www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.baixaki.com.br/
Effective URL:
https://www.baixaki.com.br/
Submission: On January 11 via api (January 11th 2024, 3:54:41 am UTC) from US — Scanned from DE

Summary HTTP 272 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 35 domains to perform 272 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on November 28th 2023. Valid for: a year.

This is the only time www.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 66	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::ac43:4637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:207... 2600:9000:2070:c000:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	107.22.81.169 107.22.81.169	14618 (AMAZON-AES) (AMAZON-AES)
1 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	191.235.248.36 191.235.248.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.95.152.229 13.95.152.229	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
10 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
7 13	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 9	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 7	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.214.144.54 35.214.144.54	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	13.40.252.97 13.40.252.97	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.85.92.67 52.85.92.67	16509 (AMAZON-02) (AMAZON-02)
1	52.222.191.108 52.222.191.108	16509 (AMAZON-02) (AMAZON-02)
2	3.9.60.26 3.9.60.26	16509 (AMAZON-02) (AMAZON-02)
272	44

66 179.191.182.65 (Offenbach, Germany) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)

www.baixaki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bk.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2070:c000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.81.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-81-169.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ab (United States)

ASN13335 (CLOUDFLARENET, US)

osp-assets.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 191.235.248.36 (Campinas, Brazil)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adoptprodstorage.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.95.152.229 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.smrk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.90 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.144.54 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.144.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.40.252.97 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-40-252-97.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-67.ham50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.191.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-108.ham50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.60.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	599 KB
45	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 316880	345 KB
42	ibxk.com.br bk.ibxk.com.br	206 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	567 KB
24	baixaki.com.br 1 redirects www.baixaki.com.br	271 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796	7 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	207 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	8 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	109 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 47118 hal900016.redintelligence.net — Cisco Umbrella Rank: 183227	55 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6 adservice.google.com — Cisco Umbrella Rank: 189	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	4 KB
5	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 160214 osp-assets.pn.vg — Cisco Umbrella Rank: 281955	77 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	260 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	329 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 35667 api.webgains.io — Cisco Umbrella Rank: 70957	19 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 39084 medialead.de — Cisco Umbrella Rank: 38855	851 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2311 mab.chartbeat.com — Cisco Umbrella Rank: 3573	26 KB
3	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 45211 usr.navdmp.com — Cisco Umbrella Rank: 50426 cdn.navdmp.com — Cisco Umbrella Rank: 33736	6 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 2019	448 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 731	954 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1559 s.tribalfusion.com — Cisco Umbrella Rank: 3590	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	515 B
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 224091 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 231700	100 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 77762	3 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 15485	704 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 60073	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 340274	924 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1467	415 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 620	614 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	715 B
1	smrk.io p.smrk.io — Cisco Umbrella Rank: 303270	566 B
1	windows.net adoptprodstorage.blob.core.windows.net — Cisco Umbrella Rank: 805298	5 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1643	201 B
272	35

	Domain	Requested by
42	bk.ibxk.com.br	www.baixaki.com.br
31	pagead2.googlesyndication.com	www.baixaki.com.br pagead2.googlesyndication.com 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
28	tpc.googlesyndication.com	www.baixaki.com.br securepubads.g.doubleclick.net 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
24	s0.2mdn.net	www.baixaki.com.br s0.2mdn.net 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
24	www.baixaki.com.br	1 redirects www.baixaki.com.br cdn.pn.vg
19	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net www.baixaki.com.br 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com www.baixaki.com.br
7	ad.doubleclick.net	1 redirects www.baixaki.com.br 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net www.baixaki.com.br
6	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	securepubads.g.doubleclick.net 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com www.baixaki.com.br hal900016.redintelligence.net
5	7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	hal900016.redintelligence.net	1 redirects 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com hal900016.redintelligence.net
4	hal9000.redintelligence.net	7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com hal900016.redintelligence.net
4	www.googletagservices.com	7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com www.baixaki.com.br
4	www.google.com	1 redirects www.baixaki.com.br tpc.googlesyndication.com
4	cdn.pn.vg	www.googletagmanager.com cdn.pn.vg
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.baixaki.com.br www.googletagmanager.com adv.office-partner.de
3	www.gstatic.com	www.baixaki.com.br 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects www.baixaki.com.br
2	pv.medialead.de	hal900016.redintelligence.net 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
2	sync.teads.tv	1 redirects www.baixaki.com.br
2	eb2.3lift.com	2 redirects
2	www.google.de	www.baixaki.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.chartbeat.com	www.googletagmanager.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	www.baixaki.com.br
1	adv.office-partner.de	hal900016.redintelligence.net
1	csync.loopme.me	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	um.simpli.fi	1 redirects
1	s.tribalfusion.com	www.baixaki.com.br
1	a.tribalfusion.com	1 redirects
1	p.smrk.io	cdn.pn.vg
1	adoptprodstorage.blob.core.windows.net	www.baixaki.com.br
1	osp-assets.pn.vg	cdn.pn.vg
1	cdn.navdmp.com	tag.navdmp.com
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.baixaki.com.br
1	usr.navdmp.com	tag.navdmp.com
1	disclaimer-api.goadopt.io	www.baixaki.com.br
1	region1.analytics.google.com	www.googletagmanager.com
1	tag.navdmp.com	www.googletagmanager.com
1	tag.goadopt.io	www.googletagmanager.com
272	55

This site contains links to these domains. Also see Links.

Domain
www.tecmundo.com.br
nzn.io
www.megacurioso.com.br
www.clickjogos.com.br
igoal.go2cloud.org
disneyplus.bn5x.net
bit.ly
amzn.to
net.geo.opera.com
nzn.gupy.io
goadopt.io

Subject Issuer	Validity	Valid
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2023-11-28` - `2024-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
pn.vg GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02	`2023-10-23` - `2024-06-27`	8 months	crt.sh
smrk.io R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.baixaki.com.br/
Frame ID: 07897918A77BE687B149F466EC7563EE
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 9EE032E2720F21E5468A832B6B098925
Requests: 1 HTTP requests in this frame

Frame: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 69C1258F30D34DD1F27E0A42242E2A0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1704945275&plaf=2%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704945275592&bpp=4&bdt=3216&idt=324&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5709022722332&frm=20&pv=2&ga_vid=1951152624.1704945275&ga_sid=1704945276&ga_hid=1417375104&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079437%2C31080260%2C31080333&oid=2&pvsid=3679401967722405&tmod=1811113091&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=336
Frame ID: 3635979FBF22BC821456058C3A3B54C0
Requests: 1 HTTP requests in this frame

Frame: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47008C55685E73434C686C1ADD997324
Requests: 13 HTTP requests in this frame

Frame: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8140CDB4DFC43C47FDE3777AE4E2E39F
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 891ECF67DF28AC13500A2CD38F7BE47B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs
Frame ID: 40E810562F2ED7F79D33D2C8E3AC6F29
Requests: 16 HTTP requests in this frame

Frame: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3D0671F38B37615BB3E064229A571690
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNXyXRGLZqbXYdON4tt6D07Wvo4hiHlBaxIEQH6IvoAtXvp3Xc0xEyMCFuYZXiTlK2Ta__KpWfCKgmDcEV9aYnMFtwuBT0vFTUC_bLJkgLbkr1RuWZ5MAC8h5NJZN1v9pX1IW8wfzHJFxnejcOouUPDejdMInyrVCPG06NpY4xErt3lcOKU
Frame ID: 7F25360A35AD70C4BC3D4B48ACCB23C1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJGX74ICMAE&v=APEucNWch16gXdI-0TEUPrxaHWKkNlYRLyLwisBfJLLQ9gMSPxFuALGStW9oJA1Tc7rr4Xb3Awt05C1nNtNfnW85CUka5klJfwU3RBEC8eOaKGBxS2UXHuP30m-vzm5cX1U787q_gQ0C6zaav7iXSuUYqrNIbMBoVTucLLmByVQOCW_Fo5Gtqe4
Frame ID: C200EC763FE70F6547F3D49982D014DD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV6CZ1bcXO1NTCt6iB-_6vKYat57nb6StKNohZuT8fug_xZgS_w9dKwy3BtDoxoW9QaRlSycir5pgkJZ-Lqg_3veTIq9VTHg8Id4WZUixSJzdMVOx29KkJvdHToENuQZQYOwG5qkvU1bXemOhkqd-5UTKcswJ8_8zflwWSGFTq8mdn_Hr4
Frame ID: 8A22DDBDD94F2FF6D347E2E22D0DBD00
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2B888CA5DBD8E0D5A0D606DD11FF38B8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 55634AED0A94902F5EFFB7D5E8BA5DD9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
Frame ID: DCCA8E41DC49B6775554A63C9CA87F06
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
Frame ID: 39C68BABFC151434F05C262C42D357A4
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 521BC9B2F365BCAF25282BEED3AC1B63
Requests: 3 HTTP requests in this frame

Frame: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DEF4716F28F665A815F521101E8B628C
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E17B427F93575711DEB8768513E09526
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 125B0F4F2823725CA72B4BE4DEBF5AD1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C517EF9578AE1C2BA0275932630D385
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: 0AA88C0C2A40DA65BE2515EA1FCBD6F6
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 007D49A9D625BE64FC0ADCB651EECA23
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 25931F169178D642A6196A79D0DFD9B7
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888
Frame ID: FD676052657E80EEEDE4870E787697B4
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Frame ID: 94BD00BB106BE6C25AD83E9D92D2F5DC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17D241EFD65021A7395560483BDD789D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 18332B104EB7A705EE644E688E4B2267
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baixaki - Milhares de apps e jogos para você

Page URL History Show full URLs

http://www.baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

272
Requests

92 %
HTTPS

52 %
IPv6

35
Domains

55
Subdomains

44
IPs

8
Countries

3219 kB
Transfer

8658 kB
Size

32
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tecmundo.com.br/videos
Title: TecMundo Videos

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/comparador
Title: Comparador TecMundo

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/teste-de-velocidade.htm
Title: Teste de velocidade

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/cupons
Title: Cupons de desconto

Search URL Search Domain Scan URL

URL: https://nzn.io/#contato
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://www.megacurioso.com.br/

Search URL Search Domain Scan URL

URL: https://www.clickjogos.com.br/

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/

Search URL Search Domain Scan URL

URL: https://igoal.go2cloud.org/aff_c?offer_id=5868&aff_id=1470&aff_sub=baixaki&aff_sub2=carrossel
Title: Baixe o aplicativo do AliExpress e tenha benefícios exclusivos

Search URL Search Domain Scan URL

URL: https://disneyplus.bn5x.net/rQBAev
Title: Disney Plus - Assine a versão anual do Disney Plus e pague o valor referente a 9 meses!

Search URL Search Domain Scan URL

URL: https://bit.ly/49nwHiS
Title: Eleve sua segurança online!

Search URL Search Domain Scan URL

URL: https://amzn.to/40rQs4P
Title: Kindle Unlimited - Teste Kindle Unlimited grátis por 30 dias e tenha acesso a mais de um milhão de ebooks diferentes!

Search URL Search Domain Scan URL

URL: https://net.geo.opera.com/opera/stable/windows?utm_source=nzn&utm_medium=pb&utm_campaign=baixaki
Title: Navegador Opera - Navegação rápida e sem distrações com o bloqueador de anúncios

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/mercado/275751-home-office-44-vagas-trabalho-remoto-internacional-10-01.htm
Title: TecmundoHome office: 44 vagas para trabalho remoto internacional [10/01]

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel/275782-xbox-jogos-95-desconto-xbox-one-series-s-x.htm
Title: VoxelXbox: jogos com até 95% de desconto para Xbox One e Series S|X

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie/275774-sociedade-neve-5-filmes-documentarios-tragedia-andes.htm
Title: Minha SérieA Sociedade da Neve: 5 filmes e documentários sobre a Tragédia dos Andes

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/seguranca/avast-ciberseguranca/?utm_source=tecmundo&utm_medium=cta-canais-exclusivos&utm_campaign=avast-ciberseguranca
Title: Avast Cibersegurança

Search URL Search Domain Scan URL

URL: https://nzn.io/
Title: Sobre

Search URL Search Domain Scan URL

URL: https://nzn.gupy.io/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://nzn.io/exclusao-dados/
Title: Solicitação de Exclusão de Dados

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/minha-serie
Title: Minha Série

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/the-brief
Title: The Brief

Search URL Search Domain Scan URL

URL: https://www.tecmundo.com.br/voxel
Title: Voxel

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.baixaki.com.br/ HTTP 301
https://www.baixaki.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkyFhMVH35hUmcVBxxby3g&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfAXPKP1aH3SZG49StQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfn0p8OqhdjK5wjOfAQosM&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIY9-Wyqkuca_gHEaR90b0&google_cver=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfGjgYzfdBVitGmEeDgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA8lCbmoiG_bum1LUjsOCWk&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

Request Chain 170

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfAXPKP1aH3SZG49StQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKt1Uako9ILI_HkERG5nw8s&google_cver=1

Request Chain 172

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Request Chain 190

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK_f2Yy41IMDFSWp_QcdF9AGeQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Request Chain 198

https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 224

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 225

https://um.simpli.fi/gp_match?google_gid=CAESEFvnNZhnbvmpelsCKe3w3og&google_cver=1&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD2Do_1TKW9tmaa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=702CDFE542E14C2F8E0FB8F1B0FC8D77&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD2Do_1TKW9tmaa

Request Chain 226

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELH9fCTpEWLj-dLwWQpohXg&google_cver=1&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku5HdZRzfFdNNzKKZ2-1fd-Phs2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4T0VCRFctMjUtNjNCOQ==&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku5HdZRzfFdNNzKKZ2-1fd-Phs2

Request Chain 227

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_cver=1&google_push=AXcoOmRmkVyrE6qVm634-p6sHR3dRrgTNjVqD7He8u6xgC35WTwsUreRoCpHbt6FfWF3CDdtvSkjkWanHgr9tKGSJ4SafzlT4D0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_hm=ZZ9mfAXPKP1aH3SZG49StQAADJ8AAAIB&google_nid=index&google_push=AXcoOmRmkVyrE6qVm634-p6sHR3dRrgTNjVqD7He8u6xgC35WTwsUreRoCpHbt6FfWF3CDdtvSkjkWanHgr9tKGSJ4SafzlT4D0

Request Chain 228

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELLVCDrN6MK5rFwBVzxcGgw&google_cver=1&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o&google_gid=CAESELLVCDrN6MK5rFwBVzxcGgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3NDAxNjY2ODA5MzUyNzE0MTM2NQ%3D%3D&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o

Request Chain 229

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKPTtND8PuxiurDMtUTmSRE&google_cver=1&google_push=AXcoOmQagcF-UJT-n7hcvPQqysM5OM3sLh4jC3v7el0LRss2_k--4iAzCcb5L3D38XKt1lO3kIpgGNC6Md8bFJpbEjYUx7-scvMwxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQagcF-UJT-n7hcvPQqysM5OM3sLh4jC3v7el0LRss2_k--4iAzCcb5L3D38XKt1lO3kIpgGNC6Md8bFJpbEjYUx7-scvMwxA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 230

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEK6UyssemCCjNFEEOSOof7I&google_cver=1&google_push=AXcoOmRZe0frT59ksLDEjbKSW8MW9n_9v7xVk8VGUzMr6MCJI8aROB81HYJ35sCfZZxZ0wO1eei3v58eSygChIOppAY-GRVASCvDlg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=93ae5746-f6cb-4ea0-aba1-afc75a2e3a04&google_cver=1&google_gid=CAESEK6UyssemCCjNFEEOSOof7I&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRZe0frT59ksLDEjbKSW8MW9n_9v7xVk8VGUzMr6MCJI8aROB81HYJ35sCfZZxZ0wO1eei3v58eSygChIOppAY-GRVASCvDlg&gdpr=${GDPR}

Request Chain 232

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 246

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888

Request Chain 248

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=

272 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.baixaki.com.br/
Redirect Chain

http://www.baixaki.com.br/
https://www.baixaki.com.br/

202 KB
31 KB

231ms
152ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

/ Next.js

Resource Hash

30608cde5d9928f2fd035e3bedea29796f2dcd947cc6abf8ba1de43b1fe44461

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 03:54:32 GMT
expires: Thu, 11 Jan 2024 03:59:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Accept-Encoding
version: 3.0.7
x-nextjs-cache: STALE
x-powered-by: Next.js

Redirect headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 11 Jan 2024 03:54:32 GMT
Expires: Thu, 11 Jan 2024 03:59:32 GMT
Location: https://www.baixaki.com.br/
Server: azion webserver

GET
H2 200 29175707122011.jpg
bk.ibxk.com.br/2023/11/29/ 40 KB
41 KB 2826ms
537ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/29/29175707122011.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 76426616786a293598663d6a6dad41500ebb34b72c65d68fd54f3e43d29a3215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 54843
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 41410
expires: Tue, 09 Jan 2024 21:01:15 GMT

GET
H2 200 f9bc0d62fd0adc4a.css
www.baixaki.com.br/_next/static/css/ 14 KB
3 KB 150ms
149ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:32 GMT

GET
H2 200 9a1e30072b12ed16.css
www.baixaki.com.br/_next/static/css/ 12 KB
4 KB 266ms
265ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/9a1e30072b12ed16.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:32 GMT

GET
H2 200 c99e2bd6d429f7bb.css
www.baixaki.com.br/_next/static/css/ 124 B
386 B 402ms
401ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/c99e2bd6d429f7bb.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:32 GMT

GET
H2 200 2c2dfa59234d7097.css
www.baixaki.com.br/_next/static/css/ 1 KB
655 B 592ms
591ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/css/2c2dfa59234d7097.css

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 29 Nov 2023 17:23:30 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:32 GMT

GET
H2 200 5360.ba2cdf142814fdf0.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
3 KB 794ms
790ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5360.ba2cdf142814fdf0.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 5192.61cfd4d5795a4697.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
2 KB 908ms
904ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5192.61cfd4d5795a4697.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

eaa9ab6a453b08f674a98cdbe87c3dfabcbb857113a37e2084afc47efcfcd1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 5667.ff0c60e8e0e46189.js Show response
www.baixaki.com.br/_next/static/chunks/ 378 B
538 B 1019ms
1016ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/5667.ff0c60e8e0e46189.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 9370.a198f17fc359d2ab.js Show response
www.baixaki.com.br/_next/static/chunks/ 81 KB
28 KB 1129ms
1126ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/9370.a198f17fc359d2ab.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 6165.abd9219a761e3fb5.js Show response
www.baixaki.com.br/_next/static/chunks/ 13 KB
5 KB 1237ms
1235ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/6165.abd9219a761e3fb5.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

ddd3ce5c733e04011314e3fd1832a4a525f03a9b62ad2b3348f42d5213664791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 1733.d60aaa15716e0d81.js Show response
www.baixaki.com.br/_next/static/chunks/ 3 KB
2 KB 1345ms
1342ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/1733.d60aaa15716e0d81.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

00e048de0769316782958affb433958edc4633a88e40026e6060d9f2ce133d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 4321.b765ee4b1b85f5f4.js Show response
www.baixaki.com.br/_next/static/chunks/ 1 KB
795 B 1452ms
1449ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/4321.b765ee4b1b85f5f4.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

a10e20613db5438d11bb90276d180351351fe544a5668556cc4d9c9af4a399f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 7977.48481e262407791c.js Show response
www.baixaki.com.br/_next/static/chunks/ 31 KB
8 KB 1559ms
1556ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7977.48481e262407791c.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:33 GMT

GET
H2 200 7210.ebe05da746aa9623.js Show response
www.baixaki.com.br/_next/static/chunks/ 5 KB
2 KB 1667ms
1664ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7210.ebe05da746aa9623.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

0e958649e6e64e1567901095ba7b50bb253a35bb3ead1a40d58469d44c9082e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 webpack-5199c064b75e312d.js Show response
www.baixaki.com.br/_next/static/chunks/ 6 KB
3 KB 1774ms
1772ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/webpack-5199c064b75e312d.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

919699aeef5a22f4b7a7c74fee7fe1747aa481fe6e7c78804be8cd9377a997b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 main-7e04035264ba73fd.js Show response
www.baixaki.com.br/_next/static/chunks/ 126 KB
39 KB 1882ms
1880ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/main-7e04035264ba73fd.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

bd96f5382a588d9c81a9abc95dff9fcf067dee7112e89aed8904f034492e1651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 _app-800a9256be0a7fe8.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 239 KB
75 KB 1990ms
1988ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/_app-800a9256be0a7fe8.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

ae80a23b91ba7b566c8d1076084b51208cf12782828cae7ff4f9f4a70c2ebce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 7899-8ff7a6b4611fdbc1.js Show response
www.baixaki.com.br/_next/static/chunks/ 8 KB
4 KB 2105ms
2103ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/7899-8ff7a6b4611fdbc1.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 29 Nov 2023 17:23:30 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 177-89dcbb9480015c7b.js Show response
www.baixaki.com.br/_next/static/chunks/ 182 KB
51 KB 2226ms
2225ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/177-89dcbb9480015c7b.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 19 Dec 2023 16:21:32 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 index-8f0d443da7bfb88e.js Show response
www.baixaki.com.br/_next/static/chunks/pages/ 23 KB
6 KB 2454ms
2452ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/chunks/pages/index-8f0d443da7bfb88e.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

0ba90cb51345c9930452694fa5873ff972ab01afbd8aebb7238280edaef27cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 _buildManifest.js Show response
www.baixaki.com.br/_next/static/FfJhlToqzZ-68DsvEN7DI/ 4 KB
1 KB 2616ms
2615ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/FfJhlToqzZ-68DsvEN7DI/_buildManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

36b884a5f0f03a5775e648cdf617e6ebb8da3b2d862be709de44b650a7784b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 09 Jan 2024 13:31:31 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:34 GMT

GET
H2 200 _ssgManifest.js Show response
www.baixaki.com.br/_next/static/FfJhlToqzZ-68DsvEN7DI/ 374 B
452 B 2728ms
2727ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/_next/static/FfJhlToqzZ-68DsvEN7DI/_ssgManifest.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 13:32:07 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:35 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 17180102227005.png
bk.ibxk.com.br/2023/02/17/ 1 KB
1 KB 2816ms
541ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227005.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 690
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1266
expires: Tue, 12 Sep 2023 11:34:22 GMT

GET
H2 200 17180102242009.png
bk.ibxk.com.br/2023/02/17/ 962 B
1 KB 2815ms
541ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242009.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 760
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 962
expires: Wed, 06 Sep 2023 19:42:32 GMT

GET
H2 200 17180102242008.png
bk.ibxk.com.br/2023/02/17/ 784 B
932 B 2814ms
539ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102242008.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 777
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 784
expires: Wed, 06 Sep 2023 19:50:38 GMT

GET
H2 200 17180102227007.png
bk.ibxk.com.br/2023/02/17/ 908 B
1 KB 2814ms
540ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/02/17/17180102227007.png?ims=fit-in/76x64
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 665
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 908
expires: Tue, 12 Sep 2023 11:34:23 GMT

GET
H2 200 08111936759001.png
bk.ibxk.com.br/2023/11/08/ 2 KB
2 KB 2813ms
539ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/08/08111936759001.png?ims=fit-in/120x33
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 1087
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1662
expires: Thu, 09 Nov 2023 14:26:04 GMT

GET
DATA 200
OK truncated
/ 153 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 14194056736000.png
bk.ibxk.com.br/2023/06/14/ 13 KB
13 KB 2209ms
538ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/06/14/14194056736000.png?id=sprite-tm
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/_next/static/css/f9bc0d62fd0adc4a.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 8534
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 13130
expires: Thu, 09 Nov 2023 13:25:12 GMT

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 285 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4b3bce3c1b15a775ce649ad31875c6dba16c4df5b1b48dc879f4ed175b8f04e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 21155329371062.png
bk.ibxk.com.br/2023/11/21/ 8 KB
9 KB 2201ms
536ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/21/21155329371062.png?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 6f61f41959b93deb3e86bffcf2d90842bf894e257a1008b19e02cb8e68e973b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 3378
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 8580
expires: Tue, 09 Jan 2024 21:01:15 GMT

GET
H2 200 07175154326015.jpg
bk.ibxk.com.br/2023/08/07/ 2 KB
3 KB 2199ms
534ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/07/07175154326015.jpg?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 527dab5e3cb7c7aaf68f30ec478a4ba06a1d39f4f6ffda8f6c6c7f1624cc86f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 12736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2500
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 24134647326055.png
bk.ibxk.com.br/2023/08/24/ 3 KB
3 KB 2200ms
536ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24134647326055.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b80752a98735c74cc0a908b9a6cb6e8332ec3f7effc7b646f2d3dc3f66960286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 15326
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3370
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 25124848394039.jpg
bk.ibxk.com.br/2023/08/25/ 2 KB
2 KB 39ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/25/25124848394039.jpg?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1ce30851a7cf6f3641312079f5050ba5aa2af667fe8a05a77e1a1a3378337fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 12899
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2086
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 08180032227026.webp
bk.ibxk.com.br/2024/01/08/ 3 KB
3 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/08/08180032227026.webp?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 585a0107be50af87bd7514e6b4aacb375c2d7f36fd5dab216a50751b3fb52052

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 7682
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2562
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 15134917932005.png
bk.ibxk.com.br/2023/08/15/ 2 KB
2 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/15/15134917932005.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 3f9c74b7349b1c19b614e66a7516ba9c652a8f47b55c75f8cdde02c3d72f91ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 42019
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2026
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 30134149355003.png
bk.ibxk.com.br/2023/08/30/ 1 KB
2 KB 2203ms
538ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/30/30134149355003.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 50c4e72fa798bb24c79482212f8b52b541ff39ba8996284f600cfffbca231dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 11520
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1532
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 14195310960036.png
bk.ibxk.com.br/2023/08/14/ 2 KB
2 KB 2200ms
535ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/14/14195310960036.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8d37612880480efed1ce51abc1fc6195724a0ed41dee5e31806228e3884b3159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 13842
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1632
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 11160636711030.png
bk.ibxk.com.br/2023/12/11/ 2 KB
2 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11160636711030.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: e0a33296a73e113cab1deff66aee1e7ae7ffb2731f6c839fbd2dfd331d4a026b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 5901
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1936
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 24172007105174.png
bk.ibxk.com.br/2023/08/24/ 2 KB
2 KB 42ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24172007105174.png?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 46597f812e47136378b7077c08f83421c3e37369700d272945d319d017d0a8b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 2227
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1582
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 08181124928027.webp
bk.ibxk.com.br/2024/01/08/ 3 KB
3 KB 39ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/08/08181124928027.webp?ims=48x48/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8ae3d02bad4f6b49d4023c3130afd4fe03d63f905a8b879df69b445cbc034962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 1396
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2964
expires: Tue, 09 Jan 2024 21:15:13 GMT

GET
H2 200 06150025351006.png
bk.ibxk.com.br/2023/09/06/ 4 KB
5 KB 2198ms
533ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/06/06150025351006.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: de039e06aac753d6376c637d7e83001001e8bccabe34f438f5f420f984f73da3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 10328
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4534
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 08180032227026.webp
bk.ibxk.com.br/2024/01/08/ 4 KB
5 KB 2197ms
532ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2024/01/08/08180032227026.webp?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: a8bb6d92eedf4015e70e3ba031f4b93ad395c36210199700a24b306dc2c3074f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 7682
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4534
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 11160636711030.png
bk.ibxk.com.br/2023/12/11/ 3 KB
3 KB 2199ms
535ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11160636711030.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0916161b872cb4ab6f1dfa7c20750a8fce580a4d5c32ba25e186b94fec118e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 5901
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2754
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 31154355784115.png
bk.ibxk.com.br/2023/08/31/ 2 KB
2 KB 40ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/31/31154355784115.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7d6d22eb94eafb53137ff8a33ebbda431cc11343b4fe629c96e0085987b1163e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 43121
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2264
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 11192759702048.png
bk.ibxk.com.br/2023/12/11/ 3 KB
3 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11192759702048.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f9daf103110d320d6e4f7ddedda404a5f342e950e478041f5f8b547cf7e481eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 336366
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3074
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 24101828553011.png
bk.ibxk.com.br/2023/08/24/ 2 KB
2 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/24/24101828553011.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b6eb5e289aa7f91751efe70065d7ff71a9513e6252a7be3bb4c28f9421269550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 6955
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1760
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 18133808956021.jpg
bk.ibxk.com.br/2023/08/18/ 2 KB
2 KB 42ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/08/18/18133808956021.jpg?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 87cfa18cefdfb554a12d9fce7b0937e3bb7eeff563f56314c04c13897891dec1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 42736
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1798
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 21144751404060.png
bk.ibxk.com.br/2023/11/21/ 3 KB
3 KB 39ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/21/21144751404060.png?ims=72x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: eabf077afee9223da9d576fb1c8d876f717ee32f7fc28d18afd4d191af235b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 792
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2572
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 21153435766004.webp
bk.ibxk.com.br/2023/12/21/ 5 KB
5 KB 40ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/21/21153435766004.webp?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 8e75dc8240282a52a0150d0eb9fa33d126c08113b1d671265efe394ad9608591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 4114
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4804
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 21142700790000.webp
bk.ibxk.com.br/2023/12/21/ 2 KB
2 KB 41ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/21/21142700790000.webp?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4a9e7924f92aa4b7dc2908da939de89dfcd62360ceadbb097bab1e8f7554bb80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 1554
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2030
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 20194258778001.webp
bk.ibxk.com.br/2023/12/20/ 5 KB
6 KB 42ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/20/20194258778001.webp?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 01e2fd2523c4b0e078bc316025697875d18c612ee54f491807679ecdfc51d637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 7970
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5596
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 20190936325014.png
bk.ibxk.com.br/2023/12/20/ 2 KB
2 KB 43ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/20/20190936325014.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c210128cf5f2fa3894b07115ebf85bfe774eb19bb9a3284f5fff5a71de49d2c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 1693
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1790
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 20185004974011.jpg
bk.ibxk.com.br/2023/12/20/ 5 KB
5 KB 39ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/20/20185004974011.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d268845e1bbbff18ed627d0263a2f3b63e9719b3355fe7f6beec6c42970141f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 37162
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4990
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 20182413617006.png
bk.ibxk.com.br/2023/12/20/ 4 KB
5 KB 44ms
43ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/20/20182413617006.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1a729cf99ecdfe433031fad54c512cc762ea556eebdf171cbe2d4833279dfd86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 262747
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 4474
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 29175707169016.jpg
bk.ibxk.com.br/2023/11/29/ 4 KB
4 KB 45ms
45ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/29/29175707169016.jpg?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4f85492c07bce94a5c0bc651b12d1d0638851a0545d596e49f51fff8607ddafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 5871
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3962
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 21155329528064.png
bk.ibxk.com.br/2023/11/21/ 2 KB
2 KB 46ms
46ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/21/21155329528064.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: da82f01428de41bebfedbedfe2758031978fdb83814ef13c05cd5d1c483cf3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 4241
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1700
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 21142524737006.png
bk.ibxk.com.br/2023/09/21/ 4 KB
4 KB 47ms
47ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/21/21142524737006.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 2aedc9b86544c1bafeb5d570171c442c79ec094bbf3bd6de154905ab0265f671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 34739
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3660
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 20185202749022.png
bk.ibxk.com.br/2023/09/20/ 2 KB
2 KB 48ms
48ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/09/20/20185202749022.png?ims=79x72/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 7c87e24e10faf770478b0c509fc4644114b8c6af7ebead3784202bbe1c677892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 13928
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1930
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 05145940151002.png
bk.ibxk.com.br/2023/12/05/ 6 KB
6 KB 39ms
39ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/05/05145940151002.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4bf23ab2768519d256e54c43cd4b1b0847337268901eaf706be8e8056c47ede4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 301395
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5768
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 30142301499004.jpg
bk.ibxk.com.br/2023/11/30/ 6 KB
6 KB 41ms
38ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/30/30142301499004.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 0fa5e8321fa9c5f29b423dfedd6938f1e3adec63bed2a4eb483b99d306773862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 213677
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 6332
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 29192256078047.png
bk.ibxk.com.br/2023/11/29/ 4 KB
4 KB 41ms
40ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/29/29192256078047.png?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f135bf4326499f395a69f4294ef0b589731b27a364bc0b0ec1ee25f1ebcc1000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 9160
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3726
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 13193802214016.jpg
bk.ibxk.com.br/2023/11/13/ 3 KB
3 KB 42ms
41ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/13/13193802214016.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 2917cb4b3cae07ec63acd68d493bc39f9c0ef828f44cfefd0bf1b122fb36ce3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 4563
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 2834
expires: Tue, 09 Jan 2024 21:01:20 GMT

GET
H2 200 07154941632008.jpg
bk.ibxk.com.br/2023/11/07/ 3 KB
4 KB 43ms
42ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/11/07/07154941632008.jpg?ims=80x80/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 4a297315c6913ad935505eb259988c5f2379fd97f7146d27c48cce74b7750f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 37112
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 3564
expires: Tue, 09 Jan 2024 21:01:19 GMT

GET
H2 200 11165015801037.jpg
bk.ibxk.com.br/2023/12/11/ 32 KB
32 KB 265ms
265ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/12/11/11165015801037.jpg?ims=400x300/filters:quality(100)
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 90db844559ad88162acbfa61c6e9cd71c864b52ab6a36cb53d27028397c2992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
server: Azion IMS
x-original-image-size: 12597
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 33018
expires: Tue, 09 Jan 2024 21:01:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 250 KB
83 KB 140ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4255da23a46c62269c555612e6a837277d2f652fff5994e861e8af2e8cc6025e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84153
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 03:54:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3099a134b9cb9a3464b9f4a5b8cee9310eff8062380d11c614740ec39bdcd75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 03:54:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 03:22:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1928
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jan 2024 05:22:27 GMT

GET
H2 200 injector.js Show response
tag.goadopt.io/ 325 KB
99 KB 160ms
57ms Script
text/javascript 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 773e5212fc27c78027f14527d5887bff61c774a9971863aed3f898c2cddcf565

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 277660
cf-polished: origSize=333041
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
cf-bgj: minify
last-modified: Sun, 07 Jan 2024 22:46:55 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkmqUexdUbpBsmNgASK8l8NCQJsclrN0DnSttH6pglAcGuHtHB7JcFgDug7XlN%2B1%2FjzhMgDZZgeELUM0HHNSldufpyqinfxJ5MiBM%2FTd%2B32cjsVXwuyKpJMAvfkr%2FF9JZjbrEe7orAGCOZQ5"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 843a3822abae9b98-FRA

GET
H2 200 pushnews-launcher.js Show response
cdn.pn.vg/push/ 923 B
1 KB 163ms
53ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 14 Feb 2023 18:33:43 GMT
server: cloudflare
etag: W/"3b0072743385c7b1bb595312ab9c3eab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRX9Xc2hfTCLxKvFJ6Y69LZdksMtpnAicep6vliqM4hNzNHmv8bRpv5FdTxp94EiFUfgBtxQ%2FR4zzcHKmxDuuK4IWGbPhLdRZC09cKhpjQL%2F2Re8iYLjvzFA7KUkuLXnjyeQFgavvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 843a3822bb439174-FRA
x-amz-cf-id: KCjVCS0p4J0cOcNZyu4SYHJNTArd1ouQiW0-gEVXXSpzAbUKbAx4TQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 221ms
94ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0095716e7fb8c3fb000e68d0efb692aeffcebf94e0f206bca0616fa8043ccb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29430
x-xss-protection: 0
server: cafe
etag: 930 / 19733 / m202401030101 / config-hash: 1407827963928654873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:35 GMT

GET
H2 200 tm13767.js Show response
tag.navdmp.com/ 17 KB
6 KB 263ms
173ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13767.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Thu, 14 Dec 2023 12:53:14 GMT
server: cloudflare
etag: W/"657afaba-432e"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 843a38229925048b-FRA
expires: Thu, 11 Jan 2024 04:54:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 172ms
85ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d518c522e14271b906265f143fa936af1733c1dc41ea8aac3644617cca64f94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51773
x-xss-protection: 0
server: cafe
etag: 10116493446427390003
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jan 2024 03:54:35 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 135ms
37ms Script
application/x-javascript 2600:9000:2070:c000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:c000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 17:35:39 GMT
content-encoding: gzip
via: 1.1 dad44092e95c7e3e18abc391b2ada472.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
age: 37136
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: pzFYes-s_Cceu8LFqphYvehMVYM3yQE8uSVjx4rN4o9A8cm336k7pA==
expires: Thu, 11 Jan 2024 17:35:39 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je4180v874209990z8848907248&_p=1704945274938&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1951152624.1704945275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704945275&sct=1&seg=0&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4153
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 104ms
50ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDJP529EVF&cid=1951152624.1704945275&gtm=45je4180v874209990z8848907248&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 143ms
53ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDJP529EVF&cid=1951152624.1704945275&gtm=45je4180v874209990z8848907248&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1871481793

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 50ms
49ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1417375104&t=pageview&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1207323856&gjid=509360667&cid=1951152624.1704945275&tid=UA-144680-1&_gid=1903115099.1704945275&_r=1&_slc=1&gtm=45He4180n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1679445341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 146ms
49ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144680-1&cid=1951152624.1704945275&jid=1207323856&gjid=509360667&_gid=1903115099.1704945275&_u=YADAAEAAAAAAACAAI~&z=648854014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 141 B
803 B 464ms
444ms XHR
application/json 2606:4700:20::681a:1e8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 558efb4bb57d8dc5484a6c9f1f798853ce10a5b82975925179db53ae2ccae1ab

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
request-context: appId=cid-v1:
server: cloudflare
etag: W/"8d-JM/kTIGgzjsYZJMA/5HysyKNqT8"
vary: Origin
access-control-max-age: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHeb5HhUCKgkpIhXUTSDpKo04Kr4lpt9G9K94b6BwcUneiMT0RUYHVBy8MNXyGloHZmDqdUVY8KFgjfFyXe9hjjG93fI3sXTxbDTzJb%2Bs1VocZGwCIfzvdo5ZztQbnmBXeYzgdFCMMAWnomibG%2FBSPTxrWuJhps%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 843a3823bc169b98-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 52ms
51ms Script
text/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=5bf881a8-5b79-4aea-b103-91e5386249de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
via: 1.1 435254ceec69c136096ca9b455fd3534.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 09 Nov 2023 18:15:12 GMT
server: cloudflare
etag: W/"cd84669e738afa72934a854992fe41d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhgDAJWJikZ2yFpkUmAk%2FPRmvgISCQAWuyqYTrE2CEuNOJXB0KpxM9nZX01ruu5wE2uQUNQjyH3lT7ESj56Paf3cWSZbGGihH%2BtlL4%2FPY0LGs7OmLX3gkK0MWNpIKixMBOIWrd%2Fzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 843a38239b899174-FRA
x-amz-cf-id: m9xEHMQ2nUs74PP_SPZRuu9gdx3kVOVuHJis9WbA1kQNw6ZBAatnPQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 436 KB
137 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65942
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140053
x-xss-protection: 0
server: cafe
etag: 1469350900164882112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:35:33 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
263 B 194ms
177ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b88ab81517dc7fcb04ed5354d7c839b198d54b63ec20fb9bec790dd64f4e0ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: public
date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 843a3823d9a2048b-FRA
expires: Thu, 11 Jan 2024 04:54:35 GMT

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 237 KB
63 KB 51ms
51ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/5bf881a8-5b79-4aea-b103-91e5386249de.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
via: 1.1 be95b2ba3a5805485c26e84ad1dd7a2e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
age: 1754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 05 Jan 2024 20:13:36 GMT
server: cloudflare
etag: W/"4c1401c852c2c2cc476f10fe6fc44c9d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFVU3JFm7q%2F2J7a%2B9kEg0%2ByTiRy9Z043mQXwq9wY5GdXQP6K1ez9ck8ZYLtDrYdtV8LZVSyZdh3OSVHPgghv7C4f9GEi3ZLRiFK6M%2Br6m0CT%2BSPkKWWApLnHwgJquhLwHu4asF32Og%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 843a3823eba49174-FRA
x-amz-cf-id: B7ozXSBUM2UruRPp7_1_2AS6IR2HhnLnQ2K87GF556bmkp8cR8a7kA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 396ms
118ms Image
image/gif 107.22.81.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=baixaki.com.br&p=%2F&u=DBwa_DCu_2evZW0sv&d=baixaki.com.br&g=55260&g0=Home&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4664&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.baixaki.com.br%2F&b=4435&t=DMKbeRtt_7pDZAnhBD2DsslDeT7Ox&V=143&i=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&tz=-60&sn=1&sv=C93ft-CDgHFoBZeKgrBSmx46wU-y3&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.81.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-81-169.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 36ms
36ms Script
application/x-javascript 2600:9000:2070:c000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PLT9M46
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2070:c000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 19:18:44 GMT
content-encoding: gzip
via: 1.1 dad44092e95c7e3e18abc391b2ada472.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
age: 30951
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mSdXi-gFhHHpGcBMkFwX4Fv2t5xikpeRwlfKWmbYXHT-1HTXey9DiQ==
expires: Thu, 11 Jan 2024 19:18:44 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 135ms
49ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=1951152624.1704945275&jid=1207323856&_u=YADAAEAAAAAAACAAI~&z=1508818114

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=1951152624.1704945275&jid=1207323856&_u=YADAAEAAAAAAACAAI~&z=1508818114

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 187ms
106ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e7ce72c407f9ed6a8f6032aa8b8661ea8474687fc7551438d89f0be8cfa92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139437
x-xss-protection: 0
server: cafe
etag: 15496881918735912297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:35 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 9EE0 9 KB
4 KB 127ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14974
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:45:01 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 23:45:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pushnews-sw.js Show response
www.baixaki.com.br/ 95 B
364 B 154ms
153ms Fetch
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.baixaki.com.br/pushnews-sw.js

Requested by

Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

version: 3.0.7
date: Thu, 11 Jan 2024 03:54:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 17:18:20 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 10 Feb 2024 03:54:35 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 368 KB
86 KB 629ms
629ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3679401967722405&correlator=430792681491820&eid=44809527%2C31079958%2C31080338&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2Chome%2Cpremium%2Cdesktop%2Cleaderboard_top%2Cancora%2Cleaderboard_middle%2Chalf_page%2Csquare&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F4%2F5%2C%2F0%2F1%2F4%2F6%2C%2F0%2F1%2F4%2F7%2C%2F0%2F1%2F4%2F8%2C%2F0%2F1%2F4%2F9&prev_iu_szs=1x1%7C800x500%7C1920x750%7C1900x935%7C1920x1080%2C728x90%7C970x250%7C970x90%7C1x1%2C970x90%7C1x1%7C728x90%2C1x1%7C728x90%7C970x90%7C970x250%2C1x1%7C300x600%2C1x1%7C300x250&ifi=2&didk=606830616~1219620439~3093749535~4122620516~445717446~3618103558&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704945275636&lmt=1704945275&adxs=400%2C436%2C315%2C436%2C997%2C997&adys=0%2C211%2C1110%2C3763%2C3136%2C3146&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&tos=~~~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=1600x-1%7C728x250%7C1600x4664%7C728x250%7C257x0%7C257x0&msz=1600x-1%7C728x0%7C1600x-1%7C728x0%7C300x0%7C300x0&fws=516%2C4%2C512%2C4%2C4%2C4&ohw=1600%2C728%2C0%2C728%2C257%2C257&ga_vid=1951152624.1704945275&ga_sid=1704945276&ga_hid=1417375104&ga_fc=true&dlt=1704945272376&idt=3242&prev_scp=%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=1286048242%2C3987075887%2C2460663856%2C2443166763%2C35649785%2C3654451204&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a94221c9bd2cc9208de0d74c29e375f73d42a038092d3bee404f6b815c6bf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88463
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69C1 6 KB
3 KB 260ms
46ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Fri, 10 Jan 2025 03:54:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
480 B 381ms
175ms XHR
application/json 2a04:4e42::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=baixaki.com.br&domain=baixaki.com.br&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7691eaa8c71c03cce156b53d84ff310a3f96e7359fad51333b12a12b5bfaef96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 125
x-served-by: cache-sof1510023-SOF
x-timer: S1704945276.883245,VS0,VE119
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 09 Jan 2024 03:54:35 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 187ms
171ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13f3eac7f8bdf4d54d55af327a10&acc=13767&url=https%3A//www.baixaki.com.br/&tit=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%EA
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 843a38251a23048b-FRA
content-length: 6
content-type: application/x-javascript

GET
H2 200 5bf881a8-5b79-4aea-b103-91e5386249de.json Show response
osp-assets.pn.vg/ 4 KB
2 KB 164ms
48ms Fetch
application/json 2606:4700:20::681a:ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://osp-assets.pn.vg/5bf881a8-5b79-4aea-b103-91e5386249de.json
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: W4DC62SPFMRTDWVC
age: 81701
x-amz-server-side-encryption: AES256
x-amz-id-2: 6j6hOhqFe97yT7V2QBIDyXULPCnp//qrbj0jm0qv2NoFbL1QLtcwNfsZSlbMrr+u8YUSaXwL4M0=
last-modified: Mon, 17 Oct 2022 15:18:42 GMT
server: cloudflare
etag: W/"4466c94390027d272a7ef7edb68cf327"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, PUT
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rizlkl46BGZmhD2xVf7EyCAxh5AZedvhQ1u8G1gaw8oqutT4oJVo3Ul%2FRGaY7BB%2Fm9naMk%2FMZbDq%2FNaRFdHwBqqkgb%2B2IqqzmrmUGD5avmnN35L8Eaz%2FsRJ4d4YqeX7XSWVsNZSq0D%2FoVzShHms%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 843a38266d655d78-FRA

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 47ms
47ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:35 GMT
via: 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 1508
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDXR%2FypB%2F8OqsdZZxgIAtvN6akrhSz7ECk48CnzQmYEGjQC%2FLr0qTHgZz%2FsfVk%2FHr%2Fe8wwjWvhOSRh7U%2FbhTbxSDFZvB3uECQfhnihqaDhOnC9sPcyIuYJMnBBGCBQPr205sP5OOCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 843a3825bc2c9174-FRA
x-amz-cf-id: eZpwD791KYCiK2BSaZkVE1POHhPnyFgo9JDb0veNazlm7Za3KIZn5w==

GET
H/1.1 200
OK 01HGEEWRMJ3CD1KXQGFJE2KTFM.png
adoptprodstorage.blob.core.windows.net/adopt-prod/organization/cd60280b-801d-419f-ba6b-38e3b405b42b/disclaimer/a8b131a9-d7fb-4185-b074-da8dd2ac7aa8/domain/9d1b35c6-be0f-466e-aef0-864af4569695/contr... 4 KB
5 KB 943ms
229ms Image
application/octet-stream 191.235.248.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adoptprodstorage.blob.core.windows.net/adopt-prod/organization/cd60280b-801d-419f-ba6b-38e3b405b42b/disclaimer/a8b131a9-d7fb-4185-b074-da8dd2ac7aa8/domain/9d1b35c6-be0f-466e-aef0-864af4569695/controllerIcon/01HGEEWRMJ3CD1KXQGFJE2KTFM.png
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 191.235.248.36 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0fb0436cc7262742d2a5a5e046e2eeeeaaaed737b9243d81a1f3b887d5bfacc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 11 Jan 2024 03:54:36 GMT
Last-Modified: Wed, 29 Nov 2023 21:13:54 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: V2F963q3kousfU7rZFMuCw==
ETag: 0x8DBF12017A40B43
Vary: Origin
Content-Type: application/octet-stream
x-ms-request-id: beee1048-201e-006d-7241-44efe1000000
x-ms-version: 2009-09-19
Content-Length: 4530

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3635 6 KB
1 KB 85ms
84ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7019091094896260&output=html&adk=1812271804&adf=3025194257&lmt=1704945275&plaf=2%3A2&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.baixaki.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704945275592&bpp=4&bdt=3216&idt=324&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5709022722332&frm=20&pv=2&ga_vid=1951152624.1704945275&ga_sid=1704945276&ga_hid=1417375104&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079437%2C31080260%2C31080333&oid=2&pvsid=3679401967722405&tmod=1811113091&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=336

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7019091094896260&plah=www.baixaki.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e60f79e352fd1a2df427e4c1df22aacfcba4ee52cbc724a2d40da34af50e1e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 907
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Thu, 11 Jan 2024 03:54:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=app-background-ads&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=app-background-ads&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/ 412 B
566 B 158ms
53ms Fetch
application/json 13.95.152.229
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.smrk.io/api/public/geolocation/7z2mkcK41CTmhbHKGRyrzlIum250VTGrpYok/
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.95.152.229 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Method: GET, OPTIONS

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 93 KB
32 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc84aceaf64dcb162c0995315cf8b8587991b236c1789b5fd0975412f64890d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32970
x-xss-protection: 0
server: cafe
etag: 13516188086961736039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7019091094896260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4700 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Fri, 10 Jan 2025 03:54:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 193 KB
53 KB 528ms
528ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3679401967722405&correlator=4496707515865320&eid=44809527%2C31079958%2C31080338&pied=Eh4KHAoaQ0xTZGxJeTQxSU1ERlF2UnV3Z2R0YW9FMXc.&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D9d4bcdb5ec0a64ad%3AT%3D1704945275%3ART%3D1704945275%3AS%3DALNI_MbfKZFaj5zrDHc8l9i-b-Xo-msjNQ&gpic=UID%3D00000d3f54ebe521%3AT%3D1704945275%3ART%3D1704945275%3AS%3DALNI_MbHVH81W9N9sYPLQv1GVvM94NzCaA&abxe=1&dt=1704945276323&lmt=1704945276&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.baixaki.com.br%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1951152624.1704945275&ga_sid=1704945276&ga_hid=1417375104&ga_fc=true&dlt=1704945272376&idt=3242&cust_params=referer%3Dhttps%253A%252F%252Fwww.baixaki.com.br%252F&adks=2792147645&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45913f8beb4eeae5622a5e2d1d3a9ce31eab4b8da45111e6290e5d8fa5c365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54564
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.baixaki.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 40 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43440171b7464e2bfd3b57ca36d5e7292f6ee590f0a29a412d2e78916de4811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 14:29:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48297
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13837
x-xss-protection: 0
server: cafe
etag: 11327811505681789486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 14:29:39 GMT

GET
H2 200 container.html Show response
7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8140 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Fri, 10 Jan 2025 03:54:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 891E 196 KB
55 KB 217ms
88ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 18:13:57 GMT
age: 34839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Jan 2025 18:13:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 891E 15 KB
5 KB 281ms
152ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:52 GMT
age: 113444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 891E 95 KB
28 KB 284ms
156ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:39 GMT
age: 113457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 891E 5 KB
2 KB 295ms
167ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:52 GMT
age: 113444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 891E 40 KB
13 KB 275ms
147ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:44 GMT
age: 113452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 891E 4 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 03:42:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 891E 3 KB
3 KB 208ms
122ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 84022
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Thu, 11 Jan 2024 04:34:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 891E 344 B
449 B 187ms
101ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 21960
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 11 Jan 2024 21:48:36 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012312191621000/ Frame 40E8 196 KB
56 KB 158ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 18:13:57 GMT
age: 34839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56099
x-xss-protection: 0
server: sffe
etag: "b4f73150f1481343"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 09 Jan 2025 18:13:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 40E8 15 KB
5 KB 160ms
160ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:52 GMT
age: 113444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5228
x-xss-protection: 0
server: sffe
etag: "1615cf8c9658662f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 40E8 95 KB
28 KB 162ms
162ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:39 GMT
age: 113457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29030
x-xss-protection: 0
server: sffe
etag: "4993b3249a87fa76"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 40E8 5 KB
2 KB 169ms
168ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:52 GMT
age: 113444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1930
x-xss-protection: 0
server: sffe
etag: "09131eec19261354"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012312191621000/v0/ Frame 40E8 40 KB
13 KB 170ms
169ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 Jan 2024 20:23:44 GMT
age: 113452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "b1091b2fa725aeb2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Jan 2025 20:23:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 40E8 6 KB
779 B 160ms
84ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 02:49:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 40E8 3 KB
3 KB 175ms
99ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:34:14 GMT
x-content-type-options: nosniff
server: cafe
age: 84022
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Thu, 11 Jan 2024 04:34:14 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 40E8 344 B
402 B 199ms
123ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 21960
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 11 Jan 2024 21:48:36 GMT

GET
H2 200 container.html Show response
7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3D06 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Fri, 10 Jan 2025 03:54:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13962487133525052434
tpc.googlesyndication.com/simgad/ Frame 891E 23 KB
23 KB 151ms
102ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13962487133525052434?w=600&h=314&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf30c59ffa5f1a7a6aaa9ee3e5709fdb6037be113bea4aebf439ecf6d9e8c302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 09:06:09 GMT
date: Wed, 10 Jan 2024 09:06:09 GMT
x-content-type-options: nosniff
age: 67707
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23446
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:56:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7867461037140791420/ Frame 891E 1 KB
1 KB 169ms
120ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7867461037140791420/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c4074f3d17843aec206b2d04e5907098e13e192af61f651cd397b2410ee4b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 07:43:17 GMT
date: Wed, 10 Jan 2024 07:43:17 GMT
x-content-type-options: nosniff
age: 72679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1184
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 10:43:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 891E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b33044a1e130c6ce86101a9c25a7d1cb3512f967c3da2daa2e217961cab323b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8008800563270761925
tpc.googlesyndication.com/simgad/ Frame 40E8 35 KB
35 KB 87ms
45ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8008800563270761925?w=400&h=209&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b21c5f9f57baf05b6bf4dfc0dbdf43665922781cd672eecda73c2c67dd7c780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 23:01:32 GMT
date: Fri, 05 Jan 2024 23:01:32 GMT
x-content-type-options: nosniff
age: 449584
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35834
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 14:58:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 16811845893769643110
tpc.googlesyndication.com/simgad/ Frame 40E8 4 KB
4 KB 137ms
95ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16811845893769643110?w=100&h=100&tw=1&q=75

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a6f12edae940aca5a959fc80f819f48fb0aa911fc2473abd695fb068946fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 04 Jan 2025 22:01:45 GMT
date: Fri, 05 Jan 2024 22:01:45 GMT
x-content-type-options: nosniff
age: 453171
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4225
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 07:36:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 40E8 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 40E8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 146f3d273bfb992421a17ce2da75fa5bf79d659150fa752c5959ec2e97759db6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7F25 624 B
246 B 81ms
81ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNXyXRGLZqbXYdON4tt6D07Wvo4hiHlBaxIEQH6IvoAtXvp3Xc0xEyMCFuYZXiTlK2Ta__KpWfCKgmDcEV9aYnMFtwuBT0vFTUC_bLJkgLbkr1RuWZ5MAC8h5NJZN1v9pX1IW8wfzHJFxnejcOouUPDejdMInyrVCPG06NpY4xErt3lcOKU

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:36 GMT
expires: Thu, 11 Jan 2024 03:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4700 111 KB
39 KB 189ms
84ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Origin: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:30:10 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 4700 7 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 4700 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:21 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4700 41 KB
14 KB 144ms
133ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4700 3 KB
1 KB 150ms
139ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 21:55:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4700 20 KB
9 KB 51ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4700 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA5st4czxs5k_z3DGDL1PTV-U15GD1JK_EsDVbU63OxkoB05qMOxMnyvaAdjHpFRAIoU2miCkaMy7XjgGx8DNtfZ2UkrDz2v0hj8PCFGQmc0FzL6Y

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4700 205 KB
65 KB 264ms
148ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C200 624 B
246 B 82ms
81ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJGX74ICMAE&v=APEucNWch16gXdI-0TEUPrxaHWKkNlYRLyLwisBfJLLQ9gMSPxFuALGStW9oJA1Tc7rr4Xb3Awt05C1nNtNfnW85CUka5klJfwU3RBEC8eOaKGBxS2UXHuP30m-vzm5cX1U787q_gQ0C6zaav7iXSuUYqrNIbMBoVTucLLmByVQOCW_Fo5Gtqe4

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:36 GMT
expires: Thu, 11 Jan 2024 03:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8140 111 KB
39 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Origin: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 06:30:10 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 8140 7 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:20 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 8140 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:01:21 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8140 41 KB
14 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8140 3 KB
1 KB 144ms
143ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 21:55:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8140 20 KB
8 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8140 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dex2QQrzAf7IdRftqMlu1Sazn-e-WQ94JTgfzVh6NqbGV98j7ZRJ3xyGJgVXGniEdVvA5ytmpr14SDOHpR48lZgZWBLbqqjWCX8k-37TX5-Q2bF_8

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8140 205 KB
65 KB 207ms
106ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8A22 624 B
246 B 80ms
79ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV6CZ1bcXO1NTCt6iB-_6vKYat57nb6StKNohZuT8fug_xZgS_w9dKwy3BtDoxoW9QaRlSycir5pgkJZ-Lqg_3veTIq9VTHg8Id4WZUixSJzdMVOx29KkJvdHToENuQZQYOwG5qkvU1bXemOhkqd-5UTKcswJ8_8zflwWSGFTq8mdn_Hr4

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:36 GMT
expires: Thu, 11 Jan 2024 03:54:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3D06 89 KB
31 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B22vPEje07-TEZWybVJuWoxhrDwS9ap0VpZW70xN2qJ2n6BMGDVes6QyKCP6JOxwGgpKxBez6HRwFIWmo1ufBTVZFCfi3IGtTaW4N53vNeFXescOg

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 3D06 3 KB
1 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 21:55:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 3D06 20 KB
8 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D06 205 KB
65 KB 143ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
DATA 200
OK truncated
/ Frame 4700 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b40d479048b1fbeede5cfeed09eed166514d21745664842a449bb653dfdde0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 891E 16 KB
16 KB 127ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 209791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 891E 15 KB
15 KB 137ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 155228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7F25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkyFhMVH35hUmcVBxxby3g&google_cver=1

43 B
441 B

59ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkyFhMVH35hUmcVBxxby3g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNXyXRGLZqbXYdON4tt6D07Wvo4hiHlBaxIEQH6IvoAtXvp3Xc0xEyMCFuYZXiTlK2Ta__KpWfCKgmDcEV9aYnMFtwuBT0vFTUC_bLJkgLbkr1RuWZ5MAC8h5NJZN1v9pX1IW8wfzHJFxnejcOouUPDejdMInyrVCPG06NpY4xErt3lcOKU
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Pj7CoEbR7BuFSgdMZYSHTqWlHa5XJlzIt9HJUj7lV7GFvz7T3kbkn0lhldS3%2FLuRbT%2FY%2F9nTakzJLTh%2FXph4nVgB46JTatyuV59oG0DiCKmndL8mixHw663hJJ%2B6EOjJjKm%2BD73lgkByA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382b3a09aca4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFkyFhMVH35hUmcVBxxby3g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7F25
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfAXPKP1aH3SZG49StQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

43 B
741 B

58ms
57ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNXyXRGLZqbXYdON4tt6D07Wvo4hiHlBaxIEQH6IvoAtXvp3Xc0xEyMCFuYZXiTlK2Ta__KpWfCKgmDcEV9aYnMFtwuBT0vFTUC_bLJkgLbkr1RuWZ5MAC8h5NJZN1v9pX1IW8wfzHJFxnejcOouUPDejdMInyrVCPG06NpY4xErt3lcOKU
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEm08RtVYBnkja6wk0JdzzBupLu%2BJ%2FsN8%2BZ%2FD0A%2F%2Bvb8VL8adrR%2BXIVnr3oJT9Ni%2F6hHc780lJoFjhJ8MrpwhDZhACb7xMyPLikqUgwTkAxQGt8%2FZi6b5XZYYRaOmepsmw7svt4fNeJMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382bcf5958e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7F25
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGfn0p8OqhdjK5wjOfAQosM&google_cver=1

43 B
1004 B

45ms
44ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGfn0p8OqhdjK5wjOfAQosM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNXyXRGLZqbXYdON4tt6D07Wvo4hiHlBaxIEQH6IvoAtXvp3Xc0xEyMCFuYZXiTlK2Ta__KpWfCKgmDcEV9aYnMFtwuBT0vFTUC_bLJkgLbkr1RuWZ5MAC8h5NJZN1v9pX1IW8wfzHJFxnejcOouUPDejdMInyrVCPG06NpY4xErt3lcOKU

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: 9430f1a3-2a35-4dcb-b6dc-951decca777f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGfn0p8OqhdjK5wjOfAQosM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7F25
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

170 B
232 B

49ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: 7f6887d2-4b63-44b5-a564-8524864403db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C200
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIY9-Wyqkuca_gHEaR90b0&google_cver=1

43 B
327 B

61ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIY9-Wyqkuca_gHEaR90b0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJGX74ICMAE&v=APEucNWch16gXdI-0TEUPrxaHWKkNlYRLyLwisBfJLLQ9gMSPxFuALGStW9oJA1Tc7rr4Xb3Awt05C1nNtNfnW85CUka5klJfwU3RBEC8eOaKGBxS2UXHuP30m-vzm5cX1U787q_gQ0C6zaav7iXSuUYqrNIbMBoVTucLLmByVQOCW_Fo5Gtqe4
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZC2AVxOCRcectd95nFp27KQlEr04CK66SpShPxp5Tm3zceRlXHM0KcYI%2B2eGR0xALrn0WssohOR%2FaFgzzYNe4hPHWb%2BzqDqW5bKFDblC7O04jdMOwsZHb30bVzWgKEEUe9xDyXMz5Q%2FPJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382b3a0aaca4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPIY9-Wyqkuca_gHEaR90b0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C200
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfGjgYzfdBVitGmEeDgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

43 B
734 B

60ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJGX74ICMAE&v=APEucNWch16gXdI-0TEUPrxaHWKkNlYRLyLwisBfJLLQ9gMSPxFuALGStW9oJA1Tc7rr4Xb3Awt05C1nNtNfnW85CUka5klJfwU3RBEC8eOaKGBxS2UXHuP30m-vzm5cX1U787q_gQ0C6zaav7iXSuUYqrNIbMBoVTucLLmByVQOCW_Fo5Gtqe4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtjmQOHbCYOkI5ScHCt29xdj7oAI%2FgCLOAqLxJSCW6RhhJVpXTlZtFHBcLj08xqOYhXxPLSlQzioMhX2USfXpqFS%2BumIDDgeEtj2buXMMMok%2BMqCcHrabhyJmN2slhXdudTEjtlVfrbalA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382bcf5858e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C200
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA8lCbmoiG_bum1LUjsOCWk&google_cver=1

43 B
1004 B

51ms
50ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA8lCbmoiG_bum1LUjsOCWk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfxrZwEEJHbqqkFGJGX74ICMAE&v=APEucNWch16gXdI-0TEUPrxaHWKkNlYRLyLwisBfJLLQ9gMSPxFuALGStW9oJA1Tc7rr4Xb3Awt05C1nNtNfnW85CUka5klJfwU3RBEC8eOaKGBxS2UXHuP30m-vzm5cX1U787q_gQ0C6zaav7iXSuUYqrNIbMBoVTucLLmByVQOCW_Fo5Gtqe4

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: f4b9d213-27a8-4d39-ab20-eba99ba828cc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA8lCbmoiG_bum1LUjsOCWk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C200
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

170 B
232 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: 2564aebb-14da-4482-8d4b-188371f105d3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A22
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

43 B
769 B

62ms
62ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV6CZ1bcXO1NTCt6iB-_6vKYat57nb6StKNohZuT8fug_xZgS_w9dKwy3BtDoxoW9QaRlSycir5pgkJZ-Lqg_3veTIq9VTHg8Id4WZUixSJzdMVOx29KkJvdHToENuQZQYOwG5qkvU1bXemOhkqd-5UTKcswJ8_8zflwWSGFTq8mdn_Hr4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lktcJ6XuNyaCL6RcSgpzHvoM2g7c%2FQb3qTtCJYmd0aiqhScWbEmCRK%2BWF5hYyAJYDmGq9rKOGiH%2BRVNnHQbeJ2CVeVHdfdnXnhWu1dVW3xm5Re9xHjyzzzt4lYsOsn6mNLS5G6FGFWIbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382b3e9058e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8A22
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ9mfAXPKP1aH3SZG49StQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1

43 B
735 B

60ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV6CZ1bcXO1NTCt6iB-_6vKYat57nb6StKNohZuT8fug_xZgS_w9dKwy3BtDoxoW9QaRlSycir5pgkJZ-Lqg_3veTIq9VTHg8Id4WZUixSJzdMVOx29KkJvdHToENuQZQYOwG5qkvU1bXemOhkqd-5UTKcswJ8_8zflwWSGFTq8mdn_Hr4
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XqMc%2FxSzGN3WywWBoOGItd6I1yTafjhs4j%2Fke7ttXHbfOfjNC3fQyRD1miNgf0%2BPf7%2BhwCiJUmzXDwIO6YVKggapyHf4RhIR0BTUO4f0JrARyb%2FXDQkekjlCtziamMT8h3diwEg7VoOeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843a382bcf5a58e4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEgFw07MXdeiRlwAHoSsERk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 8A22
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKt1Uako9ILI_HkERG5nw8s&google_cver=1

43 B
1001 B

44ms
44ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKt1Uako9ILI_HkERG5nw8s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNV6CZ1bcXO1NTCt6iB-_6vKYat57nb6StKNohZuT8fug_xZgS_w9dKwy3BtDoxoW9QaRlSycir5pgkJZ-Lqg_3veTIq9VTHg8Id4WZUixSJzdMVOx29KkJvdHToENuQZQYOwG5qkvU1bXemOhkqd-5UTKcswJ8_8zflwWSGFTq8mdn_Hr4

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: fc87a368-1452-4444-b68b-99cb75757d21
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKt1Uako9ILI_HkERG5nw8s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8A22
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

170 B
243 B

48ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
an-x-request-uuid: 2ee9f88c-8127-4f0e-9387-fbc0108f8f78
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUwMzk0NDQ3NjQyNzQ1NzEwMw%3D%3D
x-proxy-origin: 80.255.7.101; 80.255.7.101; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 40E8 15 KB
16 KB 138ms
82ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 472515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 40E8 15 KB
15 KB 151ms
96ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 186765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 00:01:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1882106149846&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1882106149846&version=m202309260101&ct=77&x=1&cor=12893604305619182000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3D06 20 KB
13 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTz4EAkAOPVm450irPaUHG-8O4NTo8XihF9BKtYvQ5KclDlNnSfjeqClm8A19xr-DhwQzQIzNBKmlILhz-L24TouDcXNpMkfnQnTZALzdd4A2_8JMTd2MJyaLnMBl0TPbhc_GIOw6bYYvM41PwucX1cjf53DrUoVcpdke-v1i1tV2Z6yI&cry=1&dbm_d=AKAmf-DDaQTM6qh0kWjxr7EmXuWO9P-Qk5fPBy4dkbw8SjGh36jyS47JzWbz3ISWkarzlGUaz7Sef3v2g3PGumH-LKj4dm9lQOQzr4cDIODt3FMtSvKKlFaBeHUMko4ymiuxzJss_cVIq9eTQWUPXVWEJSQVcA9I6yQMaXfMdtQ07LGqG3y-AtkLE4HRX1TryncvqmmxxDfKIfOh0oG41ZXE0EMoiL-LsIMFAVgLMbEoBhcqoztFO1Vjys3eTHdqEPIV03y7xgBShVF4XlKfgtfFn3x0I0hqXeFv6AkpHZWth-GpYrSUWiKaFdz9_OsGJBQG6hft32ERnxggE0zBasJeD2k50TK4G47uKrhJX6IpwY603kSufVp5GhUnyXUZTUadczbL622_AkpBl9iXTUIq0BV-9zt-CJYC_vIzOu8v-PbArEwZ1k80gP97oveIFWjMVQg6-7NpCkISwBWAaZC3kCF4tE2l66QqcUgtEu_Ke0YviamZ_alKP0ipf1_xxYYqMZjjZUSh_wesxzNmJCA6_CPmtv-3yUrWb1S6Pr2chQPsafTzgpjW_Yp3fskG94E3Slxls3Ahc0ZK4fbzy_rf8vsPsSKgZHGK5qpalJZwWDUx8N4m4l4oqpJAo-grulvwsSlOOhfDIEp8m8DWDFa1FdzLQ8iACpelZr5jiOgsZQV__8gp_anb0y4NPDemYPi4Cy3G7aRWTYM33xk-zgN9H6-SColaHFAW-hD9wvxGszvw24Rqzl3HZD8CQ0215LrFww57eX2OlgrgWPad9mFf1z4bkkO4i6GckxXqJfOHoLWCoQMpEKTRE8x4GXgjQKyVSi0SN6oAF1MwuB9HRblKD-BAV_TAijd85DmkojKB02hjvp3c-2T03_0ckDUodImlmQkye6GbL8PRJ0OvaC2XRG5VXgyFG4MmkodUsTW10LpbcmB46PCP3CZt3kJbEslmxPg_kfEK-LTyfBkQ3xTu_sOgYCZKC_GQ4fbMmh_j5pYmV_lj4HyWoaJUBrOOXxN4O97Hd1DZXPVnpVcqU63lAZTrKgz9DfFUtqCAFyFVURJVjTrMrnm5eqPa1NPG7VUnQDygH_8vnmIrhK7Fjn1mjfJsw-xDlHc0uyZvhL69dOeNrFt8CRSBEMjvZwDO2FGvJuvNnHi68_nIJLItUnkg4Iq33kUE600VUJqd3pqkmFpGk-EFvNoS77yPb-5ieVmBCK48tnnH_tsYD1WIKFKi951yIbepHFGn8jY31-F4elDu6BRjBcVCn3wP3dSr1-PnnS8Ad5Pa5uSHdPGETcNDMPp2diM807fsT8c7s8UkzCiDomhu-ysawcH2pOYUdlxzLRhuLUyxmbJUJCO4yBrAMD7Cn27wrJ2nx_i1P5xG8M9VZNYfdb0in0g0Q52g5yU2xzQuh6vUcNlFhG7l11GkkKXklbK3A54m1zugElf8ganDSp9U0BpBqtiDtK42uMUN47uJcwj7ZN0_ikLnDFPF1J_rAZ3RRB8PnHGEDPrgux8DAfkOFiJFkdKyO0pknAXmagyCFWlVOFk0-Li5Ytc9jXFNPB7yRZncyvjaIc0SFi-fUZqvz05hhtgYZeHnxM9M1NFALyhT8HkhUcaOm0R_20_X7lzIFen1xslozfTd9DaHtkr39HkCQReadnwxoZ1wRPvLgdBre3VkvgbbqdNeyu_hqNCmDMFKfMauoJRSv_KzWeWqlP2BQaBYa--qje_lmrLF8dR55I5GvcWUjKLNfCLiQkk0oukRjBRCj79ptsSOPBcM6hQYNZGicfo7kdkiZcQkzgEdisopvxpsthTnlOqwe_4etEWekp-hrMdGLkB0CJX6qBHMqM4Iw7QAFH-20gxJo23U_Op-BC19IxoK0s25FSJ9JOTS9gxvZ705qxWfJaZOIKWfshaJuFWc7-UOTeDRiGIhz0R3qrP-C1t5l8lBLzCsMbDlEnLvH3of7EY5fh5NqcM0G73PmPD2jcGrxplMgDadX8IWh0s8-1GwRGqzBmXRlZcR0S75rWg_XIy8ZcJZNu00oPBMDOk-X2ATQ6qfbI2u9daV4YnTTIZMHNSU-cOvdST9d9r_dEcgCD-ipAihFpwF42-GH0PVtyUx9FtVVy5id_x812mu4xh5NNCj3Rusw-g6bV0wsl-Od-silb5JM9PoDLHvnNp60zDoCx0nCduvp-LvCtecIdaLo2squ-uqscFP561kSf1jKd8uZs_ikX9f4z-ENva-Yd6AKoU5pzUdjcUtxmO65V7TCiG3-RphggenoSKM7oyrNy8lm9ZomVKK3gYu5AQ8rW0FJdogiDbeAc8eQ4gb6sogEaWuoSiSA8F-XUXLuTcZox31JMfemAlERHBZLcMIQGRn-YkYv-0vqNbv1jw3WfjXd5Hq46rxW27iwcF_sfqz2EHgqeHVdCO2eGbR3O_QiBsYRUwoTgCAhwOLRIvU91tBo-kHEFSjcMOEGfvhrtVU8lmaTozXLr63K7EHBgsnZcVQ5W2xH_HEyj1_k2bPxxdyJP9pMzbQeKegsItOthKHx_flrlRLmbJ_XdfJJ3RGUO_5pLsVISXj2Pf-vfGxE25dm2g8hNPapldsCZ1rYjfi0usPzYJz-WcIZPXxdfhd6V31t1AFLIB0ts590F29YK3pMSdbpzzC5uf4Z9yXceM4BmcNAm4xgriSpBzgOOr5kSwXX36T4qF8XUdsdAh0_Cx68JHa3mMQSj7PdnIA9YnpABhJAjSzHiqn86Eci1ySzhm6AOe_Lal0zVWUc6l_BOqANwk0P_npl_i5DN1FoAaiToDrWyfEr5_7VudpWzZXLcUT3hxy16o6-3x6tYT_u5EuSE9J7mbSJrahvEly4Ug8NcyMBMNjAteO-oT7vhW96eD8z5v_XtQOLzYL5vrfNpuPjmopozmrULdE31WQ0rk6QMrHTC_zT9ti1XSY9GhdyjHFt9Pg0bAOm0EF3jox_DNTzAnh-8HMAiXF6BIFd4Oacm6D-sRHUvzmPJl99SAsiYGn5hj6AiQZh0J2v376yG4QRFFAQuIqfmVFoyBr5z1MVW7YP0y717Y2XNxLdPw10AYqNNbay57eAqgvkb1SZSay4-2yENVQZmjTfijuV3ZGnH_PBagSxnbQ4b3UKj1LZbazemu6rWQNZC0kVGYY91hME5_rFUalcRy1qgM6EbFEGZmd_zDG18kopu4wyxGANEreOqY6NJAxZEaRwmuiMjyQTgSU0dLuqXEPxG-smj-5xAJyUxNN21ysAGjgyTpjpHmlrN6TBW56ZEjr9NHmw6LhqjGqDoZv2gLPTihdcujGTTpU3nGVWUqkMQmQHHso8fr7XKeOGCN6w5t4lRoNtRsaF6lr_EcttHgAgzsZ1Q3-PLGZRvCKXhWuVDK_h0Oh9Q_fNzLsla0h1rKs0JWwvtTYRQzji_rANQiVE1YaCjwkgTkvT2chixvG9_4q9Tv2nrdnkVHDrxusL8noT62KX77X5iS5LmGc7fap2egCl7xKatQg5yevJvrUpWE_Ut_tIVE9ZQgM0ScnPICI-GgHi2DuO86jXqWIfNnOl4JHzS_w9HW_I5dgpwEi7vMw-p9OtXDmkQWZmuzPkdPM2SsDMOKAXcpRWHTOHD8ym8XEEY3eg81msYDxjRtj2G06SxyUJYhcM7AK18vHLOJWw_Ln8YsT2F7MyGGEfIbSRDn-IzLIdrUSOP7zMF5oQ-fQ0kDJurDIN5dhAFhm9FYCjH5IWbPAU8xjD3sfkWAyoMciwcp092gBV2rQqetf6Qiy3ovdzcQvBt0Erka2DZmRLp6Ibu-bo1hjNz53FYXOhp_l1RWxALA06ANRn9i7izSZ285efalL2I3nLmn8h_UtZ366Au4433vBf1yLMOnrihHbxPAk61iqzoREDy7pAPXYzKe_SZeJw6PkKvTOkPEGibkjLhxtc4eL0By6Y5ZKuLqMKt_HkmHovzd7XN4&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=12893604305619182000&adk=2857193499&idt=129&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6af8a2c3967cb7185317f054cd2ef4479562f1ad7c36ae9db4a50063b1f8f0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13713
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8140 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3673a65d1382c26039ee58d4bb14c21cb4b564cc4169c31c3a25dbf0dc6cb929

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B88 38 KB
13 KB 39ms
38ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 193740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5563 38 KB
13 KB 41ms
41ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 193740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5926429941439173355/ Frame DCCA 9 KB
3 KB 128ms
45ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b482a075b8e378e7d97298bf551736169055ae1fa7bdc80d98fe515587f973a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 154930
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3430
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 08:52:26 GMT
expires: Wed, 08 Jan 2025 08:52:26 GMT
last-modified: Wed, 03 Jan 2024 13:25:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8140 0
0 177ms
88ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdy2ulDHecFwQhvCH8baa0TId2RzuSR1XwBJ86glnB2HOW2XzA8RzTrU9Z3OJdsGBvUjFdusK9x2RWZ2gBiF_lujwlcfHoH5hzrvfFWthwBh9Cc-Yq_Xr4QBJ_qFICuVOcCJMlsJ2NtyCFP144pnMP8fQ5C3kU_-dq1s1tdA7x0D6IylbOI-5RywxhRySRme11HD8pdcQYL2xdR-zm25MA6c1A31EuGNCkLD6RLpdH2NriKLVBoLd3r3IDXb2RscArnDY_MQYQia_psyHktjlK39Om-QtVknHFP5PJhYTbI9Jt6GKjaRcoHm6Jn6y4LD69wpzbL5zLkYT3JxG-a1K-GXRsVZV9H0zjTU7Sk1UMvFdbzxZPXLjz1mdVep3thDFLVqm6Or1tYkVS5tOL0f_NdfJb5Xs8oYkhdz2f8dhFY3O68tvwlyJxlZ-1w52DMQW2znOJYvbImc6slKmU8OafZT5HDmFe-tNX5NF1pdE0YINcoKM19sXsJOoi7Ik0dH-aW87WRwcMRMxnFAv4pyOODBxs8g0tBUQp_U6Pxc2i26YtzAFllV2Rwcr0J8V5lcKjUrXqRmberOynElRu94RYpv9tXVBavuz8d-Vr-l9kDAh-3jh86RzkjGYgpqttORn8FkRWAHoim9QV71UsfbwpQC_6QAKjKsZlo-JC7WYng9ymSuS7_qCDXVjn28swpLf9TO6lzofuBpcbzTMrHAaGzhH3kgrenrULN4xmrvW9EvdlcIscCb1yKDsl4PSpylAF558qiA6CPc24oDx3d7Ct_pdI7Cu91hIPmMhgo28FiCi1CbxViXB2GtxNyHRi2p86kmt61APlpMVTY4S_MxbG3oUWOwcNxwYKDeFKHcm8cZQHX3BienEZNLIXuL3Qn39_XsSdXNeCqGf0k71m_fYceASuUk8TaStjREhpeiT7EZVmSqMItRD2JLeAOktmZO1DIySgTtqWlCK3kSmjXAvCle5-5m19JUGTNgUz31X5UJbfaYR1vRuqmZxAcyIzyybDB73NgU0sx3A4Fpc9vslypd8ZRbS5q1niS9O1EvTyY-cIsdIqVuiDshrwplCcPDpXPcQx1Zm1VZmWJiJnaMWJmfCrPVKL8KLysMZTuYDH7kF35lc7uhtG1zf3tAhiFUkb3zdP4d4ZUIYKVAmNdrPzJScDWOjdk6e8c8Vrz81wbFXWW8_B9DS2xktZ0aUPzxFcCl7xkaYPUQcjvazUNk1qd6ZIZkY5KFDKxVL6Xma_fEAe4IDCmyA-4jKoIvf3y3bfN0LeC23zQd_jMU5Fnsdg7eIu7aUyW2j-3lVOus7O62CT4HIue1bUH9dfNdVdy01DdfhVRceXcvP2fl-mSxM2hyAaXr-qAlpgTseY8gYal2ci3MNyZQ&sai=AMfl-YRwAzoJXMXnov0mKLu43-QOETx0CIk80Pfuhm8I4pq2qCOmGT36ObdD8-TX0S5zq_4HhvVmLXOzoZegeELCoz0RJMTnR78yKvDiMDF5lPYXZ34s4gDORbnMFZJCD38YqVkOjfmntPB-5uwZQQvYwAiFegw5gW5DDNQtqeHqMLP2-bLX2IP-Yg9v72SxNSurwiuWJOCT84MGM9XfuuT0h8trOGl6qdljUd6xpoca-7mjI5yC_2viSqHM_Ne_XB92MAQIGooJEValqtbq5jJ5V15VHAOpi-31xHs6xgfyfCa6yJMGb1iFxFdRxTzKzTfZZa3X9Xphtz-_S_xjDtRsYkbkWuggBJFW04iThUIcr6w_Isqw89L5Iy5x3O3my__hdU4SV8H-w9CaLNUsQt_Ve-aBPXQ0tR2l6ftlPB-0FNquY1XagG3WwkkFvGIyxYeoZFYxtvXNSgmbkkAYlq1qQyZ11tFYxg8sqrxU0LrnUUIl4EDV7l_c796kUuPd4Pv8Y7lFB5f4Gidhvw&sig=Cg0ArKJSzN0gIYo8s9R0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lYmF5LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=244&cbvp=1&cstd=243&cisv=r20240109.17864&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2628882822767335906/ Frame 39C6 29 KB
6 KB 101ms
39ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f36f506c995226a9b28bd0ff772e29f7103b4a8af0094c736fcb02c078cc6e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 577082
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5859
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Jan 2024 11:36:34 GMT
expires: Fri, 03 Jan 2025 11:36:34 GMT
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4700 0
0 161ms
85ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv53MphrEyMTZQkH_Pl9aq6PV-qKu9o2WD2kcGD75hI_1tKFUdrKYP8hvhAr4uqDxVlFII-yaxLoEy3c7V8j1fcG5yeU1Y_2vbYC3QCUwdp0FZSGkb7i9VkKcMUSJRVVuhwhimUeuWzn-IoIiqe7lRSeZk5zhyuUMuf2SgUIoVGRG6rDP_7wnIYWkysfsrA38O8xO-1SOVNat4fPRftBmS3662bcLQcippAhbssINDb5hrBnVjkhLx3BzChGFCdEy6evi8qN9gk565N5FU-jUm9uG9mOHMkDDRY4UwvQEM9Y7NhAlQHdOtNVhoHplWsw10ZtQkcWxmJZqeIQ-vY3ab85qCtYqgUtWxngNkYkcEwUYRNM2EJEsrxSCKhPbHjVPzahIDWpVVidtWTrnzZfZSpES-Niql9zNCzauI-otIjrDPsayvCLu4yfkVnMRPfUt1quk15I4zVCHOzr2UakaPN90fow-dzX0K9bg9CpjY9xGhZyrMC3e6jbMeOD_KICczVbLcJTtcvuNXspmSJRzUq4RH79h5MiDOxvmG4B-pOO0mPgfOXv60J_O4Ama7AeLsrUlp1w66Ta6cp8FWVFYjM7qjMpg3nYYsbDPvaRfNm17uymWqQA9IMVj7UPdQZlxpFW_7H0VdLLSWZQamE252EWawZAnfxZGamTeY0Gh0uJ7HNLGJ8QuHHi91Cgs1vU0I0l9cF9Y-NmgpLVqks3x7GIKsM_kMMH2V97xcunjbSq-MNvwgh-iLlDw03qOIANwgIRHyqoHb1C9qDNqfMeb4H_WVdOvjqBX-AfbHLIIQbBLp7njaR19uHWnenCJGS2-3MwJ5KYetOqpRpiFuaRxYonI-PGBwcFWa4mlDkQ0Ra8JJOluMrLmu8jQYUDzDWnKFp8Y-4QdgSau5720Xa2R8ev9_X1bl9soQnD47TMYoGzRFfbCcJz5s2v3UkY11ci0K-LbPhtpANh4WY3PA02gGDwhzeiWJQSGgZaZ8600_AWMfqzAsfTsrfFZygW5BrW8sy1rrSPbY_Q1It5WthEyAgfB2y6tjBsjUVRjV-IrnagOa0pQOevdBelccPrYz6I1MlapsMvBzq90gwSDFbx18aOHKyDBAQgn9qakw5ib6oqVWtjYwysoNI9zrlm5BN-8IKe4eRq2cd0ZUsKUZLxyZJZ4aCdPnCSwCs306ULd8HN1i5aR_CH1GHnBfXF93ueEDbaEF2PieTT3tcTmwmTK_7Dq5LuUOQvRE_G9fMbQbPAMAvYisbl7oCLUpaI80SfRaq6TfcfMoAUONKiEy3rmCCj2_1PQ9HbTkwoUsaoQlDxzjw-va8AUsuT3ONHbCzCmDxcHf_HP1-Qn2xewiqWE3Sdg&sai=AMfl-YQScbYDHDsbIbVTemvzPaQecGQWbdBb6SxWotCqtxUa7e2F2dM2Hhp0-1slM89Dd7QcLFyw7RCYvJG0V7RSd2m_EQ2_dr9wxX2qzYqlSCG6OOgQ2Qv57wEqYizqqv4yYZNloEbVLjPe6EtxFq4WBgQs2IoImczyJ9TBVYZkVQWFkfOqBmlAejhLnqDAWB2Y9Ign-sTk_lOBAHBDeHvGXxg5k-K43JM-IIBIGXo0LK5PpufnE-tLITcnNM_2Q5qRWc0betey5m6FgIryDZGLwBLi5oJQtFJ0EUd3VPelyzj1LyXioH_dTn6FWRP1azAmlIeilxKYDes2x3u9Wi1h4jC-mnmAfcW8YzPbNrwVx991CgnUXEDGC2yIgsLuw9kHB4328xS97u5P5yoHl9qnfgzPmHtb39Ld9VkCR6JYQCjyffApe1Y5CkQhA_JnUeDG3fwAs4SYMI4bdM5N5x8oarsMsCSO5rIyaZTugMXyegDr4kgs7N6zdiRPSx5KRRZixRGxTThfF-k&sig=Cg0ArKJSzFt9o4DifJZTEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=273&cbvp=1&cstd=272&cisv=r20240109.95177&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B88 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D06 41 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DTz4EAkAOPVm450irPaUHG-8O4NTo8XihF9BKtYvQ5KclDlNnSfjeqClm8A19xr-DhwQzQIzNBKmlILhz-L24TouDcXNpMkfnQnTZALzdd4A2_8JMTd2MJyaLnMBl0TPbhc_GIOw6bYYvM41PwucX1cjf53DrUoVcpdke-v1i1tV2Z6yI&cry=1&dbm_d=AKAmf-DDaQTM6qh0kWjxr7EmXuWO9P-Qk5fPBy4dkbw8SjGh36jyS47JzWbz3ISWkarzlGUaz7Sef3v2g3PGumH-LKj4dm9lQOQzr4cDIODt3FMtSvKKlFaBeHUMko4ymiuxzJss_cVIq9eTQWUPXVWEJSQVcA9I6yQMaXfMdtQ07LGqG3y-AtkLE4HRX1TryncvqmmxxDfKIfOh0oG41ZXE0EMoiL-LsIMFAVgLMbEoBhcqoztFO1Vjys3eTHdqEPIV03y7xgBShVF4XlKfgtfFn3x0I0hqXeFv6AkpHZWth-GpYrSUWiKaFdz9_OsGJBQG6hft32ERnxggE0zBasJeD2k50TK4G47uKrhJX6IpwY603kSufVp5GhUnyXUZTUadczbL622_AkpBl9iXTUIq0BV-9zt-CJYC_vIzOu8v-PbArEwZ1k80gP97oveIFWjMVQg6-7NpCkISwBWAaZC3kCF4tE2l66QqcUgtEu_Ke0YviamZ_alKP0ipf1_xxYYqMZjjZUSh_wesxzNmJCA6_CPmtv-3yUrWb1S6Pr2chQPsafTzgpjW_Yp3fskG94E3Slxls3Ahc0ZK4fbzy_rf8vsPsSKgZHGK5qpalJZwWDUx8N4m4l4oqpJAo-grulvwsSlOOhfDIEp8m8DWDFa1FdzLQ8iACpelZr5jiOgsZQV__8gp_anb0y4NPDemYPi4Cy3G7aRWTYM33xk-zgN9H6-SColaHFAW-hD9wvxGszvw24Rqzl3HZD8CQ0215LrFww57eX2OlgrgWPad9mFf1z4bkkO4i6GckxXqJfOHoLWCoQMpEKTRE8x4GXgjQKyVSi0SN6oAF1MwuB9HRblKD-BAV_TAijd85DmkojKB02hjvp3c-2T03_0ckDUodImlmQkye6GbL8PRJ0OvaC2XRG5VXgyFG4MmkodUsTW10LpbcmB46PCP3CZt3kJbEslmxPg_kfEK-LTyfBkQ3xTu_sOgYCZKC_GQ4fbMmh_j5pYmV_lj4HyWoaJUBrOOXxN4O97Hd1DZXPVnpVcqU63lAZTrKgz9DfFUtqCAFyFVURJVjTrMrnm5eqPa1NPG7VUnQDygH_8vnmIrhK7Fjn1mjfJsw-xDlHc0uyZvhL69dOeNrFt8CRSBEMjvZwDO2FGvJuvNnHi68_nIJLItUnkg4Iq33kUE600VUJqd3pqkmFpGk-EFvNoS77yPb-5ieVmBCK48tnnH_tsYD1WIKFKi951yIbepHFGn8jY31-F4elDu6BRjBcVCn3wP3dSr1-PnnS8Ad5Pa5uSHdPGETcNDMPp2diM807fsT8c7s8UkzCiDomhu-ysawcH2pOYUdlxzLRhuLUyxmbJUJCO4yBrAMD7Cn27wrJ2nx_i1P5xG8M9VZNYfdb0in0g0Q52g5yU2xzQuh6vUcNlFhG7l11GkkKXklbK3A54m1zugElf8ganDSp9U0BpBqtiDtK42uMUN47uJcwj7ZN0_ikLnDFPF1J_rAZ3RRB8PnHGEDPrgux8DAfkOFiJFkdKyO0pknAXmagyCFWlVOFk0-Li5Ytc9jXFNPB7yRZncyvjaIc0SFi-fUZqvz05hhtgYZeHnxM9M1NFALyhT8HkhUcaOm0R_20_X7lzIFen1xslozfTd9DaHtkr39HkCQReadnwxoZ1wRPvLgdBre3VkvgbbqdNeyu_hqNCmDMFKfMauoJRSv_KzWeWqlP2BQaBYa--qje_lmrLF8dR55I5GvcWUjKLNfCLiQkk0oukRjBRCj79ptsSOPBcM6hQYNZGicfo7kdkiZcQkzgEdisopvxpsthTnlOqwe_4etEWekp-hrMdGLkB0CJX6qBHMqM4Iw7QAFH-20gxJo23U_Op-BC19IxoK0s25FSJ9JOTS9gxvZ705qxWfJaZOIKWfshaJuFWc7-UOTeDRiGIhz0R3qrP-C1t5l8lBLzCsMbDlEnLvH3of7EY5fh5NqcM0G73PmPD2jcGrxplMgDadX8IWh0s8-1GwRGqzBmXRlZcR0S75rWg_XIy8ZcJZNu00oPBMDOk-X2ATQ6qfbI2u9daV4YnTTIZMHNSU-cOvdST9d9r_dEcgCD-ipAihFpwF42-GH0PVtyUx9FtVVy5id_x812mu4xh5NNCj3Rusw-g6bV0wsl-Od-silb5JM9PoDLHvnNp60zDoCx0nCduvp-LvCtecIdaLo2squ-uqscFP561kSf1jKd8uZs_ikX9f4z-ENva-Yd6AKoU5pzUdjcUtxmO65V7TCiG3-RphggenoSKM7oyrNy8lm9ZomVKK3gYu5AQ8rW0FJdogiDbeAc8eQ4gb6sogEaWuoSiSA8F-XUXLuTcZox31JMfemAlERHBZLcMIQGRn-YkYv-0vqNbv1jw3WfjXd5Hq46rxW27iwcF_sfqz2EHgqeHVdCO2eGbR3O_QiBsYRUwoTgCAhwOLRIvU91tBo-kHEFSjcMOEGfvhrtVU8lmaTozXLr63K7EHBgsnZcVQ5W2xH_HEyj1_k2bPxxdyJP9pMzbQeKegsItOthKHx_flrlRLmbJ_XdfJJ3RGUO_5pLsVISXj2Pf-vfGxE25dm2g8hNPapldsCZ1rYjfi0usPzYJz-WcIZPXxdfhd6V31t1AFLIB0ts590F29YK3pMSdbpzzC5uf4Z9yXceM4BmcNAm4xgriSpBzgOOr5kSwXX36T4qF8XUdsdAh0_Cx68JHa3mMQSj7PdnIA9YnpABhJAjSzHiqn86Eci1ySzhm6AOe_Lal0zVWUc6l_BOqANwk0P_npl_i5DN1FoAaiToDrWyfEr5_7VudpWzZXLcUT3hxy16o6-3x6tYT_u5EuSE9J7mbSJrahvEly4Ug8NcyMBMNjAteO-oT7vhW96eD8z5v_XtQOLzYL5vrfNpuPjmopozmrULdE31WQ0rk6QMrHTC_zT9ti1XSY9GhdyjHFt9Pg0bAOm0EF3jox_DNTzAnh-8HMAiXF6BIFd4Oacm6D-sRHUvzmPJl99SAsiYGn5hj6AiQZh0J2v376yG4QRFFAQuIqfmVFoyBr5z1MVW7YP0y717Y2XNxLdPw10AYqNNbay57eAqgvkb1SZSay4-2yENVQZmjTfijuV3ZGnH_PBagSxnbQ4b3UKj1LZbazemu6rWQNZC0kVGYY91hME5_rFUalcRy1qgM6EbFEGZmd_zDG18kopu4wyxGANEreOqY6NJAxZEaRwmuiMjyQTgSU0dLuqXEPxG-smj-5xAJyUxNN21ysAGjgyTpjpHmlrN6TBW56ZEjr9NHmw6LhqjGqDoZv2gLPTihdcujGTTpU3nGVWUqkMQmQHHso8fr7XKeOGCN6w5t4lRoNtRsaF6lr_EcttHgAgzsZ1Q3-PLGZRvCKXhWuVDK_h0Oh9Q_fNzLsla0h1rKs0JWwvtTYRQzji_rANQiVE1YaCjwkgTkvT2chixvG9_4q9Tv2nrdnkVHDrxusL8noT62KX77X5iS5LmGc7fap2egCl7xKatQg5yevJvrUpWE_Ut_tIVE9ZQgM0ScnPICI-GgHi2DuO86jXqWIfNnOl4JHzS_w9HW_I5dgpwEi7vMw-p9OtXDmkQWZmuzPkdPM2SsDMOKAXcpRWHTOHD8ym8XEEY3eg81msYDxjRtj2G06SxyUJYhcM7AK18vHLOJWw_Ln8YsT2F7MyGGEfIbSRDn-IzLIdrUSOP7zMF5oQ-fQ0kDJurDIN5dhAFhm9FYCjH5IWbPAU8xjD3sfkWAyoMciwcp092gBV2rQqetf6Qiy3ovdzcQvBt0Erka2DZmRLp6Ibu-bo1hjNz53FYXOhp_l1RWxALA06ANRn9i7izSZ285efalL2I3nLmn8h_UtZ366Au4433vBf1yLMOnrihHbxPAk61iqzoREDy7pAPXYzKe_SZeJw6PkKvTOkPEGibkjLhxtc4eL0By6Y5ZKuLqMKt_HkmHovzd7XN4&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=12893604305619182000&adk=2857193499&idt=129&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:05:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 22:05:36 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk0NTI3NjYxOTIzMAogIHNlcnZlcl9pcDogMTc1NjMzNjY3CiAgcHJvY2Vzc19pZDogMzY5MTcyMjY2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 3D06 0
866 B 151ms
78ms Image
image/png 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk0NTI3NjYxOTIzMAogIHNlcnZlcl9pcDogMTc1NjMzNjY3CiAgcHJvY2Vzc19pZDogMzY5MTcyMjY2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1MDcyNzQ2NDk3ODI0NjIyMTk2CmRlYnVnX2tleTogNDI3Mjg1MTgwMDUyNTQ0MTExNAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTg5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA3MDY3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xd1eaef87e2e7134d0000000000000000","13":"0xbed173ef1d46c9d60000000000000000","14":"0xb69c7e7a4f11fa1e0000000000000000","15":"0x9106faddd21549420000000000000000"},"debug_key":"4272851800525441114","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5072746497824622196"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5563 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H/1.1 200
OK iju9wczm8trb Show response
hal9000.redintelligence.net/zone/ Frame 3D06 11 KB
4 KB 135ms
44ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1704945275702968&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D
Requested by: Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 70c8cfd0874871a70605eb449e68a820f69ceac52a46fce3a1021a1cadf91646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:36 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4196
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2

200

B22807636.328475542;dc_pre=CK_f2Yy41IMDFSWp_QcdF9AGeQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/ Frame 40E8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK_f2Yy41IMDFSWp_QcdF9AGeQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rd...

42 B
110 B

61ms
60ms

Image
image/gif

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK_f2Yy41IMDFSWp_QcdF9AGeQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N8714.2382313DOUBLECLICKBIDMANAG/B22807636.328475542;dc_pre=CK_f2Yy41IMDFSWp_QcdF9AGeQ;dc_trk_aid=520608733;dc_trk_cid=117012770;ord=3772531521;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 891E 0
0 85ms
85ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSvQRe2afZfbzKoui7_UPtdWSuA2H2tWfdZi_7dngDpLp0uCyARABIMKm1htglYKAgLAHoAGnx-LbA8gBCakCs85bvRRrsj7gAgCoAwHIAwqqBJECT9AFsqG5Rl_a6FvxLtCZUCv4WA13tfqu9DS3HHYFzI17cLpDE3rOB68aWX6pWR3IvIY2FXh1u_pOuMJO3ncqACOTtdczPF89bUHgrfbDBoqBMDc9UOVvkJ5z9dJiXhCC9bryZP_udm7GS6EG-hFDN_V8pPi7ZudV3cK5Eb18TeF0S4VZ9p-KKlktYNp_Y60JuYcxStQjNn9AnT_oFscrWkhG2yW1dvTeEtrGHK1pPMdTtAHeKBqfy4qN10M-WTlZxhaADxUmGPvy3XY7zfdNlZptcdM_NuWTgc4GTDVm5-PRbDULL_ItkzckIfvUN7XvvclSTeWmOLihCCr-F0J1LzDIu0vZGqinKUgjtyiaA0PuwATdtNiFzAPgBAGIBamHqfU1kgUECAQYAZIFBAgFGASgBi6AB8G4nSSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDehgjSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDmgkxaHR0cHM6Ly9taWtrYS5jb20vZGUvcHJvZHVrdGUvdG91Y2hzY3JlZW4tbW9uaXRvcoAKA8gLAaIMCCoGCgS7u7EC4g0TCM3Wkoy41IMDFQvRuwgdtaoE17gT5APYEw6IFATQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzAxOTA5MTA5NDg5NjI2MBjSwBY&sigh=aI_HADbIg18&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&template_id=484&cbvp=2
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 521B 38 KB
13 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 193740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 08 Jan 2024 22:05:36 GMT
expires: Tue, 07 Jan 2025 22:05:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8f0cec8041c165cafb6d32d04ed8f04b.js Show response
s0.2mdn.net/sadbundle/2628882822767335906/ Frame 39C6 135 KB
39 KB 41ms
39ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/8f0cec8041c165cafb6d32d04ed8f04b.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:02:32 GMT
date: Tue, 09 Jan 2024 09:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154324
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39491
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DCCA 236 KB
63 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H3 200 min.js Show response
s0.2mdn.net/sadbundle/5926429941439173355/ Frame DCCA 61 KB
13 KB 56ms
56ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5926429941439173355/min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb1e38a37073de29c60238c56c91d61d673823953d7ec65b90d75e61028bf2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:56:42 GMT
date: Tue, 09 Jan 2024 08:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154674
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13551
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:25:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 40E8 0
0 84ms
84ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqRTbe2afZffzKoui7_UPtdWSuA3ZtYDCatTeiJCuD2QQASDCptYbYJWCgICwB6ABlbavngPIAQngAgCoAwHIAwqqBIkCT9BkqXl7RWK7Wqaq42Ep3ZWCvFzpRIk632vPnQ0ZbN5fzGrV9pj54yGvyn_jE4PUckTYlvciyZOrmVYOFrcXxHy2STvm0V4IJ6S4OCqJ-0P88zudo3QRWiL2y5tnfKqawZNy0Es9T0nh4BipeHfTBhDl5GwvMC5yOzB_DLOsPUaaylJ-EglYxziUglhR4FEVgy_gV9XUz-H_cwl4fRTtZ9yN-YwdDcv2fU1Pewz4Fadivgyq7X_ukG25IiEP4H4rYedKU3ez-0Yivns_He3XAUfvYlv7aguQt5nurpbjInaVMNFPgMf9CDNCLN2yXtI96lHFW_gQ-Mqzz7GNPL_Cq424MRdyPaI-pMAE4KbFgsgB4AQBiAW5hpvwA5IFBAgEGAGSBQQIBRgEoAYugAfTydBhqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ9bcT0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljJmJKMuNSDA5oJS2h0dHBzOi8vd3d3LmF2YXN0LmNvbS9kZS1kZS9scC1wcGMtZnJlZS1hdj9wcGNfY29kZT0wMTImcHBjPXgmZ2Nsc3JjPWF3LmRzJoAKA8gLAaIMCCoGCgS7u7EC4g0TCM7Wkoy41IMDFQvRuwgdtaoE17gT5APYEwyIFAfQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzAxOTA5MTA5NDg5NjI2MBjSwBY&sigh=Tq4RSSAPBoE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&template_id=484&cbvp=2
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 container.html Show response
7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DEF4 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:35 GMT
expires: Fri, 10 Jan 2025 03:54:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900016.redintelligence.net/ Frame 3D06
Redirect Chain

https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

287ms
209ms

Script
application/x-javascript

138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a8c23a260c7c6a8b0756d6dd684f5fca1fb9e1a3473cc70182ceaa9c683c7361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 03:54:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 25862500009992004444554012566016
Connection: close
Content-Length: 1326
Expires: Thu, 11 Jan 2024 03:54:37 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 03:54:37 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 11 Jan 2024 03:54:37 +0100

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 521B 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame DEF4 4 KB
744 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 02:08:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E17B 14 KB
1 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 03:15:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E17B 2 KB
822 B 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame E17B 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:09:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 125B 143 B
166 B 43ms
43ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E17B 3 KB
1 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 21:55:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C51 1 KB
643 B 46ms
46ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67266
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 11 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E17B 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E17B 0
0 49ms
47ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6tegSfCiRINAUnRXc9cZX4Lk1WurZqBrjRqhZEd_sDEdhv7-niMXPG4w7-r5f5V3Yn3PnYDIo68n37UuFGYbk-iEUJw
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E17B 205 KB
65 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 03:54:36 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame E17B 37 KB
16 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Apr 2024 13:56:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame DEF4 22 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17030
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:10:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DEF4 205 B
519 B 136ms
49ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:51:36 GMT
x-content-type-options: nosniff
age: 201781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 19:51:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DEF4 604 B
696 B 136ms
50ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:13:03 GMT
x-content-type-options: nosniff
age: 153694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 09:13:03 GMT

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 1 KB
643 B 51ms
43ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:50:24 GMT
date: Tue, 09 Jan 2024 08:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 b12f997e7da0395917cfba431a0482fa.png
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 33 KB
33 KB 47ms
40ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/b12f997e7da0395917cfba431a0482fa.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0afa493ccc08690fd4131e8678b333737cb350f11e5604615de0aa9670d1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34241
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 94e45cebb0229013465638831852e6ea.jpg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 17 KB
17 KB 52ms
45ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/94e45cebb0229013465638831852e6ea.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e4757f903c2602cc20f877c285f2d8206ccec6e63a6f16085f3c01da4f3faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16924
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 5 KB
3 KB 51ms
44ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/2628882822767335906/fonts/ Frame 39C6 172 KB
75 KB 42ms
42ms Font
font/ttf 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/fonts/ibm_plex_sans_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76650
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/2628882822767335906/fonts/ Frame 39C6 173 KB
80 KB 45ms
44ms Font
font/ttf 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5563 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhON7e2afZfXzKoui7_UPtdWSuA0AAAAAOAHgBAI&bg=!9Pel97jNAAaumcC-jpk7ADQBe5WfOJkEfQFV4cmFlQGL6FUD5WfFRbwkaAyl4MYvv728L30mPOW--a5zUa0pcrs4OdvDAgAAAIBSAAAAAWgBB5kDB5qG0UA6yVb9ESmZq6o_8zBvwfL6ulzkQjhOm7leg0ki0d-CGmo7QrKzr0iaPkcp_Fv9Yo5VUXNZoN22WM-_IDNn8xUI2sMfDrs6zWKplQmryqwa_dhbLWL3pybY6Ol3rlFKx_chv22IVZFUfQa4SlXTje7UsuP1Z0woiieq6MAQ6mEckiVczS-2Til0p92tReg5r_J0fNDKqfaS5EYMyq-wjPSqc1MU6sDs-wCEnqghopn0Q3lPZY29XlEisWFjw_gNmkE_eo0pVfGn14710-JpAMBMdnszWdOP-lohFenkcxKk-Pw3gj4y_0CYZ-GFenppzlI8VXJjwaYMP0x2QIptRVFNdT2H25ayaxpaYvnAdpqC_NdfnggwRcL0NbG4t5XLX-KFo-qqxJQWqwQNsIrvtjyI8uetd45wXGIM6zpxyhgtGJTvLy2rX6028LaHQSNbVyRT7pnJ-R7cGoBR-5uomIfKaRpRSTlOI0ImoaUX5bzqHasU6VLeHgxgChsjnkRNSoNA1mrN1RkMUfmPiFpOj-Tkn037goBOiLIaSFnp_m0bBBU4RRoOm26fBK3aklRE1FW28Ye1SGFD_mdbim1Yc3XOAdf6fo4y7iLyZBQ3tjEdClcl01y56wmpZcL1fBNLmQGVdOa3RyBYLWtvKFK_xOogJOECFHwnWSj_Jl5h2zmlyZTV--zdkaG36geEwO3lwqqdgkg_E-Rbn3H09jm4GNNUezO9hLODrt90P2MWinDTBqnTqurAYWTzv4T4O23MqAisNryFkC0wI62LGDskSWxBh55OPxPVOjmzX3dO8qYAt_Y-mraGVA9tmETMm8b7UEUnlZbbND1Oc8eLONxmbFvqHHNd_1AX7T4E3C2Uu5aL70DpzS2JQrCbbWzWaSc-EOsAK_gABAsavWr1F-DRRYKzG6axQ66aZz7Dsq8P1-g9SvqwC65yH1l8oN_-n9oDcjlg6bndmHZRu4klpR7pbXtE0QAinEOuMJzwcazmfJ6ATiz-vm2sGL-kEkzlARSEMRSFyWs

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ebay_schatten_blur.png
s0.2mdn.net/sadbundle/5926429941439173355/ Frame DCCA 4 KB
4 KB 72ms
72ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5926429941439173355/ebay_schatten_blur.png?1703156159905

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dd8e64563b311aa7a5acc15e789d43a9f5f9f5c54bf557a951d5b14515d7e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:43:18 GMT
date: Tue, 09 Jan 2024 08:43:18 GMT
x-content-type-options: nosniff
age: 155479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4490
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:25:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 8140 0
0 77ms
77ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssdy2ulDHecFwQhvCH8baa0TId2RzuSR1XwBJ86glnB2HOW2XzA8RzTrU9Z3OJdsGBvUjFdusK9x2RWZ2gBiF_lujwlcfHoH5hzrvfFWthwBh9Cc-Yq_Xr4QBJ_qFICuVOcCJMlsJ2NtyCFP144pnMP8fQ5C3kU_-dq1s1tdA7x0D6IylbOI-5RywxhRySRme11HD8pdcQYL2xdR-zm25MA6c1A31EuGNCkLD6RLpdH2NriKLVBoLd3r3IDXb2RscArnDY_MQYQia_psyHktjlK39Om-QtVknHFP5PJhYTbI9Jt6GKjaRcoHm6Jn6y4LD69wpzbL5zLkYT3JxG-a1K-GXRsVZV9H0zjTU7Sk1UMvFdbzxZPXLjz1mdVep3thDFLVqm6Or1tYkVS5tOL0f_NdfJb5Xs8oYkhdz2f8dhFY3O68tvwlyJxlZ-1w52DMQW2znOJYvbImc6slKmU8OafZT5HDmFe-tNX5NF1pdE0YINcoKM19sXsJOoi7Ik0dH-aW87WRwcMRMxnFAv4pyOODBxs8g0tBUQp_U6Pxc2i26YtzAFllV2Rwcr0J8V5lcKjUrXqRmberOynElRu94RYpv9tXVBavuz8d-Vr-l9kDAh-3jh86RzkjGYgpqttORn8FkRWAHoim9QV71UsfbwpQC_6QAKjKsZlo-JC7WYng9ymSuS7_qCDXVjn28swpLf9TO6lzofuBpcbzTMrHAaGzhH3kgrenrULN4xmrvW9EvdlcIscCb1yKDsl4PSpylAF558qiA6CPc24oDx3d7Ct_pdI7Cu91hIPmMhgo28FiCi1CbxViXB2GtxNyHRi2p86kmt61APlpMVTY4S_MxbG3oUWOwcNxwYKDeFKHcm8cZQHX3BienEZNLIXuL3Qn39_XsSdXNeCqGf0k71m_fYceASuUk8TaStjREhpeiT7EZVmSqMItRD2JLeAOktmZO1DIySgTtqWlCK3kSmjXAvCle5-5m19JUGTNgUz31X5UJbfaYR1vRuqmZxAcyIzyybDB73NgU0sx3A4Fpc9vslypd8ZRbS5q1niS9O1EvTyY-cIsdIqVuiDshrwplCcPDpXPcQx1Zm1VZmWJiJnaMWJmfCrPVKL8KLysMZTuYDH7kF35lc7uhtG1zf3tAhiFUkb3zdP4d4ZUIYKVAmNdrPzJScDWOjdk6e8c8Vrz81wbFXWW8_B9DS2xktZ0aUPzxFcCl7xkaYPUQcjvazUNk1qd6ZIZkY5KFDKxVL6Xma_fEAe4IDCmyA-4jKoIvf3y3bfN0LeC23zQd_jMU5Fnsdg7eIu7aUyW2j-3lVOus7O62CT4HIue1bUH9dfNdVdy01DdfhVRceXcvP2fl-mSxM2hyAaXr-qAlpgTseY8gYal2ci3MNyZQ&sai=AMfl-YRwAzoJXMXnov0mKLu43-QOETx0CIk80Pfuhm8I4pq2qCOmGT36ObdD8-TX0S5zq_4HhvVmLXOzoZegeELCoz0RJMTnR78yKvDiMDF5lPYXZ34s4gDORbnMFZJCD38YqVkOjfmntPB-5uwZQQvYwAiFegw5gW5DDNQtqeHqMLP2-bLX2IP-Yg9v72SxNSurwiuWJOCT84MGM9XfuuT0h8trOGl6qdljUd6xpoca-7mjI5yC_2viSqHM_Ne_XB92MAQIGooJEValqtbq5jJ5V15VHAOpi-31xHs6xgfyfCa6yJMGb1iFxFdRxTzKzTfZZa3X9Xphtz-_S_xjDtRsYkbkWuggBJFW04iThUIcr6w_Isqw89L5Iy5x3O3my__hdU4SV8H-w9CaLNUsQt_Ve-aBPXQ0tR2l6ftlPB-0FNquY1XagG3WwkkFvGIyxYeoZFYxtvXNSgmbkkAYlq1qQyZ11tFYxg8sqrxU0LrnUUIl4EDV7l_c796kUuPd4Pv8Y7lFB5f4Gidhvw&sig=Cg0ArKJSzN0gIYo8s9R0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lYmF5LmRl&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=593&vt=11&dtpt=349&dett=3&cstd=243&cisv=r20240109.17864&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B88 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BUVEVe2afZfTzKoui7_UPtdWSuA0AAAAAOAHgBAI&bg=!ZmWlZSrNAAaumcC-jpk7ADQBe5WfOBFxNBbZje6sfHH1YN8iIm29wieraXxt5f58LRcllxYfSN36ZfUASY6075tnciYYAgAAAJtSAAAAAWgBB5kDENrmK7P01RDl3xtEoUudAA7A70psUU8idCeZMbXPr70e0GvSkl-FMA4BhFldyR9iBdL-74zR2T2I5xXun7zZ5ppMUpOQQdRs58yCSJ1uQKHDY20y_xpfb42v4E3uNKkttKk8pNl2L8WLTyPmEv1FS8EF36vgDNwkTZThuC5SMZBMCyPhvvgh8mTEyAPRLcMhEUDXje-wPCGRXltM2Ba-7o6wHqQMIb1oo4rSzGqX96KFUznzYG5yi0dlkOAHIledCUZrRGnfRp0hzzhWO6wK_6tV13M9hOs36MNj8-zCAKK1qE76CyZ0PLjMNbOu_Rl2wxD55yl-D4tQ6nDcHvCgUbqU8ZmzoJi6AUhMhZ4L2OCd_oA68mKUGEqjdWVXiCjaE6ChJA1sK1fncBMvni694cPyrLk_WDAasqIBLz0faocYazzFm-s1xSvtEWfMHp-OVKdvoZJpmAW7BCF3l2-tRrNPsUbdrVmvgW4SDqSMdT5nKWPawEysXJ4wCb-SajJZ3xBXt3MTKMelxJhkCeOsc-ReTrSUQIFSTSwM2H7n7JIZCrw1D9fEApLmDJz2YBUrPxyeXCTpLgsN1ZaoPy0exBP_cMezQSWbMmFq9LQAUQ2U4GkbloVLaLHoS5QQPe5txKyJJFI-OcBKwFvzogyFKEPwi9QBvq_9kcvGc7B_w_eUYUf1ehMHmHabbktFHPMWNeIzzR27MaRoKMtBNO5yvZClzePZD9X3VxoNVGdtNwEDB2aOCoXzKgYL2ZsN8-sVm0IVl-5pYp8jo5YmDD4dwVtUjIbNGs8-8zyWi14-TceonZpWCdSm6hdw-YVeZ9zy0kkSNFBofrqiNSyerQ7fCigomNXrg6BEH3xuByIzwIcUWEYRjfDOeyCCldAZpjFSddM1A58jn0bjOOOqUBZ95IZhJtrOOKi1d2YbjaphQLK-O9atO4CYaNrc5uQwQy-ZAyGIu5-ZhiBdFIl-ckxo9jt_iVYlLtLCdN5T9Y6xPgkCxaxUM0_xFPZAbRW7G3wtMv_2GrdGhN_U4hPWtYwI__w

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8C51
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tn...

43 B
422 B

253ms
252ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 843a382f9f95bb8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 859
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGropnOzuC8BNqSgtkS3YyA&google_cver=1&google_push=AXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjtG3d-CnkDgGQiYnC3S0Q3U71JeYAE2tAL9C6_gZ-UpvLcCt58m-Zucts6SFQSCzsE75JfguCSJOl2mAXrLtqTp0F_Tnm%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 843a382e4ef7bb8c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C51
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEFvnNZhnbvmpelsCKe3w3og&google_cver=1&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD2Do_1TKW9tmaa
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=702CDFE542E14C2F8E0FB8F1B0FC8D77&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=702CDFE542E14C2F8E0FB8F1B0FC8D77&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD2Do_1TKW9tmaa

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 Jan 2024 03:54:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=702CDFE542E14C2F8E0FB8F1B0FC8D77&google_push=AXcoOmQRzmUH3A8fqYtsNtrQjW9mL-gOKAkzIVzBaSRjUvHWZ-OgTr6rMAqlvjH5SRagjmlSId4OKZPk7gKvMYD2Do_1TKW9tmaa
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 10 Jan 2024 03:54:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C51
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELH9fCTpEWLj-dLwWQpohXg&google_cver=1&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4T0VCRFctMjUtNjNCOQ==&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku5HdZRzfFdNNzKKZ2-1fd-Phs2

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4T0VCRFctMjUtNjNCOQ==&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku5HdZRzfFdNNzKKZ2-1fd-Phs2

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFI4T0VCRFctMjUtNjNCOQ==&google_push=AXcoOmQsmCmIBfpKKfvrZDL450iQ8Mw687jSkWCR0xCI8qsYp7JY1UsV3_Egwza5lcqF78EUBku5HdZRzfFdNNzKKZ2-1fd-Phs2
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C51
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_hm=ZZ9mfAXPKP1aH3SZG49StQAADJ8AAAIB&google_nid=index&google_push=AXcoOmRmkVyrE6qVm634-p6sHR3dRrgTNjVqD...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_hm=ZZ9mfAXPKP1aH3SZG49StQAADJ8AAAIB&google_nid=index&google_push=AXcoOmRmkVyrE6qVm634-p6sHR3dRrgTNjVqD7He8u6xgC35WTwsUreRoCpHbt6FfWF3CDdtvSkjkWanHgr9tKGSJ4SafzlT4D0

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FjgMfRvif1pXZyHkJr7Gbc2%2FoNxarnrut0sH9327jw3hFfoCSIvasJLwjQOmPGjGymYI0dwCmrr6bnvnUVlihHdWi%2B5q84k2ykvt0ufweoldfR8a6uiNipJgJipfTT5fkv%2FOPcPx5jXMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN1xNumTa2lmD4fggKxHqE8&google_hm=ZZ9mfAXPKP1aH3SZG49StQAADJ8AAAIB&google_nid=index&google_push=AXcoOmRmkVyrE6qVm634-p6sHR3dRrgTNjVqD7He8u6xgC35WTwsUreRoCpHbt6FfWF3CDdtvSkjkWanHgr9tKGSJ4SafzlT4D0
cache-control: no-cache
cf-ray: 843a382dcc5caca4-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C51
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELLVCDrN6MK5rFwBVzxcGgw&google_cver=1&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3NDAxNjY2ODA5MzUyNzE0MTM2NQ%3D%3D&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfi...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3NDAxNjY2ODA5MzUyNzE0MTM2NQ%3D%3D&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzA3NDAxNjY2ODA5MzUyNzE0MTM2NQ%3D%3D&google_push=AXcoOmS7pRdsBlLfX8fgM2hd2JT3BdZGhACiYCIZiSZyIv6FOIBckJfiUaMs7drXBUoPyHQMenVD1_tzbXxu9YoUsmJa-wxb2J2o
date: Thu, 11 Jan 2024 03:54:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame 8C51
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKPTtND8Puxi...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQagcF-UJT-n7hcvPQqysM5OM3sLh4jC3v7el0LRss2_k--4iAzCcb5L3D38XKt1lO3kIpgGNC6Md8bFJpbEjYUx7-scvMwxA
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

61ms
61ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 03:54:37 GMT
pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C51
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=93ae5746-f6cb-4ea0-aba1-afc75a2e3a04&google_cver=1&google_gid=CAESEK6UyssemCCjNFEEOSOof7I&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=93ae5746-f6cb-4ea0-aba1-afc75a2e3a04&google_cver=1&google_gid=CAESEK6UyssemCCjNFEEOSOof7I&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRZe0frT59ksLDEjbKSW8MW9n_9v7xVk8VGUzMr6MCJI8aROB81HYJ35sCfZZxZ0wO1eei3v58eSygChIOppAY-GRVASCvDlg&gdpr=${GDPR}

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=93ae5746-f6cb-4ea0-aba1-afc75a2e3a04&google_cver=1&google_gid=CAESEK6UyssemCCjNFEEOSOof7I&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRZe0frT59ksLDEjbKSW8MW9n_9v7xVk8VGUzMr6MCJI8aROB81HYJ35sCfZZxZ0wO1eei3v58eSygChIOppAY-GRVASCvDlg&gdpr=${GDPR}
date: Thu, 11 Jan 2024 03:54:37 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C51 0
12 B 48ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO8l-7-btJJVMrX6V2noNmiM1bgdIntx3TT-N3Ikf8OqGzZtS14Dw0pD1CLFFQsfkC48UDJZI

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 125B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:37 GMT
expires: Thu, 11 Jan 2024 03:54:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4700 0
0 79ms
77ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv53MphrEyMTZQkH_Pl9aq6PV-qKu9o2WD2kcGD75hI_1tKFUdrKYP8hvhAr4uqDxVlFII-yaxLoEy3c7V8j1fcG5yeU1Y_2vbYC3QCUwdp0FZSGkb7i9VkKcMUSJRVVuhwhimUeuWzn-IoIiqe7lRSeZk5zhyuUMuf2SgUIoVGRG6rDP_7wnIYWkysfsrA38O8xO-1SOVNat4fPRftBmS3662bcLQcippAhbssINDb5hrBnVjkhLx3BzChGFCdEy6evi8qN9gk565N5FU-jUm9uG9mOHMkDDRY4UwvQEM9Y7NhAlQHdOtNVhoHplWsw10ZtQkcWxmJZqeIQ-vY3ab85qCtYqgUtWxngNkYkcEwUYRNM2EJEsrxSCKhPbHjVPzahIDWpVVidtWTrnzZfZSpES-Niql9zNCzauI-otIjrDPsayvCLu4yfkVnMRPfUt1quk15I4zVCHOzr2UakaPN90fow-dzX0K9bg9CpjY9xGhZyrMC3e6jbMeOD_KICczVbLcJTtcvuNXspmSJRzUq4RH79h5MiDOxvmG4B-pOO0mPgfOXv60J_O4Ama7AeLsrUlp1w66Ta6cp8FWVFYjM7qjMpg3nYYsbDPvaRfNm17uymWqQA9IMVj7UPdQZlxpFW_7H0VdLLSWZQamE252EWawZAnfxZGamTeY0Gh0uJ7HNLGJ8QuHHi91Cgs1vU0I0l9cF9Y-NmgpLVqks3x7GIKsM_kMMH2V97xcunjbSq-MNvwgh-iLlDw03qOIANwgIRHyqoHb1C9qDNqfMeb4H_WVdOvjqBX-AfbHLIIQbBLp7njaR19uHWnenCJGS2-3MwJ5KYetOqpRpiFuaRxYonI-PGBwcFWa4mlDkQ0Ra8JJOluMrLmu8jQYUDzDWnKFp8Y-4QdgSau5720Xa2R8ev9_X1bl9soQnD47TMYoGzRFfbCcJz5s2v3UkY11ci0K-LbPhtpANh4WY3PA02gGDwhzeiWJQSGgZaZ8600_AWMfqzAsfTsrfFZygW5BrW8sy1rrSPbY_Q1It5WthEyAgfB2y6tjBsjUVRjV-IrnagOa0pQOevdBelccPrYz6I1MlapsMvBzq90gwSDFbx18aOHKyDBAQgn9qakw5ib6oqVWtjYwysoNI9zrlm5BN-8IKe4eRq2cd0ZUsKUZLxyZJZ4aCdPnCSwCs306ULd8HN1i5aR_CH1GHnBfXF93ueEDbaEF2PieTT3tcTmwmTK_7Dq5LuUOQvRE_G9fMbQbPAMAvYisbl7oCLUpaI80SfRaq6TfcfMoAUONKiEy3rmCCj2_1PQ9HbTkwoUsaoQlDxzjw-va8AUsuT3ONHbCzCmDxcHf_HP1-Qn2xewiqWE3Sdg&sai=AMfl-YQScbYDHDsbIbVTemvzPaQecGQWbdBb6SxWotCqtxUa7e2F2dM2Hhp0-1slM89Dd7QcLFyw7RCYvJG0V7RSd2m_EQ2_dr9wxX2qzYqlSCG6OOgQ2Qv57wEqYizqqv4yYZNloEbVLjPe6EtxFq4WBgQs2IoImczyJ9TBVYZkVQWFkfOqBmlAejhLnqDAWB2Y9Ign-sTk_lOBAHBDeHvGXxg5k-K43JM-IIBIGXo0LK5PpufnE-tLITcnNM_2Q5qRWc0betey5m6FgIryDZGLwBLi5oJQtFJ0EUd3VPelyzj1LyXioH_dTn6FWRP1azAmlIeilxKYDes2x3u9Wi1h4jC-mnmAfcW8YzPbNrwVx991CgnUXEDGC2yIgsLuw9kHB4328xS97u5P5yoHl9qnfgzPmHtb39Ld9VkCR6JYQCjyffApe1Y5CkQhA_JnUeDG3fwAs4SYMI4bdM5N5x8oarsMsCSO5rIyaZTugMXyegDr4kgs7N6zdiRPSx5KRRZixRGxTThfF-k&sig=Cg0ArKJSzFt9o4DifJZTEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20saHR0cHM6Ly9iaXRkZWZlbmRlci5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=686&vt=11&dtpt=413&dett=3&cstd=272&cisv=r20240109.95177&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 shadecopy.png
s0.2mdn.net/sadbundle/5926429941439173355/ Frame DCCA 5 KB
5 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5926429941439173355/shadecopy.png?1703156159905

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c339f89dc500874e3668c8bb18b314bf9d39ddedc913346bb1baebdf74c87769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:00:01 GMT
date: Tue, 09 Jan 2024 09:00:01 GMT
x-content-type-options: nosniff
age: 154476
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4862
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:25:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 5 KB
3 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 1 KB
643 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/9c69f07deadda884c61396a404004929.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2628882822767335906/8f0cec8041c165cafb6d32d04ed8f04b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:50:24 GMT
date: Tue, 09 Jan 2024 08:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155053
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5b19690c436021cde6ea63c4b9650dc5.png
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 8 KB
8 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/5b19690c436021cde6ea63c4b9650dc5.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b780dc4b00f123ce191f12564243e50c8a6266337bc7c5dc7eefe753a10cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:46 GMT
date: Thu, 04 Jan 2024 11:36:46 GMT
x-content-type-options: nosniff
age: 577071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7771
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 b12f997e7da0395917cfba431a0482fa.png
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 33 KB
33 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/b12f997e7da0395917cfba431a0482fa.png

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0afa493ccc08690fd4131e8678b333737cb350f11e5604615de0aa9670d1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34241
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 94e45cebb0229013465638831852e6ea.jpg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 17 KB
17 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/94e45cebb0229013465638831852e6ea.jpg

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e4757f903c2602cc20f877c285f2d8206ccec6e63a6f16085f3c01da4f3faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
x-content-type-options: nosniff
age: 577083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16924
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 521B 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9K5vfGafZd7lJYPq3wOn76zgDQAAAAA4AeAEAg&bg=!6eql6qXNAAaumcC-jpk7ADQBe5WfOPGIurF53VOFSpwYAbC3FghsfJQAj_92XH_Ru807dTaL_oLo_-CgLz8HfF4a-xkJAgAAAFBSAAAAAWgBB5kDBQyVnNMOFOLQK_XEBQa-V8hexm4rtWcEi0Gto18nxICiePuxM2pNYF-q6GUOiUMR1bu2vAzgwt98QQjb5hX17Y606pciiXblA1I_FLE5yY5KiLvprWV6JfM4ZdsLX8wIYl9dFmJKC3VMWpHM-_eOhiV9HlZIEXl_piPS0bT1IKUWS8D5K3ybtvZH88I9RqH6BPrPRllCu4kRVV4yyTxxxdJFkAiA5yh-PKk07G5puhlHGdlh-njyeZNhkVQ34cpkYA-8kus4tCn1TvXEMex7hc5jxR4Vf-CNzZPdc2v3nRE9s1URBhT-Crl3aJA23qE5blzy6WTsfVe-CwEKt-ROICVKDRD_NzwJsVNLt2XQcMF9t1DHG3d8qIl5YRcBxNZdCbahd27Py-AsMTArikxG4bgeWuQx_Vf0uLiIBLrz5Rp5BxkGdMsTHqb1E6jNAFtTahE4EP7-UIXxbTkKPH39KT7n3eC9PDPyaEXcsEYlKIrb7HUz4JnIKTNF6nEc9RFyh1JxlzqH14TzXTqHj9FJcxrAoCl4GrFTL5z_HHS-mRv9-Khu8t7me-u0eYyMK26hJv8pJ8QAXZteQ4w8MzgrMnusASFL1vi8uAxNYpxOWTWoK1FU3pRdElog09_s157wC9Tftu09Aa2LonQCBC0W9ZDV9s5mqjz4fNL3UabwWWGS6z2LOEUXjnH19J_IS2XuZp9BkcRWlRsPQiUZ0UAWj3KK-j7a5BEiFma70cChdhHZ-D8EuBhOKDgiQjaHGagl6xHGk_brEODHlnlOurfEV2TZROAcxtIY1k6dnjM8WKyOYWkFEMV9ti4SN4Y0c2pkBWDYLiUH6D7VP8xIJ7-EAqyRH90OxE76uNPtE1PPLJGb4gsQySruFMHMGu4lMZ3qOIkGO1hPSJmr-f9OAz3hMJOC7I1Cu9f_Xqn_CxoM_HVZm5LciMTc-qzdc-leOUesXUdzfyZxZ6kMbwrwCgGF5ZeKrFwYZn31IazCE4wd-LEPowQSXYkqTUU9mPeryKuA3Gb7o6Q1

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 visual1.jpg
s0.2mdn.net/sadbundle/5926429941439173355/ Frame DCCA 76 KB
76 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5926429941439173355/visual1.jpg?1703156159905

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2f362e1dba19114097b5b691c2e709f8392968632f7bb40c086496e3b530359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5926429941439173355/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:02:24 GMT
date: Tue, 09 Jan 2024 09:02:24 GMT
x-content-type-options: nosniff
age: 154333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78126
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 13:25:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AA8 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:49:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:49:58 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 007D 930 B
924 B 150ms
39ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 11 Jan 2024 03:54:37 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 18 Jan 2024 03:54:37 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame 2593 0
327 B 161ms
50ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 11 Jan 2024 03:54:37 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3D06 2 KB
2 KB 249ms
138ms Script
text/html 13.40.252.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25862500009992004444554012566016&nw=1
Requested by: Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.40.252.97 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-40-252-97.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 0d0e6383d3c9e2bd3802f70c1965afa15efa9fffc1c9e948c13cf69bc0087022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
last-modified: Thu, 11 Jan 2024 03:54:37 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 11 Jan 2024 03:55:37 GMT

GET
H2

200

activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888 Show response
8019191.fls.doubleclick.net/ Frame FD67
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888?

391 B
328 B

84ms
84ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888?

Requested by

Host: www.baixaki.com.br
URL: https://www.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

d818f76331cf9e307a999c6fef396e57b84b98924d5a8d07e639160729fc31ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:37 GMT
expires: Thu, 11 Jan 2024 03:54:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 94BD 7 KB
2 KB 128ms
49ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=ba3e3e0e6c&subid=&uid=b057d5b371a0caff&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCMeQhe2afZfjzKoui7_UPtdWSuA2m5b2gaa2VnKfJD_AuEAEgwqbWG2CVgoCAsAfIAQmpArPOW70Ua7I-qAMByAObBKoE9wFP0C6g4qInlyH9X83CjNQCL8VQSmEbF8mYJsiNkYDGxy-ApGUkBYLx0-MDQc8l8o2T_su_LXURd_2_h0rYcfw9hch4IhYKPoDj_msTbrYk7T4LeIe95wAi5RjNSrwHiMrs7cSkI30F-EunGb4aHw2dCd8RRnDgzL2LB0u1kl6kJGLoSuCxP2rprx0vDyDSNHI2YsTvMtENyDXZMNpfeDzisi4M-GIGI4Ch5oNnx2keAk00MiGBcJWcvsl_ntnOIopN2rbnNkGKTXKBX5gHBJv371jfvMswOGcVBdUvqGAj5MMR4j5iMaUSHvU0UgqwJIPbOm405TpLwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WMmYkoy41IMDgAoDmAsByAsBgAwBogwIKgYKBLu7sQKqDQJEReINEwjP1pKMuNSDAxUL0bsIHbWqBNewE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ%26sig%3DAOD64_2QFVw4Oqmp0wJNEgb0PYveKbtiYA%26client%3Dca-pub-1712420989769758%26dbm_c%3DAKAmf-DRpCAiwyr2bX5nm7aEuncmIvwazJMAhlmO6e2wIJ5vurAWhwtbkiXgIJTIoVGKIOGy6nwZu_553h2BDSJzbaVnxGQwyvh3JiXrnEIZY1r31zdUO4_QvzCTuF8PeYcjE8kZw6Gjm1Dn_gldedB3_T98RIsMMkaSzL5OTxE8xAFVe0SF6qs%26cry%3D1%26dbm_d%3DAKAmf-BnqA645GRByXqfwgdANG5hLR-4g41RRbOosvp6yJDiQ1_lNxOurOEeNL-Oj_7hRuhYsDL72DIuHk8gpvm09DGlMqGgeqY8zhRfl_v4eIiuRPdTUCKuvzxjec8iPgIF9O6eAZCMuqFU00bxD20by_mpW7QVcIHU1laWhqh4X8f_00zSQUxXXrj-sUqJ7NN9UqfsBPp6Riniu6FCSriv4D12UOoia0LVaxlIOjVEj2o4TSRsMWBlMpiLQeXE9vM2A854IwlisUqc0OGy7ekzUkQf3_lIzZboOJs-M0V8quapFB0kK5vDPoPSpowZmElX-IbbV2ZBFlnnQe7j14RBY6lG-IrzXksvVgCwq7CWPyKgwtlvpbQ1MLxIt4rtYZ2vYVbgTbRjZj_spInpIFLlGcbyceD7nN-TmoB5eauLYqgQlE4RuVgLLduOXFRrODq-VnJp9ED20J_KYzvNcUq309_U71x77MUtGEJ9Cmti-WHsyV18S8bz9K9sLKS1L99Z8pwWAFgsRuoO0ct1PsymXlLG7HgvHo4ganiEFVbIiRX2HEhgF2w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.baixaki.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.baixaki.com.br&random=941467414855&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3525bb3ba0314bfb5fc801ffaffe076fb55f1220126b47f27ccbed02f154287

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2032
Content-Type: text/html; charset=utf-8
Date: Thu, 11 Jan 2024 03:54:37 GMT
Expires: Thu, 11 Jan 2024 03:54:37 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 3D06
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

119ms
119ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=25862500009992004444554012566016&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 11 Jan 2024 03:54:37 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3D06 43 B
704 B 247ms
151ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=25862500009992004444554012566016&pv=1

Requested by

Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 03:54:37 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 3D06 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be023ee978af67c55a26d907a24bc74337717a3c0f65a1c6bd02335d0dc06d23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 94BD 5 KB
682 B 114ms
114ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 03:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 02:58:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 03:54:37 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 94BD 16 KB
16 KB 194ms
42ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 533fe4b3b42f95b89a9f0563b80f0ba2520592e177963a6106ea0a4e13a5c031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 94BD 17 KB
17 KB 196ms
44ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 04a03b9dd7d0df20e1a0bd34a7ce6f1dc41e4508bd7fd0ae8ce3d4ab40140511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 94BD 11 KB
11 KB 194ms
43ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a845417341a30b2c114f2e5716cc2a98cb686d297adad59f3de38f6fa301fd6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:37 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10940
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 007D 177 KB
63 KB 120ms
120ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe8dd63b8361611d0eea25b2c7e5f8c610c5715e9441ad1bc2c68c05235692bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64509
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 03:54:37 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3D06 54 KB
19 KB 128ms
37ms Script
application/javascript 52.85.92.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=25862500009992004444554012566016&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-67.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:33:50 GMT
content-encoding: gzip
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 10:01:16 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 76848
x-amz-server-side-encryption: AES256
etag: W/"624072fcf9e7c9c12da505b4794801fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MiIL-rbQkNicb9l1OzIc9gBZoRjTwP09szxw-YQJ5hb28g6UM8vGDw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 3D06 3 KB
3 KB 115ms
33ms Image
image/png 52.222.191.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1704945577&Signature=B0bbHClxxlAhi0WJKRvabAwtwmGVgBKc6mRYXXbE~1KDpkV6hyVQVSa2IWTiShoeuO7tQ7A8zNel~q4Z9NHNA2eQPLNBn2Bo4GHtPTH8xZRDiC8aazWPoQJOLZlv27W-Hxf842YRFRPvFOtjt-JOyF09NG0UxI1BYvgXj1UARvdSGJ~wdEsKwehSJFEyiwqUzfq3j6WMyhgWH-Dh0EpgvJ9HbvBFzR5oQ4bs~sQiSU~Hk~Fs5UrskuCBj3WfgptowGdvO90rbm3WYeRo~73u3WYaMAh45FPfIEbHfp9wqdBTPEFxal6Ip1KA2P0uYMK7qd2Yh51GXLrYty-EtXxurQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
URL: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.191.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-191-108.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 10 Jan 2024 09:14:45 GMT
via: 1.1 fac12edd3ea2d7d16f6e74eebe042dcc.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 67193
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: bdrvZ9e15POsZX3H-3kz9HcdOhwVntGa6XJGK6ea2gAkQXx5U3eJaQ==

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 94BD 0
150 B 124ms
44ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=25862500009992004444554012566016&a=da3d27a5&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=25862500009992004444554012566016&a=cb28bf60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 03:54:37 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 94BD 14 KB
15 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:12:00 GMT
x-content-type-options: nosniff
age: 211357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 94BD 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900016.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:49:48 GMT
x-content-type-options: nosniff
age: 155089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:49:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 007D 276 KB
91 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

146ce59cfd5c213bd5c48481d35daacde6b74007218e6d068bc1f92c0e263345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93548
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 03:54:37 GMT

GET
H2 200 dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888
adservice.google.com/ddm/fls/z/ Frame FD67 42 B
401 B 164ms
78ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CKiwgo241IMDFYzxOwIdYoMJzg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=370543885362.3888?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8140 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQMmd_g68KBfFmJaXL8kZZuVostsVcotbtQHnFQu4kuxN6XSvyyhHN-0p-JCndf-LYNkfLwGq3MJqOdPfQtmWXESqGIIb30wKzp-9jQeHj7aZVvngB5gl4o3sMOOVoaZ4PHbn8NXmtwepTuk0rF_xilz6N&sai=AMfl-YQGjBp1OHbDkkDTCADyV0gUFiWMaERJQ1xP3v1rchsyg7dDsr4X5G8YlUnM-i7FKD3t2jIyO1oN4T8tc2P_kOjCTPabmPf5eX7-DzsARr7bTCDYs-4a0hgx79bud_HeGA79T0O_EfEQtpTduIZHww&sig=Cg0ArKJSzJQPtryF_ekNEAE&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&id=lidar2&mcvt=1001&p=1110,315,1200,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2460663856&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704945276333&rpt=417&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4700 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-I7uq6DMMsp4dCzBhb6mNsw5vPWPR-Ov-QMhnSbOpkslrhcXb5E68N_paOkEHhHRZpnJoxzyHI40QZmBwH9i0BooXfFqimHSG648-RLUN6sb-Q5WxDGdTMO28S9cJFBPVvkRPDHsgeoNJQlaJ2d61k1ZW&sai=AMfl-YTZJEPYvZsCnUUIpUAe8t-Jz1Ybv3gZv-BfH-zpJgV_Qa6XcJrgVn7EkqVunbaG5fyfAgncjQjeLZ0P7PBZYJdShUL6FJ-obJJIOgbQm8H2dYKNPSVpXzbfljiBkbpxbmDNiotK8PXnGQ_GQdblEQ&sig=Cg0ArKJSzJOKJNwjDjXqEAE&cid=CAQSTwAvHhf_v24FeifP5xAZPJ_VESDbQhiXfHLtU1-dWaRSzAEGx4d_y_n3DpMWRxw9sq0_gUA00sYTXd3TBxEGsQxjmf5ijHoxK5QrMOVGYJUYAQ&id=lidar2&mcvt=1003&p=86,315,336,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3987075887&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704945276317&rpt=459&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 132ms
131ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67fbad54f33ba8422ad4bc51c6643182b40f00c5c335f4f940cf5056bd1addaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12134
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 126ms
125ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1417375104&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=10&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1951152624.1704945275&tid=UA-144680-1&_gid=1903115099.1704945275&gtm=45He4180n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=693723199

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 12:23:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55838
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 126ms
126ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1417375104&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Milhares%20de%20apps%20e%20jogos%20para%20voc%C3%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fwww.baixaki.com.br%2F&el=25&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=1951152624.1704945275&tid=UA-144680-1&_gid=1903115099.1704945275&gtm=45He4180n81PLT9M46v848907248&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=89360500

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 12:23:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55838
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 890ms
890ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 03:54:38 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3D06 16 B
209 B 87ms
87ms Fetch
application/json 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jan 2024 03:54:38 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 166ms
50ms Preflight 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 11 Jan 2024 03:54:38 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1882106149846&version=m202309260101&ct=77&x=1&cor=12893604305619182000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 03:54:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 17D2 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 21:55:40 GMT
expires: Thu, 09 Jan 2025 21:55:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1833 829 B
560 B 49ms
48ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fde670674bc85367f08c93bae1545052cefe1efa4f991fd251ff70a6682235e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5g6DuTXjtsbzrczE-PKQcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5g6DuTXjtsbzrczE-PKQcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 03:54:38 GMT
expires: Thu, 11 Jan 2024 03:54:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 17D2 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:54:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 21:54:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1833 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=3679401967722405&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 17D2 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?anO4PQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:54:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=3679401967722405&bg=!ysmlyYbNAAaumcC-jpk7ADQBe5WfOPyi-mrYbCJu4vLicvyi9m2E1HQ6G7oD5sUJ6SfvYJddGQ5u3INFmjpuKsFQtjB-AgAAADpSAAAAAmgBB5kCsL4w9DBWjIcKldWthbqUikf5PzH1dKVfGNCBW42eVo-bZJQUZKQmPqSRigYkCm98zdv7wenjI5qOVm_vQKP9rwAXq3Q_nmS7ZNkEB8YxDPcYql9eMqez9e9MzeO6TzGnt0PWCuHgMZs4GLF1XOK9SwftMv4Ne0kIgAO6UVQW9XOzXfrxcL73NkxWSqj1Woh9dd42amiPuin3vpxCPabmFeWwrV5jDM1l4izbQY8GVOvh-YH7X9-aUWzX4zCj3vk9yHoBWtQ7n2nXCqkd7wFdHLc_zjt4nsRd_pxEtfFWzOwIKz4Olm-fBahumwvMw_mOIdS_Z_ICoQ_5tOq1LVSGRFlqq69C1tgncdwLRpO81Wv-1vpiVxUYwImGUCZhJtGy0J-Y2sx2CWRuvgIX4-sKloiAz0Z_unc_HxXu7LmaZ7-dC5ysdhkEdDofDKB6mzJOyNdKuWVuiCQ1xGIo2eMhsSItfPQJDiun-tCloex4CLJZrIVqJZLZXyqe0pyCPvftOi1ssNmpEO9qR0bSPoNmDMej8PM5xAivvGRGhNqLa128SVRD7yT7v2iSaT8mboYTgb7EBdEfp_znz2G0KEhhcQZ9IN1JDsQ5C72XmFl8wEAb9oNfreROb2XifAETrBrmOILK3Xz2QrDrE0wlq21LKV5FHxcJ7iznq5jiacPtSRRl4z2DUmIZxutYVPJNnQmnZIrcabJyrhhlHWysyz0kzMl5vxe56vTi4y_mSZjUqAoWlFWrXebEeO_mujlluHcVBkIYO4FH1JsqOiuJZnT-zb3G1JylkMhakIT0zXjN-JijiuvmT00hlT0-VI_Qq-LmJaX5wiuRrbmSnShGmyvJamOHwhye3U5CTxtN7iiCx6HZOGfoSLQyX2q-CfSgohicV-WBomuRjkDzl8lCwrkUiPU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 5 KB
3 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/6d7052ff6df13eae564657f4b45cc79a.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:34 GMT
date: Thu, 04 Jan 2024 11:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 1 KB
645 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/9c69f07deadda884c61396a404004929.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 08:50:24 GMT
date: Tue, 09 Jan 2024 08:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 613
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 5b19690c436021cde6ea63c4b9650dc5.png
s0.2mdn.net/sadbundle/2628882822767335906/media/ Frame 39C6 8 KB
8 KB 39ms
39ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2628882822767335906/media/5b19690c436021cde6ea63c4b9650dc5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b780dc4b00f123ce191f12564243e50c8a6266337bc7c5dc7eefe753a10cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2628882822767335906/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 11:36:46 GMT
date: Thu, 04 Jan 2024 11:36:46 GMT
x-content-type-options: nosniff
age: 577074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7771
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 11:10:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baixaki.com.br/	1970-01-21 03:11:45	Name: _ga Value: GA1.3.1951152624.1704945275
.baixaki.com.br/	1970-01-20 17:37:11	Name: _gid Value: GA1.3.1903115099.1704945275
.baixaki.com.br/	1970-01-20 17:35:45	Name: _gat_UA-144680-1 Value: 1
.baixaki.com.br/	1970-01-21 03:04:33	Name: _cb Value: DBwa_DCu_2evZW0sv
.baixaki.com.br/	1970-01-21 03:04:33	Name: _chartbeat2 Value: .1704945275530.1704945275530.1.C93ft-CDgHFoBZeKgrBSmx46wU-y3.1
.baixaki.com.br/	1970-01-20 17:35:47	Name: _cb_svref Value: external
.navdmp.com/	1970-01-21 03:11:45	Name: nid Value: 13f3eac7f86cefaf115ce5431b10\|0\|41
.baixaki.com.br/	1970-01-21 02:21:21	Name: nav13767 Value: 13f3eac7f8bdf4d54d55af327a10\|2_12
.goadopt.io/	1970-01-20 19:02:09	Name: VisitorId Value: 9b5c1a50-790d-45bf-be52-f6e913b894e8
.baixaki.com.br/	1970-01-20 19:02:09	Name: AdoptVisitorId Value: JwIwrAxgjAhmAMBaA7MeATRAWMIBmiIApmAEyJ4BsRwUAzCABzBZGNA=
.baixaki.com.br/	1970-01-21 02:57:21	Name: __gads Value: ID=9d4bcdb5ec0a64ad:T=1704945275:RT=1704945275:S=ALNI_MbfKZFaj5zrDHc8l9i-b-Xo-msjNQ
.baixaki.com.br/	1970-01-21 02:57:21	Name: __gpi Value: UID=00000d3f54ebe521:T=1704945275:RT=1704945275:S=ALNI_MbHVH81W9N9sYPLQv1GVvM94NzCaA
.casalemedia.com/	1970-01-20 19:45:21	Name: CMPS Value: 3231
.adnxs.com/	1970-01-20 19:45:21	Name: uuid2 Value: 3503944476427457103
.doubleclick.net/	1970-01-20 21:54:57	Name: APC Value: AfxxVi71wIF8nTXyJoLfX_SNDt5tMaMIbG_F1Epg2tyQndKL34Sr0A
.casalemedia.com/	1970-01-21 02:21:21	Name: CMID Value: ZZ9mfAXPKP1aH3SZG49StQAA
.casalemedia.com/	1970-01-20 19:45:21	Name: CMPRO Value: 3231
.adnxs.com/	1970-01-21 03:11:45	Name: XANDR_PANID Value: t8i0zp1ge2d1LreMtXLjd5r8uqRL7o1e3fdF1WbuJl1tl-55ibU3P8bVGMppMDkqX_AVg82EAdwc4cnUxyFjkKY3wR-mkhruD2ia6bTntG4.
.adnxs.com/	1970-01-20 19:45:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il`p6si'!]tbPl1M>e)ZlrFUfJ+tGXxoeQ1*/K1xkRS_-v`ZPz>FoWBA_.zykN*Psw3If)y3KL9D3I?-!cdelM
.doubleclick.net/	1970-01-20 18:18:57	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:57:21	Name: IDE Value: AHWqTUnQ3SkX8Gd09s5ohYt52OdycQ_WGpsWgRcqZ6iSZ7h5nK8ZiGLvYvXWCwZIiwE
.baixaki.com.br/	1970-01-21 03:11:45	Name: _ga_KDJP529EVF Value: GS1.1.1704945275.1.0.1704945276.59.0.0
.redintelligence.net/	1970-01-20 19:45:21	Name: 8lcfmzhxc8d6_uid Value: 01a12e99418086c4
.doubleclick.net/	1970-01-20 17:35:48	Name: DSID Value: NO_DATA
.3lift.com/	1970-01-20 19:45:21	Name: tluid Value: 3074016668093527141365
.csync.loopme.me/	1970-01-20 19:46:47	Name: viewer_token Value: 93ae5746-f6cb-4ea0-aba1-afc75a2e3a04
.simpli.fi/	1970-01-21 02:22:47	Name: suid Value: 702CDFE542E14C2F8E0FB8F1B0FC8D77
pixel.rubiconproject.com/	1970-01-20 19:45:21	Name: receive-cookie-deprecation Value: 1
.awin1.com/	1970-01-20 17:45:50	Name: awpv11601 Value: 113440\|1704945277\|23c7dc80-b035-11ee-86b5-22356fe9f584
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.tribalfusion.com/	1970-01-20 19:45:21	Name: ANON_ID Value: atntuJriIthP3PTRfVyBsPpMd1ljfpMWZd9IfoJSaZbUHVFYV7wiPsJVrWUOBNeZbL8NWNrfylR8cUt0pUd53SE6SZcs
.office-partner.de/	1970-01-21 03:11:45	Name: source Value: {"webgains_webgains":{"timestamp":1704945277705,"clickCookie":false}}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.baixaki.com.br/ Message: <link rel=preload> has an invalid `href` value
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7b281ca5fa8aaebc6055c9ad82dfb235.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
adoptprodstorage.blob.core.windows.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
bk.ibxk.com.br
cdn.ampproject.org
cdn.navdmp.com
cdn.pn.vg
cdn.track.production.webgains.team
cm.g.doubleclick.net
csync.loopme.me
disclaimer-api.goadopt.io
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
mab.chartbeat.com
medialead.de
osp-assets.pn.vg
p.smrk.io
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.rubiconproject.com
pv.medialead.de
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync.teads.tv
tag.goadopt.io
tag.navdmp.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
usr.navdmp.com
www.awin1.com
www.baixaki.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.75.89.75
107.22.81.169
13.248.245.213
13.40.252.97
13.95.152.229
138.201.220.30
142.250.184.198
142.250.186.130
172.64.151.101
179.191.182.65
185.89.210.90
191.235.248.36
2001:4860:4802:32::178
2001:4860:4802:34::36
216.58.206.38
2600:9000:2070:c000:18:1fcd:353:c61
2606:4700:20::681a:1e8
2606:4700:20::681a:ab
2606:4700:20::ac43:4637
2606:4700::6810:ef3
2606:4700::6812:18ad
2a00:1450:4001:801::2001
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a04:4e42::714
2a0b:4d07:101::1
3.9.60.26
35.204.74.118
35.214.144.54
52.222.191.108
52.85.92.67
69.173.144.138
88.99.165.19
91.121.248.44
92.123.148.9
94.23.99.218
00e048de0769316782958affb433958edc4633a88e40026e6060d9f2ce133d19
01e2fd2523c4b0e078bc316025697875d18c612ee54f491807679ecdfc51d637
02e7ce72c407f9ed6a8f6032aa8b8661ea8474687fc7551438d89f0be8cfa92b
04a03b9dd7d0df20e1a0bd34a7ce6f1dc41e4508bd7fd0ae8ce3d4ab40140511
053dc0b1a4cf06c65e6447715a0848e39197b11039e6d98246df3d25ff5f5e68
07b780dc4b00f123ce191f12564243e50c8a6266337bc7c5dc7eefe753a10cb1
0916161b872cb4ab6f1dfa7c20750a8fce580a4d5c32ba25e186b94fec118e90
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
0b5aa49b400f84b30a5cfb6ba1905f95c719db126e51bf83424b17c5b30eaf4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba90cb51345c9930452694fa5873ff972ab01afbd8aebb7238280edaef27cd1
0d0e6383d3c9e2bd3802f70c1965afa15efa9fffc1c9e948c13cf69bc0087022
0e958649e6e64e1567901095ba7b50bb253a35bb3ead1a40d58469d44c9082e9
0fa5e8321fa9c5f29b423dfedd6938f1e3adec63bed2a4eb483b99d306773862
0fb0436cc7262742d2a5a5e046e2eeeeaaaed737b9243d81a1f3b887d5bfacc0
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
146ce59cfd5c213bd5c48481d35daacde6b74007218e6d068bc1f92c0e263345
146f3d273bfb992421a17ce2da75fa5bf79d659150fa752c5959ec2e97759db6
157b0c2526e0f70d90786061cdc99fe46708e08e02740a4fcf996474c3a45954
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a729cf99ecdfe433031fad54c512cc762ea556eebdf171cbe2d4833279dfd86
1ad467d0d2ceeb88d150d04d88dab155ead3a4e12dd80982ef45ed605842b552
1c4074f3d17843aec206b2d04e5907098e13e192af61f651cd397b2410ee4b5f
1ce30851a7cf6f3641312079f5050ba5aa2af667fe8a05a77e1a1a3378337fdd
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25f2aa9d475ce40e3821665c081c30da7e85ae4cb4344e1e0b26bbaaf44a0337
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2917cb4b3cae07ec63acd68d493bc39f9c0ef828f44cfefd0bf1b122fb36ce3b
291ad59350731069a43cb924ae03eba4174c9157dbb1434679298877141e1fbb
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2aedc9b86544c1bafeb5d570171c442c79ec094bbf3bd6de154905ab0265f671
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e52de34ed636085ead8598c90ef5ac802d5cd018542099e4d15e6aad41c07ea
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30608cde5d9928f2fd035e3bedea29796f2dcd947cc6abf8ba1de43b1fe44461
3099a134b9cb9a3464b9f4a5b8cee9310eff8062380d11c614740ec39bdcd75b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b
3673a65d1382c26039ee58d4bb14c21cb4b564cc4169c31c3a25dbf0dc6cb929
36b884a5f0f03a5775e648cdf617e6ebb8da3b2d862be709de44b650a7784b1c
383c0ebf36d7f49984d2e8e5772c7c987126b636e7f888010d1cac9d8c4d07cf
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c9a00c2cd0e54ba2ea5898897ab0a23d1549653889faee464b1da81e70d853f
3f9c74b7349b1c19b614e66a7516ba9c652a8f47b55c75f8cdde02c3d72f91ae
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e4757f903c2602cc20f877c285f2d8206ccec6e63a6f16085f3c01da4f3faa
4255da23a46c62269c555612e6a837277d2f652fff5994e861e8af2e8cc6025e
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43440171b7464e2bfd3b57ca36d5e7292f6ee590f0a29a412d2e78916de4811a
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
46597f812e47136378b7077c08f83421c3e37369700d272945d319d017d0a8b7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a297315c6913ad935505eb259988c5f2379fd97f7146d27c48cce74b7750f76
4a9e7924f92aa4b7dc2908da939de89dfcd62360ceadbb097bab1e8f7554bb80
4b21c5f9f57baf05b6bf4dfc0dbdf43665922781cd672eecda73c2c67dd7c780
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf23ab2768519d256e54c43cd4b1b0847337268901eaf706be8e8056c47ede4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dd8e64563b311aa7a5acc15e789d43a9f5f9f5c54bf557a951d5b14515d7e2c
4f85492c07bce94a5c0bc651b12d1d0638851a0545d596e49f51fff8607ddafc
50c4e72fa798bb24c79482212f8b52b541ff39ba8996284f600cfffbca231dd1
527dab5e3cb7c7aaf68f30ec478a4ba06a1d39f4f6ffda8f6c6c7f1624cc86f5
533fe4b3b42f95b89a9f0563b80f0ba2520592e177963a6106ea0a4e13a5c031
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558efb4bb57d8dc5484a6c9f1f798853ce10a5b82975925179db53ae2ccae1ab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585a0107be50af87bd7514e6b4aacb375c2d7f36fd5dab216a50751b3fb52052
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67fbad54f33ba8422ad4bc51c6643182b40f00c5c335f4f940cf5056bd1addaf
6a61e2152bb0f50b52ed1d49a51f9095edcb2c8a11bc0ba5bc73516a0f3d0612
6af8a2c3967cb7185317f054cd2ef4479562f1ad7c36ae9db4a50063b1f8f0a3
6b33044a1e130c6ce86101a9c25a7d1cb3512f967c3da2daa2e217961cab323b
6cb1e38a37073de29c60238c56c91d61d673823953d7ec65b90d75e61028bf2b
6f61f41959b93deb3e86bffcf2d90842bf894e257a1008b19e02cb8e68e973b1
70c8cfd0874871a70605eb449e68a820f69ceac52a46fce3a1021a1cadf91646
72a6f12edae940aca5a959fc80f819f48fb0aa911fc2473abd695fb068946fc9
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
75db0d81ecaef7357e8399d89b5274a42f5f2b8827c5141c68a15413c4cd6177
76426616786a293598663d6a6dad41500ebb34b72c65d68fd54f3e43d29a3215
7691eaa8c71c03cce156b53d84ff310a3f96e7359fad51333b12a12b5bfaef96
773e5212fc27c78027f14527d5887bff61c774a9971863aed3f898c2cddcf565
79ed2e084714116ec490bae4fda28bab0a0c793c9f76bd3ca7261b69ffd27899
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c87e24e10faf770478b0c509fc4644114b8c6af7ebead3784202bbe1c677892
7d6d22eb94eafb53137ff8a33ebbda431cc11343b4fe629c96e0085987b1163e
7d7521cf77aba41609cc4611f0fa174b979318499beae8eb39d58f380f6bec87
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
87cfa18cefdfb554a12d9fce7b0937e3bb7eeff563f56314c04c13897891dec1
8a657fe831072589b2cbb415c5f52c937c97927190f63cab58bff2f6b6aadb4a
8a94221c9bd2cc9208de0d74c29e375f73d42a038092d3bee404f6b815c6bf97
8ae3d02bad4f6b49d4023c3130afd4fe03d63f905a8b879df69b445cbc034962
8b40d479048b1fbeede5cfeed09eed166514d21745664842a449bb653dfdde0e
8d37612880480efed1ce51abc1fc6195724a0ed41dee5e31806228e3884b3159
8e75dc8240282a52a0150d0eb9fa33d126c08113b1d671265efe394ad9608591
8eb600d1bfa136d87da7690cd2032c1906a76dcc1df0dc43fd0eb219d5356e68
90db844559ad88162acbfa61c6e9cd71c864b52ab6a36cb53d27028397c2992a
919699aeef5a22f4b7a7c74fee7fe1747aa481fe6e7c78804be8cd9377a997b5
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a10e20613db5438d11bb90276d180351351fe544a5668556cc4d9c9af4a399f7
a2f362e1dba19114097b5b691c2e709f8392968632f7bb40c086496e3b530359
a845417341a30b2c114f2e5716cc2a98cb686d297adad59f3de38f6fa301fd6f
a8bb6d92eedf4015e70e3ba031f4b93ad395c36210199700a24b306dc2c3074f
a8c23a260c7c6a8b0756d6dd684f5fca1fb9e1a3473cc70182ceaa9c683c7361
aa0afa493ccc08690fd4131e8678b333737cb350f11e5604615de0aa9670d1f3
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae80a23b91ba7b566c8d1076084b51208cf12782828cae7ff4f9f4a70c2ebce1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0533929c94679e1764e59854df5b4c35f25e12f2441858f1387a13c80c13303
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b482a075b8e378e7d97298bf551736169055ae1fa7bdc80d98fe515587f973a3
b6eb5e289aa7f91751efe70065d7ff71a9513e6252a7be3bb4c28f9421269550
b80752a98735c74cc0a908b9a6cb6e8332ec3f7effc7b646f2d3dc3f66960286
b88ab81517dc7fcb04ed5354d7c839b198d54b63ec20fb9bec790dd64f4e0ce7
b8fb8c87ad9bb7aa9d223693f8c0d1d3d671f6471cb0fb71c11247653217abfe
ba3c2c7f509173ab6a5052f8f2ce9fed59da307a1e1c3a3e0a29b5e3012b5d70
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc84aceaf64dcb162c0995315cf8b8587991b236c1789b5fd0975412f64890d7
bd96f5382a588d9c81a9abc95dff9fcf067dee7112e89aed8904f034492e1651
be023ee978af67c55a26d907a24bc74337717a3c0f65a1c6bd02335d0dc06d23
bf30c59ffa5f1a7a6aaa9ee3e5709fdb6037be113bea4aebf439ecf6d9e8c302
c0095716e7fb8c3fb000e68d0efb692aeffcebf94e0f206bca0616fa8043ccb0
c210128cf5f2fa3894b07115ebf85bfe774eb19bb9a3284f5fff5a71de49d2c8
c339f89dc500874e3668c8bb18b314bf9d39ddedc913346bb1baebdf74c87769
c45913f8beb4eeae5622a5e2d1d3a9ce31eab4b8da45111e6290e5d8fa5c365a
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c57e30f3e3440754bfd9c14304db0781d0d1226d5a3b093a4ed015f5007d5c62
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9eff84f192229df9e7d510b1d8d7111ec0a39287a68ad6391c565110fb3a8ef
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca848bb459064d2d0a527bd0840ec4cbdea5545ab07b8dc7ebb61c8d0cb1a954
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d268845e1bbbff18ed627d0263a2f3b63e9719b3355fe7f6beec6c42970141f0
d4e474f1050d67e8203653858209ae1a670c9e13a343acfeab863111ccb4b165
d518c522e14271b906265f143fa936af1733c1dc41ea8aac3644617cca64f94c
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5ef37381138e5c82aba1b09a5e9cb76a193c998e80f09e9ec9cdb8c0eac8e17
d818f76331cf9e307a999c6fef396e57b84b98924d5a8d07e639160729fc31ed
da82f01428de41bebfedbedfe2758031978fdb83814ef13c05cd5d1c483cf3f8
ddd3ce5c733e04011314e3fd1832a4a525f03a9b62ad2b3348f42d5213664791
de039e06aac753d6376c637d7e83001001e8bccabe34f438f5f420f984f73da3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0a33296a73e113cab1deff66aee1e7ae7ffb2731f6c839fbd2dfd331d4a026b
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3525bb3ba0314bfb5fc801ffaffe076fb55f1220126b47f27ccbed02f154287
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b3bce3c1b15a775ce649ad31875c6dba16c4df5b1b48dc879f4ed175b8f04e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d9b42644509e0035e0fc807ddef46ef15a3da90d12c8ebf93461123384570d
e60f79e352fd1a2df427e4c1df22aacfcba4ee52cbc724a2d40da34af50e1e81
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eaa9ab6a453b08f674a98cdbe87c3dfabcbb857113a37e2084afc47efcfcd1ff
eabf077afee9223da9d576fb1c8d876f717ee32f7fc28d18afd4d191af235b3f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed40095cbb8a9422dc1720990f3ac67cd3752f0bf432db9feca0288045849369
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f135bf4326499f395a69f4294ef0b589731b27a364bc0b0ec1ee25f1ebcc1000
f1c8ccf2c6c00fea2c67436e338a08d5aa7c45720ccf8a9d609859879930d189
f1e0fee79d0e7f71cd351a14cc1fa636c96cab2b528b0f063a2f019f33afb0d8
f36f506c995226a9b28bd0ff772e29f7103b4a8af0094c736fcb02c078cc6e60
f5904bd549353572027cc444a4a12473c04717561b0a3bbe70f09bb26331227f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f805dd01878296d8d30d229360f2d27db297cc3dc9c66735962843e7786159f7
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9daf103110d320d6e4f7ddedda404a5f342e950e478041f5f8b547cf7e481eb
fa001b35724882aa2decade92d44cfd39bd90da9018a0b9a984f4e710a8fc40a
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
fde670674bc85367f08c93bae1545052cefe1efa4f991fd251ff70a6682235e9
fe8dd63b8361611d0eea25b2c7e5f8c610c5715e9441ad1bc2c68c05235692bc
febaf4a1ace567d9e1c2a64b9721eaa47cb418db39c8869b38ecd480bdfde322

www.baixaki.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

272 Requests

92 %HTTPS

52 %IPv6

35 Domains

55 Subdomains

44 IPs

8 Countries

3219 kBTransfer

8658 kBSize

32 Cookies

26 Outgoing links

Page URL History

Redirected requests

272 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

272
Requests

92 %
HTTPS

52 %
IPv6

35
Domains

55
Subdomains

44
IPs

8
Countries

3219 kB
Transfer

8658 kB
Size

32
Cookies

272 HTTP transactions
10 data transactions