3LvPdzht-F_2Zs0pC3Z5afUrGBuYLrsCWo703s_HswF6PAz0MDqgg1PV0OPWNXYSVTdZ2_2Pghua0wfw0nkfdO-tndGSf0_z99z2Uuc01VQBlJYaNbOnXVuIjyaow0nno5VmCJ4IHHjiHCJwWBDLm91F4IXMgXNUiGsYG32kQh4l3BcenGrYBquGp9LaKhHsXWvxdc3ThLCdID1gcpl4ItekXUUfo4lrRo8Wr4Rp0ouxNd4-SCJW2GptMt3n1nN5hPh4XGRcg9hR6BNc8ecWrgLBRV4o6FGlofwoVjyVplExCVP_prkj2hx03ErTSVMj3XnfieqprfIh41tlgQ260ID1tftKZYJQkyGyr_K8dmqoQMh-cQW0TWMdSERmcihriNqbX8Vy80OxnMpk3f-Jg1N6LvWZosqDYQhMMD3vY-lVpKfTFpJR24pJyhD-r9XlaIsY1E9JSRLbKh66EECT69YcZeD29Res5YJOhh6S8u3B6bb1gW3oBBW2CWk-noje3aVE5xHbf3JBVUdRZGbUlJ5n3KyWg8f6aAEWxmvAudrGwnzLozidqbWYRMco9WxHLti6m-cQElS6bXiMUujHbOQgxoUs6Om3P_Gz1WXXhMtBiuYhZ6fONEeJI2NnqCQ8AnKAdwR0PdNe-J0AhGETaZrS86siRece88OQORtgpttBP3Lxe5O7ntwdE23NWtmYtE-w1HjHh7yQDlAcEjHf9pFNscpe02UBM9IBVTm57EdkOaGxkDMGi96cKjajx4l5nJKGr8_sIzW0ZnL9Jnn9kQ6dpX8DOWdHFVK0UgG6IzTbO9HkWmxNJlVmD4levUCWcTEtKYA2HmcWCplTVyziHrLxYZoK0mgX0RuLpxGIXFe7nV7y7SMzr8WZ3KR-iV57qBdtTCdntQ8FHGaIYnyWYUd5jKxQTbGGoswPx4kFHYe1hYUZt5KxASk1m6R50xrmXVlv2DE8u4N2fudoiFHClQ_w8YwSaTS5THLmFXrX4lE_IJvz_I8LKKilXCXp7Ff5gjDkcZhfrxGN7oUzaFoeh8J1uXhZrWGjEdws1zAPktCDPkx-ZLq5OZAkBuXYGqNC30Bk8xCJr2lwncozL9NjPALo2le85UVQG0RdsvrHJQ-JAlGiGrwFWN2OXwn9Ma6P6iGyfj02c8Y6jVQ7OG7JzhwBQWcsthEmAJz8pgpRmZYe_b8e3fR_KJ8yqjAqw8IpuslYc1C1NhqbxV8QGUbE9yI2cgN2yyX6PGyfne-R425exuJg-KPIDw_HH796VWiX-arjHeVZoR0Ej5U_S5ztt-z8ULAMXOYgeT_HEE9InrH4LOVLRDTZxGCehZ5aQLy5HQuceYUAzVw4d0zXPrYAv6qwRGd5Dt4MOhwrRYE_JPBWFH6UCkcKpthwgfwUFMDWdL_6ZzRj8goDSdRUqA25og6jQPk30ARC_JIUM3Yun3OZWKmZk2bWzbalO_kJnDVgUQqse31UTy49zSJagLxbJxI2fjyFhwpJ5R6zQ9GjZU4ahriX-vTNrbgIAOhStbIKDNFwS8usuh_5eDGZbNjG-cF9UMmA472iQhGKTLFPne0bVQly32uZnCJQEIhtnJV4L2dw85Xq3DenPR3hlz5fxM100uq_6sCWTTUNvPwkMgv9OVUUp9Qb9OHaba1f4epnvBgGhwaz4-mXYhTeB1Qv2cvqe7-F2AAJCbmilGHG9Lx0IjkQ6zNWUc9mJxdIQOOnSeZ609UIO0mKEOoQrLyoQChjThzxgfgASa9-TLTlmIbRGUVxEWV5E7Eu6n4BYq3ip4c2mL9zlE5TufHJZqoFwaGGhSrcOUQXeXUCJmVNgfwYGn_w6fvlK-R_qDOp4hFJT6NqYcXIrtlE_sBw86sAVBrff_dfO6PibRkQjhFwmwFI0S3JAnVsSzrzanGl1ggriRYPr-XEWZdif5GJH16OmIfRpdPtXWvEqOOTMwmNZ1Gnw89c6glSyW5jJL9fzv7TF6-7aWW13CWoJzaRjsGDslbg43wWfymqhF9VUy_dXmJ8meiBhhEnXAp7YoiZV99tWylXPQfl7Q-mZR2iQ5JezfrJhM55i1HDqV10y9_ye4naxGjS9j3qjCPHnNdtSZhe6S-YnkG1zfhfYfzCQg63Uj8do_-Qb7V8dJjB6BS5SHKwV8gjZS-rmGc7cJEH0RKTUg0bgNDQREMYk5KvNPcAumvAm9fUUVNMiKA7YCI8KPhIqeJ36fGkGbpEKLk1SW6clt1Ykw0UPbI51baYLDGnzqii-nOiEUKueBaZSh3aW8brk677gvJPmd8_myA24w323--8gAnXvww_P-7Sy1jjjYeUdGUkMZsH_pgzo1qC-rIraaT2qnf8DyxlXoGwqFOrbhx7zBfVeW3DdSUL6r-EJ0MjkXEJdjBM2nx6uErd7lWZ-feZSaCd7Q0_3cyZhuMkKI&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9223404187252285000&adk=2086295848&idt=106&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c60ba68980498a63737a808cf1582224ba835595b2e961c9710dda2b05a220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13627
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js Show response
pagead2.googlesyndication.com/bg/ Frame 391C 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i0MYUUh1Abms9FfKp1VgzmskXH0YSPyHQhoPFnOk_dI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 12:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15304
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 12:58:28 GMT

GET
H2

200

B22807636.328475542;dc_pre=CK32t5KDmoQDFayl_Qcd5kMILQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/ Frame 543C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK32t5KDmoQDFayl_Qcd5kMILQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rd...

42 B
211 B

40ms
40ms

Image
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK32t5KDmoQDFayl_Qcd5kMILQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK32t5KDmoQDFayl_Qcd5kMILQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=1857239389;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A72 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtGqiD6BO5_8KXBGKjUQYFVsWXvqwnta_ZkR3ghB4TA446jF_c8o6pbxvit5DelRsEptm0CfAnsPS1aS38NH-Vqj9kLzrfyrEExfWS6vFCwbb-SoMb0TY2VShD150CTzdnBQNMbL-BZ7J-aBt6CfE8LXC1mKqj9B6vANbTHkPyeNmwfY0&cry=1&dbm_d=AKAmf-B-zAXT2Gc64tM35clM3nkZtXZWZSTSEUvZY-IqrmrrudZP9kM4QWKy4U2FQnzzyxVseqmINL8NSMS11DeeBlL9uywUSgC7fwkwRWIC6L-8I6XhnuHIaNEen95-qfVoJBi3YNdV1XLLPRVdhfvTbFFfyKHTcUtFjzxtDzhbyW93JHFBt_xI2vTGkFarqG3w-z6-1ei9Go1nErOxNYUmtwn0dtAdXQAUPIGb5Uw5_aaGi95d-gdo9t3nsa79bV9mjrKv6o_ugwBsJK29drzo3-h9-E-gxrZ4n30g7p31p9MdjdEOrXoYhCsEh82_E5qOcZ5edlfr9D5DN40z9FAsWTaK5pzDeepwTKtVkqhGq0vhrdf063rZ5McQUSu9dsM5to_aQUIZlUROIiXAIwokdlHgoYZgqYJN-Fx8H4srutCIve51vg8hHM_gnhQ39Kg4YSY-r2KNu6Xn4_fTHvhD142CinrTHJIfAiBwvdZmmQGiWc6xsnGakSTgnnO4f9fZBtyl4pRgjLTxP1fECyLg7yJiNkh5st7JoCO90hDs6AIu_euvB7wNTg0ZkbK69zqQINetvLZJG3-BRCRuda0sKvUFqCH42P4dceG8Inji4J12fyVFPaEEVCk1wHTFUCFArVE_1-XBKEFrY_YgCT2e2-NK2SD-EGEaHRGrZuLHWxELlzMHu1O53bDvf9BiiloquExhkF_1Fp6axM6VqjPiZdjB2yEM3gtn22IzJCTqjvM_L3VvulgtxDPN7D-TqB_uYoqr14cg6yBRPpUZTf_3pfimZDE0K3SUxyvXt7hmzx5xDizCfcBjjs_HuIOt3KQpOzgfE-FAKm4HgjkmWPwNmamPpk5bIbgNFoaZ2lpJlaIB9s2XUgh2ropTQJ8CbWjJIF12dJYbaaOlyBDfC1vCFfvX6c3aP7O5FGDa3LXyIyv4gtjeVyABbjQi5id_3zGHJb3K34BbyaNNQyR8ouMilXOOZh-RqrDM8Tj8O_I_1lQ2cV3hFomImAWdaBFuGq0AJYndN33l-h2G_A5XyFmZ85TUqW1tbvjCZc2E4XiA9pF2EfbCTTkscgm4wXIbBC6FYuDVrUsFLhYLSlhQGYBiAws54TmkjbeCbNhEyLrcfJtgOq2P1Z4Gr2XcfrI1X8hq73PlqHRnbqN33AWLQ1czDJyf9W9fLMSJJrcZMMOqOqCPyuMtu-X2FlxcZtUhTkKgkFqUXWgUdcIuznx65Ksnoa0oNSHX5mTjpYGJHYFjwyHTVLjVoeEpZpcy-voNyJAdrLo_AJZjFfqgCWLSETMSRTUsZFTRNthWslz-7DV19WcCKKc5XZfkO-bH-exRw0u4yD6O7QVU2ArBIMbeAPo-2r9kixQ62Lb-RGiwZhZ7FopkUf6nliPtbXeonSA0DY4DyNBIz97kZuzDbgp7m9s6MEPz-Wt3hFyFO4H2YaWvIJMAzSrejih4GvmbuIhevnQiwbABGuXIbxbckVYFh5Cqnc5YQeiBBf_Rzjf9k-bS_NgUwER2b_OzmklnMR-dt7lwZdnqmWHJ2qFYbwFFyhGibZa4tDommkMDgFrCSjTOYIRXKKR3UMmKoPuwVXnvwygxyMF_5XX6v2OaHViasLlLKrCOhXRL1Qm2HVVPxb0WqSK_OSLKrNCexA2c07okuvxwscsOJiydoBo9QAxiULhn8HbJdApyhY-ZqiRdrzx9NdBCaqPuFGB7smpQ8yUtBm0DvJYv4MKL6JFyKL6DJ0apgQs-8vIViLYL-UzhUmCMKdWCmaNz-TXyjyeHCblJcTSjFm_WzWkCNXlNTjAK-RIAVWiv40qaqn1naJKwtOKF1GYRpk1ZXo3ODDBbchAPmirzPiz3uKMEbMLIunRfNZ9e0LohHRfqeDrOARGvGFPSt98bpLA6GtQqMMGNXcc8qXcwBfgKR6WmXjgpt2_yJk5pEXfUwl04TJ8fF8w3UQLA1XLmYUk7-I9b97J3nUgFzjhpEx5l8U8G-YMhFED7GM1wlva691NCByqRGp_fJVxzaDoYy5I4Yo_bUvbHJnRG1OJNMlqgAPc5J4E7NmAAniNo_5CNZcpB8VxTFXi_iJ_EN5nVz95s62G4p2mGFn2j44cyUKMumonSCQrP4eQ7KBvasfo7y7ahJqgznIO3HKyxafhG6f3xyoT9DycULROhEYLzqTncoMurjZ3In-YIt59aeKwnOXic3p482LLe8W_EQSR8Pbdsr19wV9VcveI_pkMExloVGh3tQP9s2HUk88AKtHFRkvgBSL4iMNbV25teHl22X04CEvf0Sn1Y5rfATeHDmMIu4a4gRygQaANQqI6_bQ8erVHMXWlAak0RgQMt_9MpP6BcsxEpAY7uWhOO5EMJdLP9Hc-7Pp0EGf10ljz35iKyxa7jWNj5rsjypOkROibDDemmoVgGitP35QHVKK21uPB3Rkyx4AiphYZq5a8-oxzeWarHPB0m298aAOqUqHcrrXuQ02vWjwPKQaCDLyko1TCzbJFaSKpK2y2PevCvHU188cxueEeG1qCz5Nf2ni23G7ufQsY4RzzqFCUYFZb2jeZnopW3FI0OOnLwPdadBigBPAccurXPjuzpZ0zu0X6pz8xrLs6KAgokF3foMQNe7W309_nqku04Y4DBEvQMRQ8YZ1BNxTfku7HhwP4Se6AUzyc-VYV2TWMC7PptbbD0WaJjXJ0GU4xZqHQM7YdYNHx-9C02y6zIjtn05xJHxbR2s4uh9H1f-NiG0zEVYA_OlTkeMmkNi4iJGvLJmfX5BYwqZw1UdgtvE1Bu0zogKMHftF5nT_R0leRDrxQiQpxZlWM9LDITZoRRraUu6uJfPuFDeUSpOQZ6XoKOOMOoohdRcqultZOdFMOHRynplqEwus3FPCWyhDOXoAc_wJUbl9MSYQg0jm3iR5SJ-llcC3nq6TuFk4ClD4Ti_bfGWTc0j8H6CKdZmtS5IlbW6cBcG0gvO3ojJkcxwmnFOtLRip06ZlhfKZjZotBD3aLqHtakBvfu8saiZsZd3alJUl5V9fUGE-eJ-YvEcHUclCDsMKQswZHPZvy8KbF30NQZBzhk0BKbQ30zy4id4JxiRKIcok-JJ2bihf8nShchpAljWzwR-pQC5WQG2lIZ1tFz7RO_JkOdEYJO3RtHNJtAmfdYHB_QVSB_nVLTEAi3fq5b2eFQ-aOvyGjeQ2NpRO7vuWMk55f3L8qZ2VPWRREeVbYc1gQt00kgnFTBm09X4ajSywaJsa9o4l2aZOG_SevdJiODxQSJqXcGtXz4MCNiGjx0pFc5260V4M33CwScIadF_FgRWjvanIEkkPtmmCFDbmhZEP_ecP4uM5RdkzC7sAJPMkRUDMciLZMmY4f79usMlq3soEjAsfHupXKkkQ9sILVPao4NS4evjggpEv66R7GsvFK1rBHjUgjyykkZlJ8bBE3NQcCXmbVxqCjXOgUK0hj1kNsK4QPaKDFo-118ttOVf7WSlnaCfZQtmWJrXT36WPUvCIQkR3aaPBV3A4pYm6AXqqB6JnuCG4mu-0iuxzb4cJPMqJx8CwTdFdNH73_uVqeWyQtOwh02zIGvm8Ird4A2oMhUMBoARuZ5UbVOEI8kQNoF5YZfgThu3ZIphQY48xEvpWT4JGyLmbCp5bCa2DY87jQW7BSauaQ8O3s2cb2PstBFTSCDMLOW_rPy8t-DzNfHxzxds69cwXqFNn6FhPja9B809eEXeGiFyr7Hsg-kV-mRlOj0ARDYjH8A7M6x0nDBPm12mQKiwoG6XKG6QR-TSmR-YIASGylLDewq6swZmZAev7nWMmiqD6sHy0DhoqhohS6YF2mym6IINHFgleTggO3zFwfRwhtdtDVQU3LUvAzgFCIP0_YxNZrXxINwozRlQG3iKb40v1eL4Q7_AvW9tqaudx5csJbpztipq2I5d4vYnY3FZg&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9726261383312600000&adk=3047537734&idt=71&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMzNjI0MzM0NzUyNQogIHNlcnZlcl9pcDogMTM0MDYyODI5CiAgcHJvY2Vzc19pZDogMzQ5MDExODM3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 8A72 0
545 B 127ms
55ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMzNjI0MzM0NzUyNQogIHNlcnZlcl9pcDogMTM0MDYyODI5CiAgcHJvY2Vzc19pZDogMzQ5MDExODM3MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDk0NTYwMzkxNDY0ODAyOTM2NApkZWJ1Z19rZXk6IDE3NDM0NzE1OTg4NDQyMjA4NTMzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMzM0MTUxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDU2NjQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa2600b549ccd01650000000000000000","13":"0xf5e61e9dfb0000690000000000000000","14":"0xfd8b0566df58e7e60000000000000000","15":"0x60f7bd5ad989843c0000000000000000"},"debug_key":"17434715988442208533","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14945603914648029364"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AC10 0
0 66ms
65ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1RQ5MuLDZaj5Ha2C_NUP77GAqAjjtc7NdaaSvqeWEsCNtwEQASDCptYbYJWKhIKYB6AB3fCqwCrIAQngAgCoAwHIAwqqBIkCT9A-WoH5aYh6daS49PyfE4dl9dQUHXYjXF2HIHb0zvX7GpABs_KW1I_39Q0ai_Yqo2l72ziDsQRWG1j0VMXMMqw5my0jYmA7T7i5MdC46QK0ZpTK6TrEg3Tk50qBkWGpYps-jfO3sBsuTPq71vNfcVowuflWo8n644p26AucKnrYcom59c_1KN8D291mQebOffyZpGv5qlD81d0gKANPr40zlELS9dSr8kqQC1F0Trgnph7VuPqJtwfDm044zjMDah_NOK6G9XD1vSozcZ6MYbM-coP3G2oEMN6iDIgWm0PLvU5Y4FxxrA9PfwfzwDiumWvOT7wnlayu2pyuoTTcsPqk5d2xabjqbMAEhMGk_dcE4AQBiAXiivG6TZIFBAgEGAGSBQQIBRgEoAYugAfdqPufBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEM28L9IIJgiA4YAQEAEYHTICqgI6CYBAgICEgICECEi9_cE6WKaR-JGDmoQDmgmPAWh0dHBzOi8vcGRmaXhlcnMuY29tL2Rvd25sb2Fkc0hvdy5odG1sP2NhbXBhaWduX2lkPTIwNzkzMDE3Njk4JmFkZ3JvdXBfaWQ9MTYxMDU1NTgwMjkyJnBsYWNlbWVudF9pZD13d3cuYmFpeGFraS5jb20uYnImY3JlYXRpdmVfaWQ9Njg4NzQ1MDM3ODIxgAoDyAsB4g0TCNfz-JGDmoQDFS0BvwQd7xgAhbgT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzAxOTA5MTA5NDg5NjI2MBjSwBY&sigh=F0FRWaeoUqc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 543C 0
0 63ms
62ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcxsDMuLDZav5Ha2C_NUP77GAqAjZtYDCatTeiJCuD2QQASDCptYbYJWKhIKYB6ABlbavngPIAQngAgCoAwHIAwqqBIYCT9APN4urgmGsXkJI7s5ItaWdf6i3h07gmQmZbMTS0usvAVs3B23wIn4Ic1Ccd-OxcN8Ac7ru4HbXKluTgySgLJhUcU5u7pe0KTMU2rP27cfnpvPJ9TDXz-Z_wcKQVj_f6CRqJpR5tYoOs1xryn_3K4KyWPP6OdbETJ9UUkrJRTnFFYh4TfjR_ix0g6VbVTGRbdbqZtXyXlIXvSxarMWJ_xc_uQxq26UOjA99MCTOuZS60f16__RHwi_iBgo6Oe6nrAr8TWJJDVN4_GhI7LOkXVaP3S3W9fc939VSAdwGNhKwaJF_dFBBLjtm3n573AptNI7UiARWfOOoZHneXHU21ma9T1klb8AE4KbFgsgB4AQBiAW5hpvwA5IFBAgEGAGSBQQIBRgEoAYugAfTydBhqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQq6QZ0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgIQISL39wTpYppH4kYOahAOaCYUBaHR0cHM6Ly93d3cuYXZhc3QuY29tL2RlLWRlL2xwLXBwYy1mcmVlLWF2P3BwY19jb2RlPTAxMiZwcGM9eCZvbV9zZW1fY2lkPWhob19zZW1fc3k6fmRlLWRlX2F2YV9kaXNfZ2VuX3Byb19hZHdfZHRwOk5ld34mZ2Nsc3JjPWF3LmRzJoAKA8gLAeINEwja8_iRg5qEAxUtAb8EHe8YAIW4E-QD2BMMiBQH0BUBmBYBgBcBshceChwIABIUcHViLTcwMTkwOTEwOTQ4OTYyNjAY0sAW&sigh=JHI6zkVNnTY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H/1.1 200
OK vjdy8w6hewcq Show response
hal9000.redintelligence.net/zone/ Frame 8A72 11 KB
4 KB 96ms
29ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vjdy8w6hewcq?subid=&gdpr=&gdpr_consent=&rnd=1707336242490666&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 77a5c4b13ce1a7fd939922774ad2e29ac20936eb81d1abd434a51e665002c589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4202
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7424 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhJKUlsJQWDJ3UG_hUTtxLOUf6d2qhP3VhsIz-YXQcnA4v1fDKAsGpcYWmUJa8I4mq4Vj-crUklkc-fSlXyleSubUesc2Y9tVBHeHHQzP_EiyH-hMUNb1QXPSTJF6KU7pnZWbAi3LwNz6BV_jt6lPCXAJmUFMjr1vCrM-obMFLGw1Vt78&cry=1&dbm_d=AKAmf-AiLDrYwYWLNp5RtF_rafEYWg4e53JoZFghjiRuGvrREERZV6vqqU6gPwjZrv0WJ6vLll12RNJ3qkpUR_-KNhsOKryZPbqbMTG4BjgGqgGnmJfoZtmw0GEOKBv3oO94LjyW8ddWJdpJKPutn51-GHW-xgyirBDgcCRB8tV60QyPqxcc9yKQBAkHJg42luDfqG-64PyEt48AcXUlXU_PMbvOIrR80jaONZq2M3wU5LNBrCBiuAoWJSoObnmTR15gtDt-M9B0DuRcJ0iCOKSDxL6hkWbIvdodlTxtNAfFXb_laSANDDzH9GDWL-Ol0FTPm_82llmvwIKa2ZeYGrJ9is0OIOZUrwQ1mAyG2pjP4qRQERPkDSarhzdecYuxwo0DWuxOhG7tvV94vuyhB4S7SJgfZhZXOJt25AUMuydELFkTkbQoq2Y8rZ3OeeL8oGkroQi-MpR84BqsRQ3pSaZPLdUdFMgMGADHhlFU6pFpstg5bHrQVTY-BepucDlKFP3apk1BOhzMPUpLe5H9f7S-JDsZvIuvETlCKYzzLJGV0tPvpZGdKTPOEknq4b0Zz53eEhybbvGxxiGP_zeyCzseLXRlfgById3M6aN__frZt39Nlj6TvNdJwK1T85x_33KZEAvQwDTQ9LxlGJELRt5WZ5SgK5JeacGNN6645Sn2Oc4341k_P8DTP8Wne05_ch3DTyJIKHpInsITE4NPAc_tJKR9lKOKdWpFb1p2m6bMAFJcNCcvcs4sJRfr4ueJopaixCW-fcfFBG0WMhF5l1LVcvD0zIWWI8KLg8wFhnezBseotKGSJEfHtvuIowEHmV6wXRL8MfieCtEi6phMSMfKUJAM0cAHiU8GOutgRMYjjYb67mjcUnZWsIjaFRWCvEQ7psa7bS6AsAU9Pb04kG7ZhEQq4-1CGaB5EjA88c3wA2h5Tmvm8TCTfC1HWQ3-sdwvRlBuNfTol0A5m0QYNULEW1rdRo61RYB8d_iKCCvQbY47a8jvJrKGcm3LF6DvWx88jiao01-3_atn_S-V2h5xDeUPzxuCKTHKZrBqbHyDc3gljmbnbRNPLTBIx7loXaD5Tzx1CeH4hJVPosrk_Sl2CLKhcr7-zWO6MDYCKkRtyxr4YQRiqecnxt1YYyOOjhcSS0qG8moMNWYXbQ6RD_i8MxoygQQrvfB9tVNEGzADFXXQtHkrqOyoR8CSDliu-XaxswRk5WKMRrf3LisJl25e4RgoMcRasoOp5xkr6BQCMqCRQChMFN9Eojtj_15o5YbMV__8isAxY4qLpFKQpDpYp3ZfZWXe3Qpf7vg9dd34TbF8No_JfmlRI1VBFCT5MXo8mPz77YTTiMq6U6WfJKAgq-DJr1YiKdy8Brllq6XmsRASeZW2Q_2A91cwwcc9pQNTP2qWwDd5xofdbMwNRobJElX-WwGX7AppmcB_cTqUP_mveFSNhUhX2KJIvk8tyteoRhjN72iNwLZzODWJ5qq785zXoz8iiMb-COokSxpdUBu2H9e1a3LvPdzht-F_2Zs0pC3Z5afUrGBuYLrsCWo703s_HswF6PAz0MDqgg1PV0OPWNXYSVTdZ2_2Pghua0wfw0nkfdO-tndGSf0_z99z2Uuc01VQBlJYaNbOnXVuIjyaow0nno5VmCJ4IHHjiHCJwWBDLm91F4IXMgXNUiGsYG32kQh4l3BcenGrYBquGp9LaKhHsXWvxdc3ThLCdID1gcpl4ItekXUUfo4lrRo8Wr4Rp0ouxNd4-SCJW2GptMt3n1nN5hPh4XGRcg9hR6BNc8ecWrgLBRV4o6FGlofwoVjyVplExCVP_prkj2hx03ErTSVMj3XnfieqprfIh41tlgQ260ID1tftKZYJQkyGyr_K8dmqoQMh-cQW0TWMdSERmcihriNqbX8Vy80OxnMpk3f-Jg1N6LvWZosqDYQhMMD3vY-lVpKfTFpJR24pJyhD-r9XlaIsY1E9JSRLbKh66EECT69YcZeD29Res5YJOhh6S8u3B6bb1gW3oBBW2CWk-noje3aVE5xHbf3JBVUdRZGbUlJ5n3KyWg8f6aAEWxmvAudrGwnzLozidqbWYRMco9WxHLti6m-cQElS6bXiMUujHbOQgxoUs6Om3P_Gz1WXXhMtBiuYhZ6fONEeJI2NnqCQ8AnKAdwR0PdNe-J0AhGETaZrS86siRece88OQORtgpttBP3Lxe5O7ntwdE23NWtmYtE-w1HjHh7yQDlAcEjHf9pFNscpe02UBM9IBVTm57EdkOaGxkDMGi96cKjajx4l5nJKGr8_sIzW0ZnL9Jnn9kQ6dpX8DOWdHFVK0UgG6IzTbO9HkWmxNJlVmD4levUCWcTEtKYA2HmcWCplTVyziHrLxYZoK0mgX0RuLpxGIXFe7nV7y7SMzr8WZ3KR-iV57qBdtTCdntQ8FHGaIYnyWYUd5jKxQTbGGoswPx4kFHYe1hYUZt5KxASk1m6R50xrmXVlv2DE8u4N2fudoiFHClQ_w8YwSaTS5THLmFXrX4lE_IJvz_I8LKKilXCXp7Ff5gjDkcZhfrxGN7oUzaFoeh8J1uXhZrWGjEdws1zAPktCDPkx-ZLq5OZAkBuXYGqNC30Bk8xCJr2lwncozL9NjPALo2le85UVQG0RdsvrHJQ-JAlGiGrwFWN2OXwn9Ma6P6iGyfj02c8Y6jVQ7OG7JzhwBQWcsthEmAJz8pgpRmZYe_b8e3fR_KJ8yqjAqw8IpuslYc1C1NhqbxV8QGUbE9yI2cgN2yyX6PGyfne-R425exuJg-KPIDw_HH796VWiX-arjHeVZoR0Ej5U_S5ztt-z8ULAMXOYgeT_HEE9InrH4LOVLRDTZxGCehZ5aQLy5HQuceYUAzVw4d0zXPrYAv6qwRGd5Dt4MOhwrRYE_JPBWFH6UCkcKpthwgfwUFMDWdL_6ZzRj8goDSdRUqA25og6jQPk30ARC_JIUM3Yun3OZWKmZk2bWzbalO_kJnDVgUQqse31UTy49zSJagLxbJxI2fjyFhwpJ5R6zQ9GjZU4ahriX-vTNrbgIAOhStbIKDNFwS8usuh_5eDGZbNjG-cF9UMmA472iQhGKTLFPne0bVQly32uZnCJQEIhtnJV4L2dw85Xq3DenPR3hlz5fxM100uq_6sCWTTUNvPwkMgv9OVUUp9Qb9OHaba1f4epnvBgGhwaz4-mXYhTeB1Qv2cvqe7-F2AAJCbmilGHG9Lx0IjkQ6zNWUc9mJxdIQOOnSeZ609UIO0mKEOoQrLyoQChjThzxgfgASa9-TLTlmIbRGUVxEWV5E7Eu6n4BYq3ip4c2mL9zlE5TufHJZqoFwaGGhSrcOUQXeXUCJmVNgfwYGn_w6fvlK-R_qDOp4hFJT6NqYcXIrtlE_sBw86sAVBrff_dfO6PibRkQjhFwmwFI0S3JAnVsSzrzanGl1ggriRYPr-XEWZdif5GJH16OmIfRpdPtXWvEqOOTMwmNZ1Gnw89c6glSyW5jJL9fzv7TF6-7aWW13CWoJzaRjsGDslbg43wWfymqhF9VUy_dXmJ8meiBhhEnXAp7YoiZV99tWylXPQfl7Q-mZR2iQ5JezfrJhM55i1HDqV10y9_ye4naxGjS9j3qjCPHnNdtSZhe6S-YnkG1zfhfYfzCQg63Uj8do_-Qb7V8dJjB6BS5SHKwV8gjZS-rmGc7cJEH0RKTUg0bgNDQREMYk5KvNPcAumvAm9fUUVNMiKA7YCI8KPhIqeJ36fGkGbpEKLk1SW6clt1Ykw0UPbI51baYLDGnzqii-nOiEUKueBaZSh3aW8brk677gvJPmd8_myA24w323--8gAnXvww_P-7Sy1jjjYeUdGUkMZsH_pgzo1qC-rIraaT2qnf8DyxlXoGwqFOrbhx7zBfVeW3DdSUL6r-EJ0MjkXEJdjBM2nx6uErd7lWZ-feZSaCd7Q0_3cyZhuMkKI&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=9223404187252285000&adk=2086295848&idt=106&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMzNjI0MzM3MzI3NgogIHNlcnZlcl9pcDogMTM5Nzk1NzYzCiAgcHJvY2Vzc19pZDogMzg0MjE2OTQ4Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 7424 0
508 B 103ms
57ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzMzNjI0MzM3MzI3NgogIHNlcnZlcl9pcDogMTM5Nzk1NzYzCiAgcHJvY2Vzc19pZDogMzg0MjE2OTQ4Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNDAxMDU4OTkzODExNzAyMTUwNQpkZWJ1Z19rZXk6IDEzOTEwNjU4OTMzMzM0MjI0NjU3CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMi0wNyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1ODk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDcwNjcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa2600b549ccd01650000000000000000","13":"0xf5e61e9dfb0000690000000000000000","14":"0xfd8b0566df58e7e60000000000000000","15":"0xc94fc019f6c3dbea0000000000000000"},"debug_key":"13910658933334224657","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"14010589938117021505"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 7424 11 KB
4 KB 85ms
30ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1707336242490668&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 37ed4a820778a1378b11ece01bdcdd5827ffeaabea87cc769a58db827b5a33b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4208
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 925B 38 KB
13 KB 30ms
30ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 391C 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AvXgJw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK 01HGEEWRMJ3CD1KXQGFJE2KTFM.png
adoptprodstorage.blob.core.windows.net/adopt-prod/organization/cd60280b-801d-419f-ba6b-38e3b405b42b/disclaimer/a8b131a9-d7fb-4185-b074-da8dd2ac7aa8/domain/9d1b35c6-be0f-466e-aef0-864af4569695/contr... 4 KB
5 KB 957ms
224ms Image
application/octet-stream 191.235.248.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adoptprodstorage.blob.core.windows.net/adopt-prod/organization/cd60280b-801d-419f-ba6b-38e3b405b42b/disclaimer/a8b131a9-d7fb-4185-b074-da8dd2ac7aa8/domain/9d1b35c6-be0f-466e-aef0-864af4569695/controllerIcon/01HGEEWRMJ3CD1KXQGFJE2KTFM.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 191.235.248.36 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0fb0436cc7262742d2a5a5e046e2eeeeaaaed737b9243d81a1f3b887d5bfacc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 07 Feb 2024 20:04:03 GMT
Last-Modified: Wed, 29 Nov 2023 21:13:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: V2F963q3kousfU7rZFMuCw==
ETag: 0x8DBF12017A40B43
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: 3c6528c8-601e-0021-1200-5a7fd1000000
x-ms-version: 2009-09-19
Content-Length: 4530

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 417A 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 925B 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:25:00 GMT

GET
H/1.1

200
OK

request.php Show response
hal900020.redintelligence.net/ Frame 8A72
Redirect Chain

https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

3 KB
2 KB

143ms
89ms

Script
application/x-javascript

178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: c43e3f9a4df3941ad32f38e9f3cc7cb1d4741e11c0192f1a7c63b1e2c4ccc8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46236200220383004444990012593020
Connection: close
Content-Length: 1172
Expires: Wed, 07 Feb 2024 20:04:03 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 07 Feb 2024 20:04:03 +0100

GET
H/1.1

200
OK

request.php Show response
hal900012.redintelligence.net/ Frame 7424
Redirect Chain

https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

151ms
102ms

Script
application/x-javascript

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 94.130.102.164 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 2484625b29379d93ac7c72f1ca0292f7864e5a02e7365285cb360cdc26466756

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 64032200205360504444554012593012
Connection: close
Content-Length: 1188
Expires: Wed, 07 Feb 2024 20:04:03 +0100

Redirect headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Wed, 07 Feb 2024 20:04:03 +0100

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 91 KB
31 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/slotcar_library_fy2021.js?bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdea9605605180545dbc6b206330af3279d35838674cfde4d36275f377da08bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32194
x-xss-protection: 0
server: cafe
etag: 5238291986250409006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 417A 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:25:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 17:25:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 925B 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIvYdM-LDZYWbFe3F9u8P4_WbgA0AAAAAOAHgBAI&bg=!7O-l76DNAAaxkZ3akZE7ADQBe5WfOBH2GHd6dhz6X5IyuuyXTo0mAq1k-_5WnwcZUqzi1LHpHd2zmI_kMxTscer2xhjpAgAAAExSAAAAAmgBB5kDEuRp9hbY_OTjCPVzC1rkgYtvC617QmKtvnI05mBoSHUiXIOFX5n_0il4jcRNNkCvYmnUjHVFLCtH-ugQchxQ9yr23DrGyhSd39c43BnUr74SwKjyDp6XEaDeZsn9vVl6Ldvk8DJ7uX_GmwPXolJO-b-6500zAmAwmFx8UPsQcG1ZubWtSr1psKFO7BldDeNeX4aUolQq40VTyOzFLuUj14IHCTt2s55Op2rHZ3vPPNUo7H00YH64hyd7bBzHXm_dHWWlHk1aiqDR_RY8JpQhdzFhEj5-IpIVbwjZEfe2G2vzEM5ykXGyZUV3tXwIRv0g_wBhYWKhNCRWu8BA__cAQXSdQrKxIDm-T2A0bqqxwlG4xKdBvdy7SY9iXbW-EOlAMXKlHxmf0UX-87qx7i_WfHTBa8utLvAdk-IG6CC96vB_dRT09E1ZS2bBPfxtGTARA-7BvcMM3VViw1Bp12J-Bh5whuZVK3Yk2t3hsR2fyIjLU_WV6QURJdC8-1lYrlzaIfu_e0shDMjrz1o9CEOlFzfnHlobhX7JF9cKziL1k7FjDPHcjoaHGrSY_1ivOxUYE6dxZ1YY4coOLdtnt2uWis1jcwXbeS7pGw9pyNK53MIVijzhiAk3tFLBRCO939hNsCLhbSO6_9SwNoy_sEWE03ndXkk2QLilql5-lUW4q7cOqtw5dQrdaNMsb-Xq9AWM-OTCL2_cbXoAgzJR42kSrVeROTH9iDyZMb2byGAkhtGdqJujV1MRzj-7gwQWrq-W4fdVFZj1qHwA8E45m5PbrKj6bX9ja7_CoO8fitBY1y6KHMdLvJOHAc241rIR9kYIVp0FNwkddSP94GTVAryAb8O83Uj4IhRRs0LzwkOJGS4jHGT35CurvRS7FhbH2gz9e5ZCY4cPsIXE9YdBPntAuhA6pSjIKALnIyZcOsAYXL3mMhem07cLwDE2Mhj5o1iRRcHbbrG16G6EHY28hhN_EMnXFfIsW76frwe15TCOCFcYqgVc07qGCr9oeDNK1pGZoKfGSw9Yf1KQwWrNFxkIYzbCuw

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 417A 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bc40RM-LDZZzkFrO61PIPj7WLqA4AAAAAOAHgBAI&bg=!5-Sl5KvNAAaxkZ3akZE7ADQBe5WfOP22P2fSJ8-pQFYXaR7Y8OlKZvkJmT6J3oWKNFI6kA4KwV5f6u6HxV0UndrLAj2nAgAAAElSAAAAAmgBB5kDH_1IFM3wtegS_WaywxkAUMvYHjyd9OPVxuSDzxZf_lTxoP5fz92FASiPGYf1DaqU8z6cspJwIPBrm2zyZ3jlELFK-dmn0SuWGODBhTHQ-FX5hYziaYfcX2Zhe8m86uNpkPrSoG99vuE78158x3i7Jj_5UG-hxKOfwDd3gpEJ5S1mwnu15rN3J6oVfQHkOc46lCtztdIRkzB5UKhfhYSsYPitsu1xzIsB2p9gL_1VzlwugXOgcR_kepQi6NTOF8XRvTVZOR_YG9Xg2aWS0FlARNZUklp6V600TjlXbbAjMNBn-XNK1xqIFwAV85-I7oCEhb47o4vu_Xt1UjD9ZfieYstZxj02g1pZ7gIeZJdhikEImAb2fJmMsNUYVtbUVtHxUopcjcEoEE2FPSbBrAVD9Dj5HFQvIkJy7UNMNYfXkUU2fxL96BK_l3wS3EqGnYR5y0NN7IHqReLiCEWZpMvZ1r3wb6DlVOGxmhxet7LPaCsKS08WyT4ZGcfSpkKd_UFBA0Dm4kHEjrGqKCe468HEC7irFjcNlEZcDQ2uwiY-2v9wLqiYN4NOhOJtoKGF90dj0YR_8a7Hc8qFEulEV3QFTFe24pJAw3JkZfHZ7YeG-LSya8Pwb8OJ3ZMXrCQ9V61zX3hWvvYZyJ_uTADkT2KUTUDdTLkbZu3I2Peo19nENz1DdRNTnE_4IOWkvASUB6TORSdkOhwYe9y7cBZxs1Nw2k6jXrBZ1ONIFH-c116CZwCf6S8YcuiT6xgPuVV3xdutPJpcLSzPywlqrX1kmaYzI09pF7_2Yq-qmUPlHidNq81UVnkCv9VIFYs8l2ObrtS2djNjHI4_ByewSFWNIU0V10lnz4fpgOIQsicSeRwW25uyFj0qky1qJUBVinVCcUORnftLJqS9iCEKFmownV_Y-r3SE_ARN2HnnS32fZvDWo_Gkgiun5YdsNS60ikyGB1kLfWBWbP6byzA_cNl6Tp0XY32rA5cHOKZkvku2ufu9GD9MYfES1Y6DFOpO93BXfPs_eXi8J1IJ-8gnQBxVR-R_txp2ftwMVejWa5I5hTRyvg

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 e99aace94e6e5873e27022e22519b6a9 Show response
pv.medialead.de/trck/epv/ Frame E6B7 0
327 B 113ms
29ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=46236200220383004444990012593020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 07 Feb 2024 20:04:03 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2

200

htlp Show response
futalis.de/ Frame 245E
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=46236200220383004444990012593020&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283

350 B
400 B

112ms
32ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:04:03 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 / Show response
adv.office-partner.de/ Frame E436 930 B
923 B 115ms
24ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Wed, 07 Feb 2024 20:04:03 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Wed, 14 Feb 2024 20:04:03 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8A72 2 KB
2 KB 188ms
86ms Script
text/html 18.134.223.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=46236200220383004444990012593020&nw=1
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.223.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-223-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0bd172897bb7d8551e7ad6020f9043ca7752eae6f3cee3b19c0b82fad73c63c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
last-modified: Wed, 07 Feb 2024 20:04:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Wed, 07 Feb 2024 20:05:03 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900020.redintelligence.net/ Frame 9715 7 KB
3 KB 79ms
27ms Document
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request.php?zone=vjdy8w6hewcq&nw=20&renderingType=javascript&namespace=5d8bbbbf80&subid=&uid=332f8af1d950d12b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=970x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC105uMuLDZar5Ha2C_NUP77GAqAim5b2gaZWTnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9AFP0KfRj63u_Tdeaz1IKWJgZEkYo6DhS1YFFpRrgomAAb6PQaPGOPAQ2miSOFmGX4T9ke__jBiTI47wLSuAoUpJ7nPU-AsdwUEmdeNf3FBahQ2yEJDd6hPNd6DXygvHWx4T5ZLZx2aewBCjRhZOsuHzdN_BKYsB79sKWAfGu1yfc9x7iF2BKy1z661L78AuGyDYjrnZPHd2CtlInt3OruJdloND7UyoE7tGqqzmFu7_bMJ69_7DjwXedVZCikNVCBhQ_BjSvMlNUYlJ_etKqxpsgHgN13REwYCUk2Go0gDRKdyWgUr8-QJrfj8TpDfvSLfrF6CBwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNnz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_2-nypxS9IiSaPLNlmbhby-3Li1SA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-AvxrdjL-6tZAZC4hgk_jCHBrFLH1xwPkuHw0L0hhTtLvqq5phje841Edd7s1uMqk2RMx2XRguoA1aj17klqpiIHITxMVIgkQQXy4XqiP6dzX0xHQ0UncgorOKpCnTOsJjLneYBxB9-WOMJalApyg0PbeYYG-RGLHVv2qu4Iudk9jACwGk%26cry%3D1%26dbm_d%3DAKAmf-C9TpdO2ciHNQe9DB4kZG5sHh3iP_yPRbXL1DKBxJfA9EOE6oyvh_ORw-5yXOuMj5VAcmv8J0cx4Aupi5g8Ncm2iZ0ZQ2pEDxqnFLRDTAXs_a-_slrzC_-eCRhEoLPEL46MEOJ3XO34lvwdK-3hZsw4rLzllThulIColLqcUjl2q2Pvty1a4lL975lo9MWMI47DMIEZ7B_hiGy4b-t6EF3YWwxOz4sV3gvUHf7Sy9zWwM178rohuHze7xKBpXCWv0v8lao8cBw5NRQ1WFS6YPrAdMAe6CiRC4pOcv4T1q5GVKZEBPFXz5vFhmn8COVr9U1XRQa_ZlQCFVDCUHB1m3g31qWzwwUaKVgi0iLZqR8uL18ynUZMsJpxz_BvlirfAtb_B-DA6tYxRxywxKCX3BlpE0LFuB3NC4Q1liCcM5Quidw_i3Mnk9LiXqRU3FMbu_Ki4PJT7O2RFY-WG2GF_FEk85xXIJk-4YkCoEumomxVfc9oGNumrG1eDf82Al4mP8u6hwbqnlhQz9wlfBoAw2BVzcURyu1Z5qk3LKtOzX16buqgjBSZRMUY32cZF_JS5lTnqgNP%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=5981760026019&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: 4d3c8707b78d196b7c9489810f247fc5f0f72e56404c76fe1f1e22531b3a3e59

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2201
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Feb 2024 20:04:03 GMT
Expires: Wed, 07 Feb 2024 20:04:03 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 e99aace94e6e5873e27022e22519b6a9
pv.medialead.de/trck/eview/ Frame 8A72 43 B
360 B 114ms
31ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873e27022e22519b6a9?subid=46236200220383004444990012593020&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8A72 43 B
705 B 155ms
87ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=46236200220383004444990012593020&pv=1

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 8A72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf33e8d7603a5dad76fc5eb9e9bf77e7a5a2608f30fd42cd76ecaf441385f32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 191C 0
326 B 77ms
31ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64032200205360504444554012593012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Wed, 07 Feb 2024 20:04:03 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2

200

htlp Show response
futalis.de/ Frame 9D12
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=64032200205360504444554012593012&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284

350 B
401 B

106ms
27ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:04:03 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 7424 0
326 B 76ms
31ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64032200205360504444554012593012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 7424 43 B
360 B 75ms
30ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=64032200205360504444554012593012&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7424 43 B
705 B 152ms
98ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=64032200205360504444554012593012&pv=1

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=464aebefc1&subid=&uid=aef8f528e2b30506&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCDQiIMuLDZaz5Ha2C_NUP77GAqAim5b2gaa2VnKfJD_AuEAEgwqbWG2CVioSCmAfIAQmpAr61OiB4DrI-qAMByAObBKoE9wFP0C890_XPtvTspRyDCPnsYvXl1n1v6TqPcK-Nq885TB5JjlUq9LxS5vSKInPOJ28v2NlZ_tdjk3wdoiNgy-S-HX4D29hOXpVtvR0EUW0poC2w0ptnHXgDstGczQkLnc8mo-qjRTr84z_iqMMFFRZEDG3ddzewBMxEZ5nBe8A7qA8yII33KJd6a7Xm-2HrHbEeVsbIdIPv96o_6wsj2qY1mUHGa4hPDhO2qShD-aqmiWSqzfW2BHY8T4s3g0g2qJRiSzHp5s2Oh0J0OYvl8m1l2May0Z3Zr9yYDVH5cc8ZwEXjVN5hxLHEoBGMvTcvZe9oOlgKownUwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCCYIgOGAEBABGB0yAqoCOgmAQICAhICAhAhIvf3BOlimkfiRg5qEA4AKA5gLAcgLAYAMAaoNAkRF4g0TCNvz-JGDmoQDFS0BvwQd7xgAhbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB%26sig%3DAOD64_1phIp05BElkEaPKjdDVXw65Sf7Hw%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-BzOaqxBPk0Bf7xktZujgGkH1y50dMQfeG9d-lpifHi-WASL58j62gJL8NGBfnkalKPW7OTtXIcxJZv7uf4W-DVZfF05O2yWTKa69x9NLi5ul3Uk02juTWfQUtle_iAUh4b0me8NPDMhfBEMoMouyEiANXUtLlVvHkb6j9kbNjEQ6OknGI%26cry%3D1%26dbm_d%3DAKAmf-ANBikZ4iSYQ7yySIyVRBLpK0AkDh1iaykoXGrmgM6RXAvD7ClVXUIUuKaxEu2UFPdHClNtTvuZBB60GNmsoQI0x7hqaY_rqwCF6o76FNl6R7JzMGNyy3GO7Bqr4RiOvVoowu7H4FVzmO2PQhaxMXVBTCJDSIKcUpOYMnY7bYezqfQAT48tfsKRiveLvn1G0KmOSfGinXqejl5pxAkKqaQpGmIVl76nyhDPLibWAJhsbgDz6COfF99HtfQ96bXqEEC9meFkD1-oO2Xgjb25VEvlvhsdFIkJB5wU5D3jWO6rEBCD-AGsYUnbf3xNBV9d_s0hNf1rqSeiy-2bmgJ9ZKciVAVEefDNHzbgXTLjngB9Q_Uo4oeiIVCSvU_UK9SU8fLOviIu4XsQHJZOmcByiJJU03XwKAUobMvoP1CP08oZ0HI7xCZ-4dBhIzcvrDamDuXAHP-hh7CwWJkSyyKxKq2gVv3l9XlLydjpD6hCjbujS4BZlAneAxwgdMN6iWQKo7NXKPeHDXpAwWL2oT9xa1VNcUNbGNAohBL0SAZxfFlk5PbeMCwM1DmfPC96KwFBjBcc8Ie1%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=4340866850305&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Feb 2024 20:04:03 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 container.html Show response
c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC93 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:02 GMT
expires: Thu, 06 Feb 2025 20:04:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9715 5 KB
755 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:00:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9715 62 KB
62 KB 96ms
32ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank-business-giro-aktiv-1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 7df7b47dd9f3983cfa2fd1666a797d9f279f91750b5a12317078c625a42bdaa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 63186
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9715 37 KB
37 KB 95ms
31ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: d706ed2253eb38385ed958e31a318e5cb511cb9afb6b0fa160cc4ce1ce669445

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 37453
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9715 46 KB
46 KB 90ms
29ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 5ee6e83bedf36cf374d5c6d543cafd9d2da747484b1a1af4c20b530a731f18a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 47337
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 9715 57 KB
57 KB 91ms
30ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: de2c690149e55ddd28af36ba3f0030455f333a6fdc3ad3f8b6f46a2fa931e9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 57900
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame BC93 4 KB
744 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 18:46:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AAFD 14 KB
1 KB 32ms
31ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 18:55:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame AAFD 2 KB
822 B 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/ Frame AAFD 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/abg_lite_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA5E 143 B
166 B 29ms
28ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 19:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame AAFD 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC9E 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 08 Feb 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/ Frame AAFD 20 KB
8 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 20:51:32 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AAFD 0
0 31ms
31ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmDadRR8RCHZP3vq65JGLEqHHXUvUGACfS-MyKhExhQWzJrR6VaRqSV05txC0SnJ6fYiO2cac-AZUkgTncXlb4sxqFVA
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAFD 205 KB
65 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame AAFD 37 KB
16 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 06:36:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 May 2024 18:57:20 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/ Frame BC93 22 KB
9 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 21:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81863
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
server: cafe
etag: 11136001603933606047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:19:40 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC93 205 B
295 B 84ms
28ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:04:37 GMT
x-content-type-options: nosniff
age: 89966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Feb 2025 19:04:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BC93 604 B
919 B 82ms
26ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 22:03:48 GMT
x-content-type-options: nosniff
age: 79215
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Feb 2025 22:03:48 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame E436 183 KB
65 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

121a1b2a831c3b002ee0a74124d8ab22aa6717fead06c9bde037cb97884ee91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66634
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:35:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 20:04:03 GMT

GET
H3

200

activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504 Show response
8019191.fls.doubleclick.net/ Frame 3C95
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504?

2 KB
935 B

68ms
68ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504?

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

4d644993bf9f26cdec4ff534d23351f29e6f857450a1a425edda253018c20fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 911
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:04 GMT
expires: Wed, 07 Feb 2024 20:04:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900012.redintelligence.net/ Frame 3C9F 7 KB
2 KB 81ms
28ms Document
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: a11f9fc8b5c4577540fa78f83c8060580c656bcd4b53a33b31dd4bd3f612aef7

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2035
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Feb 2024 20:04:04 GMT
Expires: Wed, 07 Feb 2024 20:04:04 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7424 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7995657b0ecc6dfeaae739ee0e66ef71fd1cca0856043818d7e014c5e1d8b8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900020.redintelligence.net/ Frame 9715 0
150 B 85ms
28ms Script
text/html 178.63.52.121
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900020.redintelligence.net/viewability?s=46236200220383004444990012593020&a=7068fb6a&vb=m
Requested by: Host: hal900020.redintelligence.net
URL: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.121.52.63.178.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900020.redintelligence.net/request_content.php?s=46236200220383004444990012593020&a=99fca50b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9715 14 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:59:08 GMT
x-content-type-options: nosniff
age: 129895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 07:59:08 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9715 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900020.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 21:56:55 GMT
x-content-type-options: nosniff
age: 166028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 21:56:55 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DC9E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1&google_push=AXcoOmQA_YCipy73sfmjYVp89h2SCAD6wo1XzHMjC6NeFFmicenG_rKHo2y0R6TVZxav54YxnsrlPQrhHbl8h0zfz5vvHIuS8d8z7g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0MzY1MDM1MTY3MTI2Mzg3OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1

43 B
398 B

70ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 07 Feb 2024 20:04:03 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDqtd-hf9P5v9ZRiNoww-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC9E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESENsMXn5A4mCiPXSoXqU7Cjw&google_cver=1&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2d12r8qvOG-s-0
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F5D9468EC6644C89033117B2ED1FA24&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F5D9468EC6644C89033117B2ED1FA24&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2d12r8qvOG-s-0

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 07 Feb 2024 20:04:04 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0F5D9468EC6644C89033117B2ED1FA24&google_push=AXcoOmQbK-ro4CyWpgAzZ6NpAC0Q5I6fAs1G_4xhCL_qXyQQ3WvAHCsh3Ns15_i5QOtxreYsVvlhaqSoVfshXf2d12r8qvOG-s-0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 06 Feb 2024 20:04:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC9E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBB7pFlWj2i-IerKfgB-AY0&google_cver=1&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFNDN1gxN0otMjMtN1FRSA==&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvByl8_RCiuc1AUZNfGFGRKkUzk5Aw

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFNDN1gxN0otMjMtN1FRSA==&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvByl8_RCiuc1AUZNfGFGRKkUzk5Aw

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFNDN1gxN0otMjMtN1FRSA==&google_push=AXcoOmSz8Cx6yrEiBro1UMaU5ObS385EZ_PFZz3fJQm2anwmuDbHsZ55jlghnVSq_1jNXrnotvByl8_RCiuc1AUZNfGFGRKkUzk5Aw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC9E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH3z-bPqmHAbb0DHRZWrdj0&google_cver=1&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEH3z-bPqmHAbb0DHRZWrdj0&google_cver=1&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ&google_hm=IH50AGZHY1uGSdZxQCCD...

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ&google_hm=IH50AGZHY1uGSdZxQCCDOxK9

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw3XAaVHlHo4z7hINwXdek1W5T9zlbnMfvvi086bYXRSXv-7jjP4yz6jBn0SPjodLiKvXSG6AiTa2UXIJS0onTECtSCjNrkQ&google_hm=IH50AGZHY1uGSdZxQCCDOxK9
access-control-allow-origin: *
date: Wed, 07 Feb 2024 20:04:04 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC9E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-fe277662-7397-4c36-a22f-09b3575ebc81-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSE2bvLbDVyROxp3UVfO...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&google_hm=A_4ndmJzl0w2oi8Js1devIE

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&google_hm=A_4ndmJzl0w2oi8Js1devIE

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSE2bvLbDVyROxp3UVfOn0plFHXZz-v7DmB6kO3ShARE-cgOIpBojbxSKQtHshBk_dGe_1Sji-OQ5j2s5kiypfpx5k_uT63lA&google_hm=A_4ndmJzl0w2oi8Js1devIE
date: Wed, 07 Feb 2024 20:04:04 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfe27766273974c36a22f09b3575ebc81003
content-type: text/html

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame DC9E 0
45 B 143ms
30ms Image
text/plain 89.149.192.75
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELtgLdem3jXu5gyjpoV5Gn4&google_cver=1&google_push=AXcoOmRccQDBRoG5bnwcwhE4f8zyf8g9FvKPnRCGH-Ufzax74f21RHjRQ479R3AqpITvsP0j35suEf6th6SkbHmlvAxhZupIv-qcBg
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.75 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame DC9E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBBQB5nP-THyXq9EJvEubq8&google_cver=1&google_push=AXcoOmRWb_Sha2JgwcGze41VNHs2YWnOX0MyTL6XP_QMbEEF44wNM2Dsvw_zMrMfOfVv-_UzUPKM5_nHaLh...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRWb_Sha2JgwcGze41VNHs2YWnOX0MyTL6XP_QMbEEF44wNM2Dsvw_zMrMfOfVv-_UzUPKM5_nHaLh-WUIdGaeiN1-DfKPoLT8
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

21ms
21ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DC9E 0
12 B 31ms
30ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jgy3wb7KUtnhDZYRHuPCB-SC0TY8McBAcchd7LuJ8LNa7zw7I8aTF6lE3CbtfW2uDWF_C_QQ

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA5E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:04 GMT
expires: Wed, 07 Feb 2024 20:04:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 20:04:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8A72 56 KB
19 KB 91ms
23ms Script
application/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=46236200220383004444990012593020&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 14:27:08 GMT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Wed, 07 Feb 2024 14:11:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 20217
etag: W/"1ae708ab523e5f77c29668b2cac9b72f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: n-DBFAcPwcnZDhB7LjKAKqNPu6TX6Eew_H-mkTVkp3M_uTiqpum5HA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 8A72 3 KB
3 KB 99ms
24ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1707336543&Signature=ZV-sOxVv8J099JtgdecjoJTlOntgw7NUlvkT-g-9aGijRo4eCNNq4TYlvx8WM-hPg-xqHWDgCZ44-NeHLtntTD9Ltho-UrHdgPycnUykgEWroA76WBrmarxUqPechxcv~u6XVu-fj8lXNpP0Kl0gyj-cGLqCgzc0x0nlF4jTM93MGSQyAAnK6ANdHLP5zvIwtYuKFSXAXd-yMZULPzITMcq~UTMchoBqxIUZCcjvN6YgI6b1knxVatRr7pQLOSRGaGJJVwXndLs7G-P6Ndc8~4CpuFbExwOUVnQ5JRQm0tusO5c-~Nbk8wPEOU26BRD~bjeHuQQx510ncMulvvvs-w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
URL: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 07 Feb 2024 09:16:03 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 53118
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: wHtH41BGYkoZKqLV4cdzVDoFQAyCPCVF-4bLEcM3PAxx3uAhOrI0UA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E436 279 KB
93 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40334992d391799621b1a99dadc78eca7b3e9e49e76273b7eabc71c97756e48d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 20:04:04 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 9D12 5 KB
5 KB 24ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208284
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:04 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 245E 5 KB
5 KB 26ms
24ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3523208283
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:04:04 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H3 200 css
fonts.googleapis.com/ Frame 3C9F 5 KB
682 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 20:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 19:03:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 20:04:04 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3C9F 12 KB
12 KB 80ms
28ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: dce7e6a1409e5ed35f2ec80d016d9a77a563bc26bdb213963c1fb635966f7999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12188
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3C9F 8 KB
8 KB 84ms
29ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: f3361f262cae449d826e00d9d36433431756c16be08cfea33e2879e33337347f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 8152
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 3C9F 9 KB
9 KB 79ms
27ms Image
image/png 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: df16d7a93e03dec1699582d6160e3fb7a297212c3795c9111f490a0d3fea298b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:04 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9492
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response
pagead2.googlesyndication.com/bg/ Frame 4863 51 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 00:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19835
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 00:40:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=1677658623350006&bg=!EBOlE1zNAAZh4eseQeE7ADQBe5WfOKZ5fUf40QLu8ksgLFyF3Ru1QzuBIQI-M4soWPf4AYFHVAhzmgX59VDRQVYTcYLoAgAAAGBSAAAAAmgBBwoAqpO3ae93SlgFA5LPLUM4d5PHr3A11-OqHgA7y6CkDVM2txKkAkTw8xZAbn6VhuXQlBMurFOxocjjd-I7y57VimUQus0EaaIq6fISqsbm9QKlnkGNpDNwdkr3Wsxtfs52V5rvdE1JHS7SfMrJU9LDXIZv4ltJz35edz-E8178IKTG1FvqCW8wZ1hOa8RLQo9lPCngRE_ybuK_zOrpSvaSfDLWaX9Aqx1GOUDMmQLDWTVzMwx0VZqAU-l1MThlP07_PSfVKNz-RRbh2RrX1vahagGJOhuBc06s0NqCfL1M5SnE25dyFm8mwkeZnNN4OENNfU_OcdETS32xM-Z2Qwyi2AHBil2SynLYmpzzueRHGyRB5r8q3fjpB-mY__ai8xBcmNGCiMl5ZN15bQjMjeOx45fSaa2OON3QRYZQizO-bKRoL0lFqKMgCxELaQFPpN2l8M7zwLrFR5EuK_vY8-pUNsPf3bbCcNM5GJ-bMr6ga1tcNienBqovlnmv2Pr-mQBjXqanFuV_lG_miCYsd8L_QlRBytX_fLVlfaj8NSn8T7u3MllbvFqy0xZv7p6zQVmTmijPpyyBn9szv_nZ1KfMiOu0_gDzRArTcWAkDZ8qXnzEcB7oYK8sGhhbxlHIYXPnGgbiQtyHl0LoNvVlwQPWIz89z8k89sb6antlCs29iV3fEn2mLGyRZPyk8lXmnd9PQC0TXSFCuuSJyh9XCJCSLqmSxXL5VKmlDxG34_ZTyUfdK4nXnHUV9r-FraZy85M719ITmRdR765ONp6ID2rbtI8yc7Qub0Q004nVlu8-30RdG-mz1E624T_6vSWjWl9C6-rRTt6_6qg9LG2gK7BNKy8dKAeMR1wR0Zns44vJTNyRxkyo6MXD4m0F9FMDYItho4zzoVXHwSTcIcfJnabXnjC8YBqbPwh37Xu8yZK4wEQoAQsvGllm0PkwopQ4mKMHY_802blZRiKy70MDYE41k-32jRT7KAst_AmxhcqWcP5MiIzWudiN7Rpy8MIXGoButOa_PpSqyhI-tmWigyRFbivd9_TfyCOGI2j2HGZxm2lQVQs6ONh_Tixbnduz45otT0lZEkCiT_YfnTAYbQ3Y12bPp2d6y3YnffH89wLVx0KUcQJyfsj9BT6-u9BW-PVbxiGBzik6t-iiAj4NamWBycQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900012.redintelligence.net/ Frame 3C9F 0
150 B 81ms
28ms Script
text/html 94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900012.redintelligence.net/viewability?s=64032200205360504444554012593012&a=d2f998b1&vb=m
Requested by: Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900012.redintelligence.net/request_content.php?s=64032200205360504444554012593012&a=b13e18e9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 20:04:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3C9F 14 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 07:59:08 GMT
x-content-type-options: nosniff
age: 129896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 07:59:08 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3C9F 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900012.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 21:56:55 GMT
x-content-type-options: nosniff
age: 166029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2025 21:56:55 GMT

GET
H2 200 dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504
adservice.google.com/ddm/fls/z/ Frame 3C95 42 B
401 B 113ms
60ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPrG15KDmoQDFW9LkQUdKnMBYg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=686050602574.7504?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04K...
ad.doubleclick.net/ddm/activity/ Frame 3C95 0
22 B 57ms
57ms Image
image/png 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2dvb2dsZXN5bmRpY2F0aW9uLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiA1ODE1ODAxOTAzMTk0MzM4NjAzCmN0Y19jb252ZXJzaW9uX2J1Y2tldDogMQphcmNoZXR5cGVfaWQ6IDEKYXJjaGV0eXBlX2lkOiAzCmFyY2hldHlwZV9pZDogNAphcmNoZXR5cGVfaWQ6IDUKYXJjaGV0eXBlX2lkOiA2CmFyY2hldHlwZV9pZDogNwphcmNoZXR5cGVfaWQ6IDgKYXJjaGV0eXBlX2lkOiA5CmFyY2hldHlwZV9pZDogMTAKYXJjaGV0eXBlX2lkOiAxMQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFyY2hldHlwZV9pZDogMTYKYXJjaGV0eXBlX2lkOiAxNwphcmNoZXR5cGVfaWQ6IDE4CmFyY2hldHlwZV9pZDogMTkKYXJjaGV0eXBlX2lkOiAyMAphcmNoZXR5cGVfaWQ6IDIxCmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQUNUSVZJVFlfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDYwMzkwMDEKICB9Cn0KY29udmVyc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogQ09OVkVSU0lPTl9ESU1FTlNJT05fQ09OVkVSU0lPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMDciCiAgfQp9CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA1NzA0MjUzNDQKZ2NsaWQ6ICIiCnRyaWdnZXJfZGVkdXBsaWNhdGlvbl9rZXk6IDExNzUzOTYyMDY0MzMzMjkyODU1Cg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"11753962064333292855"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x43c92d53a3c228e1","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xcb2806d13922671b","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0xc18e14f28d953d7d","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x695b3182810fb5e5","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"5815801903194338603","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"11753962064333292855","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"11753962064333292855","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"11753962064333292855","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"11753962064333292855","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AC10 42 B
64 B 56ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoR89yveT_P3BtjxjOWU0kiiug7KW1rABRiiPaTsGf7Bzqo8LbDz46YEEIRWDpWwWoC7G0VwP20w4SU-OvCVv4Ao_3xVwcPUt5Ti5um0KY7z3oKr9Ndi_2t6Jir9QrbWbRdXE-dLSGQwE0My-DBsOuiR-fRea5JNbMNw&sai=AMfl-YQJmQXyGNl0mmVhgeLaMpxxU7lD-0jRZa4Oloy3Sfb2r5dazW-B91UJJtWEC1urf2jLQ8Pvu8LFG9PFfQbwXoixpZ3QKhPllzXswbXN4rCabwal-B4StnJl2HIRANaXtBWEWTVlhRMXMraXQkTQ&sig=Cg0ArKJSzCrSumRFpgeSEAE&cid=CAQSTgAvHhf_voibmkQtie2orLXyV-_OvQVRl5OcQLkAgqq07Ftr7ODG1uumQMGhW9D2j3yAUG45Z7BwWO-UTy5fmBhb_qr_s91DNtYqsw-kHxgB&id=ampim&o=315,86&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=271&tls=1271&g=100&h=100&tt=1271&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8A72 16 B
209 B 95ms
94ms Fetch
application/json 13.42.167.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.167.62 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-167-62.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 07 Feb 2024 20:04:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 141ms
40ms Preflight 13.42.167.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.167.62 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-167-62.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Wed, 07 Feb 2024 20:04:04 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A72 0
20 B 53ms
52ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1135987285287&version=m202401290101&ct=77&x=1&cor=9726261383312600000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7424 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7852110589723&version=m202401290101&ct=77&x=1&cor=9223404187252285000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 30ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je4250v874209990za200&_p=1707336241249&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1173118734.1707336242&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707336242&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&_s=2&tfd=11881
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:04:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.tailtarget.com/	1970-01-21 03:01:12	Name: u Value: fwAAAWXD4jCHygZ9Bt++AgB=
.t.tailtarget.com/	1970-01-20 18:18:29	Name: _ssc Value: y
.adnxs.com/	1970-01-21 03:51:36	Name: receive-cookie-deprecation Value: 1
.udr.uol.com.br/	1970-01-21 03:01:12	Name: UOLID Value: d22d3859-6c05-48d8-8c6a-60e738d2db23\|0
.baixaki.com.br/	1970-01-20 18:17:02	Name: _gid Value: GA1.3.1356005516.1707336242
.baixaki.com.br/	1970-01-20 18:15:36	Name: _gat_uolMain Value: 1
.baixaki.com.br/	1970-01-21 03:51:36	Name: _ga_NLKGGWEN9F Value: GS1.1.1707336242.1.0.1707336242.60.0.0
.baixaki.com.br/	1970-01-20 18:15:36	Name: _gat_UA-144680-1 Value: 1
www.baixaki.com.br/	1970-01-21 03:37:12	Name: _scor_uid Value: 9bc82dcb04204370a3a2dd81f4898cff
www.baixaki.com.br/	1970-01-20 18:15:38	Name: tt_c_vmt Value: 1707336242
www.baixaki.com.br/	1970-01-20 18:15:38	Name: tt_c_c Value: direct
www.baixaki.com.br/	1970-01-20 18:15:38	Name: tt_c_s Value: direct
www.baixaki.com.br/	1970-01-20 18:15:38	Name: tt_c_m Value: direct
www.baixaki.com.br/	1970-01-21 03:51:36	Name: _ttuu.s Value: 1707336242356
.baixaki.com.br/	1970-01-21 03:44:24	Name: _cb Value: BD6o6XsXxpBDNeOT
.baixaki.com.br/	1970-01-21 03:44:24	Name: _chartbeat2 Value: .1707336242425.1707336242425.1.D1Vcc3Bsc_8MDFvMaqU9EJTC8BRCW.1
.baixaki.com.br/	1970-01-20 18:15:38	Name: _cb_svref Value: external
www.baixaki.com.br/	1970-01-21 03:01:12	Name: tt.u Value: 0100007F30E2C3657D06CA8702BEDF06
.t.tailtarget.com/	1970-01-20 18:58:48	Name: ttbprf Value: _gottingen_lower saxony_de_1707336242659_3648182149
.t.tailtarget.com/	1970-01-20 18:15:38	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 18:58:48	Name: ttnprf Value:
www.baixaki.com.br/	1970-01-20 18:17:02	Name: tt.nprf Value:
.baixaki.com.br/	1970-01-21 03:51:36	Name: _ga Value: GA1.3.1173118734.1707336242
.tt-10162-1.seg.t.tailtarget.com/	1970-01-20 18:15:39	Name: ttca Value: _1707336242
.baixaki.com.br/	1970-01-21 03:37:12	Name: __gads Value: ID=5482d8c6f430498f:T=1707336242:RT=1707336242:S=ALNI_MZu2ZCFQKGC1XGQPrQelOCiHaIJrA
.baixaki.com.br/	1970-01-21 03:37:12	Name: __gpi Value: UID=00000d5321553b95:T=1707336242:RT=1707336242:S=ALNI_MbHMNWGOhviyD77b8LPynWNyoUCNA
.baixaki.com.br/	1970-01-20 22:34:48	Name: __eoi Value: ID=6308ab99ef9ae28f:T=1707336242:RT=1707336242:S=AA-AfjaATLF1TmhIIT_g7oH3bQME
.navdmp.com/	1970-01-21 03:51:36	Name: nid Value: 141957f87abb4145627568b3e210\|0\|67
.t.tailtarget.com/	1970-01-20 18:58:48	Name: n Value: 1707336243
.baixaki.com.br/	1970-01-21 03:01:12	Name: nav13767 Value: 141957f87ab8758719cfaeef2910\|2_39
.doubleclick.net/	1970-01-20 22:34:48	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:34:48	Name: APC Value: AfxxVi4ECkfX4uNCA15E9Timsh76G85zjwLdBG2Q5n5RwVWeqJLuyA
.adnxs.com/	1970-01-20 20:25:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImSE/`Nn!@wnfH8K6pQK`!5=E<L5?%M50tOA02atxm4-o.W2He)-mWYZdA*[cwhR$n%nugO%v4VB%nn$M)yA8H
.adnxs.com/	1970-01-20 20:25:12	Name: XANDR_PANID Value: qdDF1bHA3D4JvRNmuNm0I7JNgthT3WmAqkYTiy0_fpncqWCgJX-92y-jHvs3APPxnlyH_g761LaRbCf9YYfoxUa4YhuH6V66Z-xrOQNQYaQ.
.adnxs.com/	1970-01-20 20:25:12	Name: uuid2 Value: 2937259073741691896
.casalemedia.com/	1970-01-20 20:25:12	Name: CMPS Value: 2135
.goadopt.io/	1970-01-20 19:42:00	Name: VisitorId Value: 6de954ab-0c83-4587-95aa-da5d8dc19bc2
.baixaki.com.br/	1970-01-20 19:42:00	Name: AdoptVisitorId Value: GwEwpgnArALAhgIwLQAYDGAOAzEmUMDsS0ccSIcUIGIaAjBAmgExA===
.doubleclick.net/	1970-01-20 18:58:48	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 03:01:12	Name: CMID Value: ZcPiM9gQh71y01F2qr7IHwAA
.casalemedia.com/	1970-01-20 20:25:12	Name: CMPRO Value: 2135
.redintelligence.net/	1970-01-20 20:25:12	Name: 8lcfmzhxc8d6_uid Value: 87e8e458848b95af
.doubleclick.net/	1970-01-21 03:37:12	Name: IDE Value: AHWqTUkecoxAT163JbyHBUHM6Y5utW9kQQCJRwFvKmAgBPdTBJCHm85E-TE0h3aHAKM
.retailads.net/	1970-01-20 18:58:48	Name: ppb2172 Value: 3523208284
.baixaki.com.br/	1970-01-21 03:51:36	Name: _ga_KDJP529EVF Value: GS1.1.1707336242.1.0.1707336243.59.0.0
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.awin1.com/	1970-01-20 18:25:41	Name: awpv11601 Value: 113440\|1707336243\|0ad1d580-c5f4-11ee-86b5-22356fe9f584
.office-partner.de/	1970-01-21 03:51:36	Name: source Value: {"webgains_webgains":{"timestamp":1707336244003,"clickCookie":false}}
.doubleclick.net/	1970-01-20 18:15:39	Name: DSID Value: NO_DATA
.futalis.de/	1970-01-20 19:42:00	Name: raSIDb Value: 3523208283
.simpli.fi/	1970-01-21 03:02:38	Name: suid Value: 0F5D9468EC6644C89033117B2ED1FA24
.rubiconproject.com/	1970-01-20 20:25:12	Name: receive-cookie-deprecation Value: 1
.turn.com/	1970-01-20 22:34:48	Name: uid Value: 9143650351671263878
.1rx.io/	1970-01-21 03:01:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fe277662-7397-4c36-a22f-09b3575ebc81-003%22%7D
.lijit.com/	1970-01-21 03:01:12	Name: ljt_reader Value: IH50AGZHY1uGSdZxQCCDOxK9
.targeting.unrulymedia.com/	1970-01-21 03:01:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fe277662-7397-4c36-a22f-09b3575ebc81-003%22%7D

198 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.baixaki.com.br/ Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.baixaki.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad.doubleclick.net
ad.turn.com
adapi.smartadserver.com
adoptprodstorage.blob.core.windows.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
b.t.tailtarget.com
baixaki.com.br
bk.ibxk.com.br
c7155ed8ce748af998a9801faf216948.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.navdmp.com
cdn.pn.vg
cdn.retailads.net
cdn.track.production.webgains.team
ced.sascdn.com
cm.g.doubleclick.net
disclaimer-api.goadopt.io
dsum-sec.casalemedia.com
euw2.smartadserver.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900020.redintelligence.net
ib.adnxs.com
id5-sync.com
m.t.tailtarget.com
mab.chartbeat.com
me.jsuol.com.br
onetag-sys.com
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.rubiconproject.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
t.tailtarget.com
tag.goadopt.io
tag.navdmp.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
track.webgains.com
tracker.bt.uol.com.br
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
um.simpli.fi
usr.navdmp.com
www.awin1.com
www.baixaki.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.138.189.90
13.42.167.62
13.95.152.229
136.243.149.243
142.250.186.70
142.250.186.98
162.19.138.116
172.64.151.101
178.32.197.49
178.63.52.121
179.191.182.65
18.134.223.160
18.66.147.120
191.235.248.36
2.19.11.162
2.20.213.154
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2600:9000:211e:f000:1:bcff:6780:93a1
2600:9000:2134:dc00:18:1fcd:353:c61
2600:9000:2251:b000:6:5b96:3f00:93a1
2600:9000:2447:2000:6:9eb2:5cc0:93a1
2606:4700:20::681a:1e8
2606:4700:20::681a:ab
2606:4700:20::ac43:4637
2606:4700::6810:ef3
2804:49c:3101:401:ffff:ffff:ffff:50
2804:49c:3101:401:ffff:ffff:ffff:52
2a00:1450:4001:801::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c1b::9d
2a01:4f8:d0a:2321::2
2a04:4e42::714
2a0b:4d07:102::1
34.102.185.99
34.91.62.186
37.252.173.215
46.228.174.117
49.12.16.151
5.135.209.97
51.75.86.98
52.71.60.78
63.33.221.51
69.173.144.165
89.149.192.75
91.121.248.44
94.130.102.164
99.86.4.53
00e048de0769316782958affb433958edc4633a88e40026e6060d9f2ce133d19
043101c9f6d0b6cc8c87f0b73b9127d439e21aee8bffa1f9e1b678156f218224
04a5eb2c4ba6aebc816c3005f46a65cc24cc3f3c4945cd7ab0b9d47975c7afb7
04b6ba0d565ef83556df0460ce7ab14673b9f985273ddc3644cfd4314b734fd2
053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0916161b872cb4ab6f1dfa7c20750a8fce580a4d5c32ba25e186b94fec118e90
0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba90cb51345c9930452694fa5873ff972ab01afbd8aebb7238280edaef27cd1
0bd172897bb7d8551e7ad6020f9043ca7752eae6f3cee3b19c0b82fad73c63c6
0e958649e6e64e1567901095ba7b50bb253a35bb3ead1a40d58469d44c9082e9
0fa5e8321fa9c5f29b423dfedd6938f1e3adec63bed2a4eb483b99d306773862
0fb0436cc7262742d2a5a5e046e2eeeeaaaed737b9243d81a1f3b887d5bfacc0
121a1b2a831c3b002ee0a74124d8ab22aa6717fead06c9bde037cb97884ee91b
157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a2b5bbe1da4bbd5034327f80902b8f015a1658b0fbd724cdc7a621d70006219
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1ae49785418651789e5d4065e40836ad8109349602a7dd80e8b8cae3bb95fd4a
1ce30851a7cf6f3641312079f5050ba5aa2af667fe8a05a77e1a1a3378337fdd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
1fc62d07ee31b6a09ca4623334f43939fcbe50b2f578edbd41b1b4662017f0d4
200d423c6a92f6b30962639b5bc12ffd5722dd89c44288e79a1a4357bc38cfd9
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2484625b29379d93ac7c72f1ca0292f7864e5a02e7365285cb360cdc26466756
25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337
267f68e1983953cb2664778a41f51b79234dca69b709aeceeb398727f82e0e06
28a3b8c616cc8b88edddc9991c5be70eef6b2b368d70688f2c18ceae508ec1bf
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2bf33e8d7603a5dad76fc5eb9e9bf77e7a5a2608f30fd42cd76ecaf441385f32
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b
345f5e0d0c54f7e0e8449e49333deecd2b361a6d7a83f5d51b480cef5deb304f
357a4039dd60a8815aea248de302d940fb2a8382a10a97a0b2d34e9b5ba9f169
37d5b07c436cfe35ab0ea2083b687e03cf6df5f288863c988f997e258b2a9751
37ed4a820778a1378b11ece01bdcdd5827ffeaabea87cc769a58db827b5a33b2
383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3868f0d5d745fca408931bd18ffc5e54f0d996d5574ac8bed05511bfed3a0683
3bae9c23992a3a8f853adf10725c8914f6ad9c6bda715eea7953db479578d0a6
3c6086e35af2959663bbe81f4ab5a514fe36c03dcaa8ed528f85ef80d41b0f23
3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f
3e6545bb52550280f4f6fd9cffe595e39dc7b825780d02dcf64429de2e196527
3f9c74b7349b1c19b614e66a7516ba9c652a8f47b55c75f8cdde02c3d72f91ae
3fef45121c5bbe390c2c49542cd819db4ac02c7372fc8a937b9679cc1487bc68
40334992d391799621b1a99dadc78eca7b3e9e49e76273b7eabc71c97756e48d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41fa3f4dd84335e6366c58d8f91784bee4e953fa38da2dbca60011e32528e692
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
442f1dcc6e34fb1fb96d2d55a3163b32c12292d5bd4b870c699ac9b50b8f4ac5
454084caeff0e68366d72d6b2cb97db005f4b25a297c35a6a4b6f43c1c4f4afc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b21c5f9f57baf05b6bf4dfc0dbdf43665922781cd672eecda73c2c67dd7c780
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf23ab2768519d256e54c43cd4b1b0847337268901eaf706be8e8056c47ede4
4d3c8707b78d196b7c9489810f247fc5f0f72e56404c76fe1f1e22531b3a3e59
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d644993bf9f26cdec4ff534d23351f29e6f857450a1a425edda253018c20fb8
4f85492c07bce94a5c0bc651b12d1d0638851a0545d596e49f51fff8607ddafc
4fa6bc2d340d73dfa39dc2aad620ef6c18d647cd7f6aee8b45edcbbf651cf6d5
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
527dab5e3cb7c7aaf68f30ec478a4ba06a1d39f4f6ffda8f6c6c7f1624cc86f5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
585a0107be50af87bd7514e6b4aacb375c2d7f36fd5dab216a50751b3fb52052
5bd5c712945c7fd4bb37df802aa3908700cb9ac127bb70bfa7b878f51b3e1995
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ee6e83bedf36cf374d5c6d543cafd9d2da747484b1a1af4c20b530a731f18a7
5eea93c6883e2e2b2aeb5e038b0d50da7daad464d7ac8a478d942ea30c1d4278
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cbad870f9c0130fb7e34db92e176c31301f12af220878a3ce9120f256f158a
63620a0dba1a8cb2c34349eec33dfb249661e332c5a772f905565ee947f99e39
666a0b4a808d43c1c467bffbbd3852002b41a8ae83502d84a222d86dcbec3af4
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
68bcca0fa058fff40d15b8e0b5b68c71f664d7d428501220d4dc73175b7023ee
68f67f87e1c568fe26437ef0b37b090b416f9ab8cfc0629c5c9ed765a56f0b1a
6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6cd637854af6709a4dc77e5ddbe438c7ee60f31678d3e1bee2ef441135acb0de
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
72a6f12edae940aca5a959fc80f819f48fb0aa911fc2473abd695fb068946fc9
730299c17ab71a0475ca16e0e2b7f8bfcdc5e1c1b8e7140fb32b61b4617c4c62
73484227af4b6fdd9934f59c9af9cdaa3b94d60606bc55bde5ffd7f8301fbc80
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
758a743a185a227092ebc1d63575595c5e41b7e2810067ffb1b1b2af1e9a8fb0
75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177
7691eaa8c71c03cce156b53d84ff310a3f96e7359fad51333b12a12b5bfaef96
77a5c4b13ce1a7fd939922774ad2e29ac20936eb81d1abd434a51e665002c589
7995657b0ecc6dfeaae739ee0e66ef71fd1cca0856043818d7e014c5e1d8b8c6
79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d6d22eb94eafb53137ff8a33ebbda431cc11343b4fe629c96e0085987b1163e
7d6f5effbbc27c84d02d00e27314803b3c712f34aaf84e65074d65003e6c5108
7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87
7dd9223da61e1cfaf86dd16c4cf5f9b2956a9a106e2e2b66147127475b961f69
7df7b47dd9f3983cfa2fd1666a797d9f279f91750b5a12317078c625a42bdaa0
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
807b8c941e0511d97b5161f070ac03f8cbdcc52a5eba1cf324c67f9375ed10da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b3c2c4c2de02d8f0c63f5b707e71571a7e1d0cd375431817e03a3cbc75e16c
84bc1c57983acda4970c9843b9fc8d7683334b4cf124a2bcb8b68331663612ee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87cfa18cefdfb554a12d9fce7b0937e3bb7eeff563f56314c04c13897891dec1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2cb4923ae61407f9297a2f993f94e8a543775ce2e1a25dedd818168dfa8c69
8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a
8b431851487501b9acf457caa75560ce6b245c7d1848fc87421a0f1673a4fdd2
8d337fe2fbb59d4bc749208f77af949ff3f0161c20f90225850a64f446515d50
8d37612880480efed1ce51abc1fc6195724a0ed41dee5e31806228e3884b3159
8e13cf298d7066e2fd9273194055d53806b567294d81c246a83dcb33bba5b9fa
8ebf49a81d75e0a6098d0d6eb5e73e6e90fd524643f4c0ea51f401b87e4517e7
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
919699aeef5a22f4b7a7c74fee7fe1747aa481fe6e7c78804be8cd9377a997b5
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
92a0df9b4bfc5a6c6dfb537b041fcd69491fd4af423dd1932d7d40ce6d72662c
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
952f4a545636082660a36e042a5fc4f08833978338cb85b731a8c8cdb6a1f9c3
95de0014daeb695ac009d3d7573ca466f492353333ad0b0a1d314f353e3e75d7
97e2394bf9a7f8da8be58be92b63ae2b5dae9980ece6ce5125ecd14075edd5ce
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c28d9cc6f143b820a2f563b3ce9506672cd80ed8de8ac172dc7f621f8d39c35
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a10e20613db5438d11bb90276d180351351fe544a5668556cc4d9c9af4a399f7
a11f9fc8b5c4577540fa78f83c8060580c656bcd4b53a33b31dd4bd3f612aef7
a3eca9711527fe0ef176061b86ddb6380ac65012af5295dc8594e1fd40b43dc4
a4c220e31adf7c0c1336d6d2c0f650165200d61466f9253689b108ba279aa03c
a577e7fb9faad8a5fdc642832ba0bcf65ae0f6205d7f9ae124b08ecfc8e7e579
a5926bca54cd3debd8b5c008457910116760ae4618024998ae5050caa016a4f8
a6d02fa71cb0668b43f8589ada34c6a551dd098543c9aa55e1c9f6ec55125598
a793e42b96003b1651206625487d59ffae4df4fb1be3dc07710b1b3b6faea36a
a8bb6d92eedf4015e70e3ba031f4b93ad395c36210199700a24b306dc2c3074f
a9155740e0abf2a959e4dbc31b1694acb1797e4dda7fe1bd8340a72dc296fb3a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad021b7689741b5fe942c68bc2c782cf8b128a604f7344e5877dd2a67e26eeb0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16d074fd4fdef3ade9ebf4b4b834c2935f8df0d9abf93648b44424c4cb10b47
b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b6eb5e289aa7f91751efe70065d7ff71a9513e6252a7be3bb4c28f9421269550
b80752a98735c74cc0a908b9a6cb6e8332ec3f7effc7b646f2d3dc3f66960286
b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe
ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70
bd96f5382a588d9c81a9abc95dff9fcf067dee7112e89aed8904f034492e1651
bdea9605605180545dbc6b206330af3279d35838674cfde4d36275f377da08bb
c0ad4b5f0900cac6c3de73cb4b66956e765e781fc184447b961c7427387797fe
c3af1fbc2739496098aa893434005af29595ced58abb620a02b51b9af1c2a23e
c43e3f9a4df3941ad32f38e9f3cc7cb1d4741e11c0192f1a7c63b1e2c4ccc8af
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc21b6152673f272b851d59e78f7955a8b4d4a462b1e3297caf4f80ed04fc5b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c60ba68980498a63737a808cf1582224ba835595b2e961c9710dda2b05a220
d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165
d706ed2253eb38385ed958e31a318e5cb511cb9afb6b0fa160cc4ce1ce669445
d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86
da82f01428de41bebfedbedfe2758031978fdb83814ef13c05cd5d1c483cf3f8
dce7e6a1409e5ed35f2ec80d016d9a77a563bc26bdb213963c1fb635966f7999
dcf248657f7ecf60d7d503e15b6a88b90a137710788271fa50b090af18d419b5
ddd3ce5c733e04011314e3fd1832a4a525f03a9b62ad2b3348f42d5213664791
de2c690149e55ddd28af36ba3f0030455f333a6fdc3ad3f8b6f46a2fa931e9f6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de739e14ef691c50489eada706b9031c815f962fbf7624a67f76b24ae404f81f
df16d7a93e03dec1699582d6160e3fb7a297212c3795c9111f490a0d3fea298b
e0a33296a73e113cab1deff66aee1e7ae7ffb2731f6c839fbd2dfd331d4a026b
e0a40de9156383190a80f61ab39446efb7b47ee82d60d91eec9b459d152ee42f
e2b78f09df95329c3babde414180f16392089187c022a864323c920354d014ce
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b3bce3c1b15a775ce649ad31875c6dba16c4df5b1b48dc879f4ed175b8f04e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7b5110727771b2c728a77387937413360b7c81afe6b78c2d379f9382d5762f9
eaa9ab6a453b08f674a98cdbe87c3dfabcbb857113a37e2084afc47efcfcd1ff
eabf077afee9223da9d576fb1c8d876f717ee32f7fc28d18afd4d191af235b3f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369
ee4e1990dd9900184432f53264e3cc4410f10575f7c937ffc994e5054ddb8810
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8
f3361f262cae449d826e00d9d36433431756c16be08cfea33e2879e33337347f
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9daf103110d320d6e4f7ddedda404a5f342e950e478041f5f8b547cf7e481eb
fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a
fbec7553602541b7afd63e1e7fb2d7f8f7ccf8788c341c8a1e0d3b9cfc1f76b4

www.baixaki.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

291 Requests

93 %HTTPS

49 %IPv6

44 Domains

72 Subdomains

56 IPs

9 Countries

3238 kBTransfer

8241 kBSize

56 Cookies

25 Outgoing links

Page URL History

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

93 %
HTTPS

49 %
IPv6

44
Domains

72
Subdomains

56
IPs

9
Countries

3238 kB
Transfer

8241 kB
Size

56
Cookies

291 HTTP transactions
9 data transactions