m.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.baixaki.com.br/
Effective URL:
https://m.baixaki.com.br/
Submission: On July 26 via api (July 26th 2023, 2:54:08 pm UTC) from US — Scanned from DE

Summary HTTP 248 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 56 IPs in 11 countries across 47 domains to perform 248 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is m.baixaki.com.br.
TLS certificate: Issued by GlobalSign ECC CloudSSL CA - SHA384 - G3 on May 26th 2023. Valid for: 6 months.

This is the only time m.baixaki.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	179.191.182.65 179.191.182.65	52580 (Azion Tec...) (Azion Technologies Ltda.)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 5	65.9.95.111 65.9.95.111	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4606	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:160e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
3 7	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
7	172.67.10.198 172.67.10.198	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
27	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	65.9.93.173 65.9.93.173	16509 (AMAZON-02) (AMAZON-02)
1 23	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
12	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9 19	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
10	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:9008:7637:b6ba:2b01	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 2	167.235.114.248 167.235.114.248	24940 (HETZNER-AS) (HETZNER-AS)
4 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
2	8.2.110.114 8.2.110.114	46636 (NATCOWEB) (NATCOWEB)
1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1 1	95.101.54.106 95.101.54.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.193.19.225 18.193.19.225	16509 (AMAZON-02) (AMAZON-02)
248	56

21 179.191.182.65 (Offenbach, Germany) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)

m.baixaki.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bk.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obj.ibxk.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.95.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-111.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4606 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:160e (United States)

ASN13335 (CLOUDFLARENET, US)

tags.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.53 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.93.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-93-173.prg50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.206.34 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:9008:7637:b6ba:2b01 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.84 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.114.248 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.248.114.235.167.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.106 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-106.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.19.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-19-225.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com 1 redirects 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	316 KB
38	doubleclick.net 11 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 114 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 232	296 KB
15	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17430 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 68218 ad2.adfarm1.adition.com — Cisco Umbrella Rank: 63231	90 KB
13	ibxk.com.br bk.ibxk.com.br img.ibxk.com.br obj.ibxk.com.br	418 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 603 eus.rubiconproject.com — Cisco Umbrella Rank: 638 token.rubiconproject.com — Cisco Umbrella Rank: 651 pixel.rubiconproject.com — Cisco Umbrella Rank: 374	14 KB
12	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 450 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1126 s.amazon-adsystem.com — Cisco Umbrella Rank: 313	68 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 312	238 KB
10	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
10	google-analytics.com 2 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 486 www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1851	39 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 70438 d.tailtarget.com — Cisco Umbrella Rank: 83668 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 293698 b.t.tailtarget.com — Cisco Umbrella Rank: 62691 cm.t.tailtarget.com — Cisco Umbrella Rank: 8976 t.tailtarget.com — Cisco Umbrella Rank: 8591	38 KB
9	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 240 secure.adnxs.com — Cisco Umbrella Rank: 441 acdn.adnxs.com — Cisco Umbrella Rank: 605	23 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	603 KB
8	baixaki.com.br 1 redirects m.baixaki.com.br	125 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 645	5 KB
7	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6588 csync.smilewanted.com — Cisco Umbrella Rank: 3136 static.smilewanted.com — Cisco Umbrella Rank: 11318	16 KB
7	denakop.com tags.denakop.com — Cisco Umbrella Rank: 255932 cpm.denakop.com — Cisco Umbrella Rank: 297740	137 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5650	814 B
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	110 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	6 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	79 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 648	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 208	169 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 806	364 B
3	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 30121 usr.navdmp.com — Cisco Umbrella Rank: 36260 cdn.navdmp.com — Cisco Umbrella Rank: 7617	6 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 76	3 KB
2	ck-ie.com us.ck-ie.com — Cisco Umbrella Rank: 3271
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1687	1 KB
2	richaudience.com 1 redirects sync.richaudience.com — Cisco Umbrella Rank: 1860	412 B
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 421	390 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 797	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 457	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	529 B
2	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 230487 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 245353	97 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 361	45 KB
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 601
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 593	616 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1285	106 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1395	481 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 912	434 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 369	649 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 766
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 868	714 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 748	543 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 807	465 B
1	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 24286	179 B
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1590	338 B
248	47

	Domain	Requested by
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com m.baixaki.com.br googleads.g.doubleclick.net www.googletagservices.com
23	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net m.baixaki.com.br
19	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
12	imagesrv.adition.com	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com m.baixaki.com.br imagesrv.adition.com ad2.adfarm1.adition.com
10	s0.2mdn.net	imagesrv.adition.com m.baixaki.com.br s0.2mdn.net
10	www.google.com	3 redirects m.baixaki.com.br tpc.googlesyndication.com
10	bk.ibxk.com.br	m.baixaki.com.br
9	www.googletagmanager.com	m.baixaki.com.br www.googletagmanager.com tags.denakop.com tags.t.tailtarget.com
8	googleads.g.doubleclick.net	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagmanager.com m.baixaki.com.br
8	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net m.baixaki.com.br
8	m.baixaki.com.br	1 redirects m.baixaki.com.br
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	3 redirects tags.denakop.com googleads.g.doubleclick.net acdn.adnxs.com
6	tags.denakop.com	m.baixaki.com.br tags.denakop.com
6	www.google.de	m.baixaki.com.br
6	ssl.google-analytics.com	2 redirects m.baixaki.com.br
5	pixel.rubiconproject.com	3 redirects
5	csync.smilewanted.com	tags.denakop.com csync.smilewanted.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects m.baixaki.com.br
4	token.rubiconproject.com	4 redirects
4	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	sync.1rx.io	3 redirects
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	www.googletagservices.com	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com m.baixaki.com.br
3	aax.amazon-adsystem.com	c.amazon-adsystem.com
3	onetag-sys.com	tags.denakop.com csync.smilewanted.com
3	c.amazon-adsystem.com	tags.denakop.com c.amazon-adsystem.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	stats.g.doubleclick.net	2 redirects www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	m.baixaki.com.br 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	us.ck-ie.com	csync.smilewanted.com
2	ads.betweendigital.com	2 redirects
2	sync.richaudience.com	1 redirects csync.smilewanted.com
2	eus.rubiconproject.com	tags.denakop.com eus.rubiconproject.com
2	gum.criteo.com	tags.denakop.com
2	image6.pubmatic.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-9964-3.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	m.baixaki.com.br d.tailtarget.com
2	ad4.adfarm1.adition.com	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com ad4.adfarm1.adition.com
2	img.ibxk.com.br	m.baixaki.com.br
2	cdn.jsdelivr.net	m.baixaki.com.br
1	match.sharethrough.com	csync.smilewanted.com
1	ads.stickyadstv.com	1 redirects
1	cm.adform.net	csync.smilewanted.com
1	sync.targeting.unrulymedia.com	1 redirects
1	ad.turn.com	1 redirects
1	px.ads.linkedin.com
1	ap.lijit.com	csync.smilewanted.com
1	static.smilewanted.com	csync.smilewanted.com
1	acdn.adnxs.com	tags.denakop.com
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	www.facebook.com
1	secure.adnxs.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
1	ad2.adfarm1.adition.com	ad4.adfarm1.adition.com
1	www.gstatic.com	9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
1	tags.t.tailtarget.com	m.baixaki.com.br
1	prebid-us.creativecdn.com	tags.denakop.com
1	prebid.smilewanted.com	tags.denakop.com
1	fastlane.rubiconproject.com	tags.denakop.com
1	cpm.denakop.com	tags.denakop.com
1	prg.smartadserver.com	tags.denakop.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	disclaimer-api.goadopt.io	m.baixaki.com.br
1	region1.google-analytics.com	www.googletagmanager.com
1	tag.navdmp.com	www.googletagmanager.com
1	tag.goadopt.io	www.googletagmanager.com
1	obj.ibxk.com.br	m.baixaki.com.br
248	78

This site contains links to these domains. Also see Links.

Domain
www.baixaki.com.br
www.anrdoezrs.net
amzn.to
play.google.com
goadopt.io
nzn.io

Subject Issuer	Validity	Valid
azion.com GlobalSign ECC CloudSSL CA - SHA384 - G3	`2023-05-26` - `2023-12-10`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-04` - `2023-08-02`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2022-11-12` - `2023-12-14`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://m.baixaki.com.br/
Frame ID: A85CBB80583137A7C802C912842D34AA
Requests: 105 HTTP requests in this frame

Frame: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E648BCAC976124B66F6D9E32897CE06
Requests: 1 HTTP requests in this frame

Frame: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 49F7E5192C82B0AC4AAB9991F16EE8CA
Requests: 14 HTTP requests in this frame

Frame: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B1E670520195571E0D3D4F7D7480170
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDS0I6HBBj1p9LxATAB&v=APEucNU9cDimG_AlRfiTXYVYJJ1M2z5HJJ3amPx3kI66USjDSN0EZOH-ukfu5FSyra6DK90gs0Y2qvbA4_qE9cwTBhNhVVrDeDneUTcpnGcnf-MSwDstf8mLmrkSf-telacv-J5RngOw6n4IBCw5EhsZl0otpXuXV4rttnWcCQqYVjF8VR8H2T0
Frame ID: A426FACBBAE0312D490BDC9FD4458485
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59023B9930454F7FA2DE3F8935EF9B02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EC4AAAD516DDD9254E9B853F69218F5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js
Frame ID: 37DC0DC7AF4D3C6E2402BE02C6524291
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55DFFCB952A033EB003B0607E8045EF6
Requests: 3 HTTP requests in this frame

Frame: https://ad2.adfarm1.adition.com/banner?sid=4836337&gdpr=0&gdpr_consent=&ts=7260140737819115878&kid=6025927&wpt=H&keyword=PACS_4837500_18234966&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Frame ID: C2A9C89DB451EACB4995A4781EB35D29
Requests: 1 HTTP requests in this frame

Frame: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 264B4A61591578979D0292267C19A272
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXC-Ud_iTa6EjDuT1jUgqPRQew_o8yy5Rl2W9djgOY4BeDAfSgtDe5-obW19MANIrWAJotC-gkIDtL8dTunlmgVXyRwDCB86pxBpr18A8hdzUj9wWeb6gD58pX62RXCVtatG7S3BGlorHMdqo46-8TpO3QBcCj6lhNSp8NFFAMOcCD3c9Y
Frame ID: E5C907EF79D7792961D687D125441CE3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4B84709B37A1151261653526B3C66374
Requests: 15 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: BD9B965FA2C7A5DDA5B2703C74997C4F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D21D5BB68090A9C78610F88D9CE4D506
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
Frame ID: 26DC7D8A19CF56DADBADD1EDB771C707
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9471E7322ABC42C64C448194FC55E5FD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 7F8CE6FFA47F892708CB9E25DF4DE068
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1690383240845
Frame ID: AD0CC29E79CDB5556ADD889897697A99
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B7FCB43FCF6EC735255F901FAD20FD27
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 0BEEB6EC1C49F2402901BEF832857AEF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4981D97C1C593C3EE5EE8021FF72092E
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DCCA3E7039F1EAFA17290B6689B0D72A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: B7992BEF7612FA49E35940969D67AAA3
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: CB06CC914EE2F441FF81D9D244C2CC40
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: ADF744D37DAA86A1043B3C25A1CDB514
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003
Frame ID: 0332524FABFF159F1E647347E048AB62
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/06a6e20b-2dfd-52cf-9774-d2b5f3b5e138
Frame ID: 421DA7F84CEF900A5945B1CC3BAAAF41
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 00C634F17F3C9B04372E49D520EDB9D2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 46B225966B11CFCC72F8848CEA600B36
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/df477e29af49a31deca09ff6486fdec9?gdpr_consent=&gdpr=0
Frame ID: B6B4B2476EF0B7CA3BBEB1872F163AD9
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 4349F2680D7DF0A14733FB688E1B3AEC
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 1DEECA40518A84F4A6497F1BD8E4E90F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Baixaki - Download e Jogos para Android

Page URL History Show full URLs

http://m.baixaki.com.br/ HTTP 301
https://m.baixaki.com.br/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

248
Requests

88 %
HTTPS

43 %
IPv6

47
Domains

78
Subdomains

56
IPs

11
Countries

2934 kB
Transfer

7482 kB
Size

73
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.baixaki.com.br/download/free-nfe-emissor-gratuito-de-nota-fiscal-eletronica.htm
Title: Free NFe - Emissor Gratuito de Nota Fiscal EletrônicaFerramenta completa para emissão e gestão das Notas Fiscais Eletrônicas

Search URL Search Domain Scan URL

URL: https://www.baixaki.com.br/posts/listas/4-ameacas-que-podem-afetar-seu-computador
Title: 4 ameaças que podem afetar seu computador e 1 solução para elasCom os recursos da Avast, é possível proteger seu computador das grandes ameaças que podem corrompê-lo; confira mais detalhes dessa solução eficaz!

Search URL Search Domain Scan URL

URL: https://www.baixaki.com.br/posts/noticias/em-quais-apps-os-brasileiros-passam-mais-tempo-ao-longo-do-dia
Title: Apps mais usados pelos brasileirosDescubra em quais apps os brasileiros passam mais tempo ao longo do dia

Search URL Search Domain Scan URL

URL: https://www.anrdoezrs.net/click-8347012-15203654
Title: Google WorkspaceDocumentos, planilhas, apresentações, e-mail, ligações e muito mais!

Search URL Search Domain Scan URL

URL: https://amzn.to/3NSfFAQ
Title: Amazon Music Unlimited grátisUtilize gratuitamente por 3 meses

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.nzn.baixaki
Title: INSTALAR AGORA

Search URL Search Domain Scan URL

URL: https://goadopt.io/porque-aviso/?source=firstLevel
Title: AdOpt

Search URL Search Domain Scan URL

URL: https://nzn.io/termos-de-privacidade
Title: Datenschutz-Bestimmungen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.baixaki.com.br/ HTTP 301
https://m.baixaki.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=188467957&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utmhid=579168488&utmr=-&utmp=%2F&utmht=1690383240216&utmac=UA-144680-1&utmcc=__utma%3D65309810.723846683.1690383240.1690383240.1690383240.1%3B%2B__utmz%3D65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1394466736&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957&slf_rd=1&random=3842012423

Request Chain 28

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=969082323&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utmhid=579168488&utmr=-&utmp=%2F&utmht=1690383240222&utmac=UA-144680-62&utmcc=__utma%3D65309810.723846683.1690383240.1690383240.1690383240.1%3B%2B__utmz%3D65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1534743046&utmredir=1&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323&slf_rd=1&random=231312897

Request Chain 33

https://sb.scorecardresearch.com/cs/8756095/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 88

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEyYC36QEQiwEYiwEyCIinBiYtLq3K HTTP 301
https://tpc.googlesyndication.com/simgad/8579365493167841872

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMEziRhiWErUSDW-HWipZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEP50vilA-7qCK1-464LuLzo&google_cver=1

Request Chain 114

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMEziRhiWErUSDW-HWipZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPs7P0gvkpLH0-cKID_HPfg&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

Request Chain 173

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGVBUKClsGbDTdiEqSKtwUk&google_cver=1&google_push=AaAOQGG-ovPVDObT-JZUK1Sj5ELwyT87H6nuXwbGFXWZMe-o0uDWxU2BeCiucGll0BZvRXlA1X5JTPnKAZkAgKZ4KOPs9JBc1Ck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGVBUKClsGbDTdiEqSKtwUk&google_push=AaAOQGG-ovPVDObT-JZUK1Sj5ELwyT87H6nuXwbGFXWZMe-o0uDWxU2BeCiucGll0BZvRXlA1X5JTPnKAZkAgKZ4KOPs9JBc1Ck

Request Chain 174

https://um.simpli.fi/gp_match?google_gid=CAESEHBXlJnpB0SroEdUcMOTlcE&google_cver=1&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOHae1Z-3248Vrdi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EDC2C72ECF84BD49F257427B98944E6&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOHae1Z-3248Vrdi

Request Chain 176

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhY4pfyk--C855aFuLdQm0&google_cver=1&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1bKERG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1bKERG&google_hm=eS1GMnpwR19wRTJwRUd4Zi40eGx1LlJFWnk2cGtNOFZsM35B

Request Chain 177

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMF8ct2qMBO2bnX225sH9NI&google_cver=1&google_push=AaAOQGGwf02Ji7_CGgDZg-CvHM0W4LVBA43Q9wMTKBmxGM7f3jGG6uTfPD8sB3GMzPn1wn8rk6Hw_znMEiWiA5SBQ0gYZrOPfav7 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMF8ct2qMBO2bnX225sH9NI&google_cver=1&google_push=AaAOQGGwf02Ji7_CGgDZg-CvHM0W4LVBA43Q9wMTKBmxGM7f3jGG6uTfPD8sB3GMzPn1wn8rk6Hw_znMEiWiA5SBQ0gYZrOPfav7&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o6yAxMm_QWybz05N3DwYdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGwf02Ji7_CGgDZg-CvHM0W4LVBA43Q9wMTKBmxGM7f3jGG6uTfPD8sB3GMzPn1wn8rk6Hw_znMEiWiA5SBQ0gYZrOPfav7

Request Chain 178

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZfA94qudi9SJ-NwHCZrv-7R_PeIUCZHqibP1ud1jC6uNG827jK3H275xqbw1uzZN3viHZtj9yJLyoXIP59HPn6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZfA94qudi9SJ-NwHCZrv-7R_PeIUCZHqibP1ud1jC6uNG827jK3H275xqbw1uzZN3viHZtj9yJLyoXIP59HPn6w

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHw9bn4mzr5M-WbVMrweBzQ&google_cver=1&google_ula=862479430,0

Request Chain 205

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 226

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/_YrrZRg8xXiMuUPW9Cf5DMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-t4GFMgRE2oI3I2tpxnP6_iyqEHp721EihNPC0w--~A

Request Chain 227

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTM2OWRjOWYxYTQzOTFiN2EwNmRmZGFmOGVhMDYzYTg2MzM3MmJmOQ

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0Tuz4WXJO6itR3wcInSFc&google_cver=1

Request Chain 229

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FugQg8HXScqOob4O6N_I6g&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FugQg8HXScqOob4O6N_I6g

Request Chain 230

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKJUJCD1-28-I593

Request Chain 231

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtKVUpDRDEtMjgtSTU5Mw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP2mOLusMtLlsP1tPsnE-do&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtKVUpDRDEtMjgtSTU5Mw==&google_push=

Request Chain 232

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J5cWDoCaScS2Tq_fQxP_Vw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=J5cWDoCaScS2Tq_fQxP_Vw

Request Chain 233

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

Request Chain 234

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1690383244541 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=718937348 HTTP 302
https://sync.1rx.io/usersync/turn/4188954886704146253?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003

Request Chain 235

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=2863623008553833081 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/06a6e20b-2dfd-52cf-9774-d2b5f3b5e138

Request Chain 238

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/df477e29af49a31deca09ff6486fdec9?gdpr_consent=&gdpr=0

248 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
m.baixaki.com.br/
Redirect Chain

http://m.baixaki.com.br/
https://m.baixaki.com.br/

21 KB
5 KB

31ms
12ms

Document
text/html

179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

a0e4397524fd5781891fca975016afd1b9ecccea7342a115687f0483366b3795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 26 Jul 2023 14:54:00 GMT
expires: Wed, 26 Jul 2023 14:59:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding, User-Agent
version: 2.2.0
x-html-minification-powered-by: WebMarkupMin

Redirect headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 26 Jul 2023 14:54:00 GMT
Expires: Wed, 26 Jul 2023 14:59:00 GMT
Location: https://m.baixaki.com.br/
Server: azion webserver

GET
H2 200 site.css
m.baixaki.com.br/css/ 25 KB
7 KB 12ms
11ms Stylesheet
text/css 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.baixaki.com.br/css/site.css?v=4

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

5ecad85ba6d1d687611e9cfa6edcf41c56b8b7cee19ef6d0576d07472e130741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: text/css
date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 19:06:07 GMT
vary: Accept-Encoding, Accept-Encoding, User-Agent
version: 2.2.0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 14:22:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 14:54:00 GMT

GET
H2 200 logo-baixaki-top.png
m.baixaki.com.br/images/ 2 KB
3 KB 38ms
32ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.baixaki.com.br/images/logo-baixaki-top.png

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

00b311cf6ee96aaddd21025cb368be72f70a5cd97cad47941ade03acc937ea86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 07 Dec 2022 19:06:07 GMT
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 2480
version: 2.2.0

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@9/ 18 KB
5 KB 64ms
22ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@9/swiper-bundle.min.css

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17401
x-jsd-version: 9.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA, cache-yyz4524-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"4691-p8Uo3JAYru/tmlIzcWjeyyIOL2E"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0kGY%2FX%2FP8bKL6iMekMQUrBBjUgqr07mVQOkV4bgS03xDkkUc23CJwRGy20pT%2F%2FtoQkbW8WRc0rW7czwrJl4n41B1Vh6JbCQarD0ysa5SnmpWwKsomsrU7LpLV3VvExLOTmcI8FUmcVewHHXSM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ecd79b2bc10365b-FRA

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@9/ 137 KB
40 KB 45ms
24ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@9/swiper-bundle.min.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16161
x-jsd-version: 9.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230106-FRA, cache-yyz4522-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"22512-6lnzeyMttt7iaUB4vyHhU6CbrN0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8ojv0bc1nMDoaKV6THr8ftXS4jqMq93osQc6fnPjBn59NJz9fk5wbuiaXbFxgMA3jhi5bD0Hi89oBNxXLvWkG%2BHt8E92ewkIf%2FSWRkYbDSs0WMFFXAmZ6eGuPOEtPP2H%2BCspaw4m%2FAh0iqGoI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ecd79b2bc14365b-FRA

GET
H2 200 20123236111001.jpg
bk.ibxk.com.br/2023/06/20/ 6 KB
6 KB 931ms
22ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/06/20/20123236111001.jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: f44220f62fd4bb6be4992fd3e6dcb1b84109d7cfd079b38f59f2f169a9b258b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 13943
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 5990
expires: Wed, 21 Jun 2023 15:51:45 GMT

GET
H2 200 19131514838003.png
bk.ibxk.com.br/2023/07/19/ 13 KB
13 KB 918ms
9ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/07/19/19131514838003.png
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 1834f92d68bfa365edd9d976ff075df8bd3db43116c7e377a377f676c9e8b308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 7433
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 12920
expires: Sat, 22 Jul 2023 15:31:37 GMT

GET
H2 200 12100753871044.jpg
bk.ibxk.com.br/2022/08/12/ 65 KB
65 KB 920ms
12ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/08/12/12100753871044.jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d74a6eb30b290b3301ce2e2c7461c214adee88be01adc4722725e1385525ad0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 88738
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 66326
expires: Sat, 11 Mar 2023 20:53:23 GMT

GET
H2 200 26143545793005.jpg
bk.ibxk.com.br/2022/09/26/ 78 KB
79 KB 917ms
9ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/09/26/26143545793005.jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5e57e1fc0236a89d86063ea73ae8ff58d86a066045f236588f9df34870c2b2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 131815
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 80198
expires: Tue, 28 Mar 2023 13:34:32 GMT

GET
H2 200 10165437368045.jpg
bk.ibxk.com.br/2023/05/10/ 11 KB
11 KB 916ms
8ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/05/10/10165437368045.jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: d46a5be7c437285922592fcb2654d2cd1daef3d69a46c823878fb7f0e1f721e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 16830
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 11496
expires: Thu, 11 May 2023 19:55:47 GMT

GET
H2 200 27112707400003.jpg
bk.ibxk.com.br/2023/06/27/ 20 KB
20 KB 931ms
24ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2023/06/27/27112707400003.jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 5999e602db91b3677e62d88d7a3860796ff5de61ed456aa828cda8d1bd1214f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 68797
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 20230
expires: Wed, 28 Jun 2023 14:30:36 GMT

GET
H2 200 01092117304035.png
img.ibxk.com.br/2015/06/01/ 37 KB
37 KB 745ms
9ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/2015/06/01/01092117304035.png?format=jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 21754c40ddb44a281cd35d71ebc0ac05c5160aca3a841dde85db24c6f91c6f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
last-modified: Mon, 01 Jun 2015 12:20:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 38065
expires: Wed, 02 Aug 2023 14:54:00 GMT

GET
H2 200 1727482292147-o.jpg
bk.ibxk.com.br/2022/9/programas/ 42 KB
42 KB 19ms
19ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/9/programas/1727482292147-o.jpg?format=jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: df137708c33a6b001ec6ea46d1f628f0b3ecc9f46a60d11bb249520b02056619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 94427
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 42976
expires: Wed, 28 Jun 2023 18:57:41 GMT

GET
H2 200 27123017857212.jpg
bk.ibxk.com.br/2022/07/27/ 8 KB
8 KB 20ms
20ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/07/27/27123017857212.jpg?format=jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: 13a0a4081ea4f913c64272a844d0221721826a3341f7ae1176a082b2d62ffd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 39962
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 7842
expires: Wed, 28 Jun 2023 18:57:40 GMT

GET
H2 200 17184846193436.jpg
bk.ibxk.com.br/2022/06/17/ 1 KB
1 KB 18ms
18ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/06/17/17184846193436.jpg?format=jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: b1eb81c781cf46da71d0915b6a6a27cf9948e114d6edc86f5d9ef41e81546dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 2017
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 1230
expires: Wed, 28 Jun 2023 18:57:40 GMT

GET
H2 200 13154907326307.jpg
bk.ibxk.com.br/2022/06/13/ 626 B
774 B 13ms
9ms Image
image/webp 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bk.ibxk.com.br/2022/06/13/13154907326307.jpg?format=jpg
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Azion IMS /
Resource Hash: c066cbdc78f0d270397ebf8ed16dc4ade815d0746128383fd1fd2e4f65145cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
server: Azion IMS
x-original-image-size: 1077
x-ims: Enabled
vary: Accept
content-type: image/webp
content-length: 626
expires: Wed, 28 Jun 2023 18:57:40 GMT

GET
H2 200 loading.gif
img.ibxk.com.br/baixaki/mobile/ 11 KB
12 KB 745ms
10ms Image
image/gif 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ibxk.com.br/baixaki/mobile/loading.gif
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: nginx/1.6.0 /
Resource Hash: ea4f299f6035001d8e1e584888c3d6c6e89ae48096e1ca64b839448e0947c9e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
last-modified: Sat, 19 Jan 2013 00:00:00 GMT
server: nginx/1.6.0
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11763
expires: Wed, 02 Aug 2023 14:54:00 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
m.baixaki.com.br/lib/ 94 KB
38 KB 20ms
13ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.baixaki.com.br/lib/jquery-1.11.1.min.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 19:06:07 GMT
vary: Accept-Encoding, Accept-Encoding, User-Agent
version: 2.2.0

GET
H2 200 site.js Show response
m.baixaki.com.br/js/ 154 KB
62 KB 29ms
22ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.baixaki.com.br/js/site.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

4e7ff3797f4673e422a31c93c85e2c671ebf0dd7d9abee78d9cca235995dd60d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 07 Dec 2022 19:06:07 GMT
vary: Accept-Encoding, Accept-Encoding, User-Agent
version: 2.2.0

GET
H2 200 home-index.js Show response
m.baixaki.com.br/js/ 3 KB
1 KB 38ms
31ms Script
application/javascript 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.baixaki.com.br/js/home-index.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

d9dcf827b0f445b74899ed0f6e66865b902558be14d5a6f562434db02e865a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 31 Mar 2023 21:30:39 GMT
vary: Accept-Encoding, User-Agent
version: 2.2.0

GET
H2 200 bg-apps.png
obj.ibxk.com.br/layout/bxk/ 123 KB
123 KB 1066ms
7ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obj.ibxk.com.br/layout/bxk/bg-apps.png
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c21b5d2f74f838c453f21552eaae3430653ad239f37649ccc4ffe4e0c0248ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
last-modified: Wed, 03 Jun 2015 17:41:28 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=30
accept-ranges: bytes
content-length: 125697
expires: Wed, 26 Jul 2023 14:54:31 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 45ms
10ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 14:13:50 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2410
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 26 Jul 2023 16:13:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
60 KB 54ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

553cbf5f1166b999f989ad4213f3b248cfe2f5678f7e6283b973ede027be9e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61191
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:00 GMT

GET
H2 200 sprite.png
m.baixaki.com.br/images/ 8 KB
8 KB 26ms
25ms Image
image/png 179.191.182.65
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.baixaki.com.br/images/sprite.png?v=2

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/css/site.css?v=4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

Software

Resource Hash

00b5373ee48dfd578575f418691e30f66462ad7b31a57e9893e63269469de9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/css/site.css?v=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 16 Dec 2022 13:22:50 GMT
vary: User-Agent
content-type: image/png
accept-ranges: bytes
content-length: 8090
version: 2.2.0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 337785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 17:04:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 386613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 03:30:27 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=188467957&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baix...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957&slf_rd=1&random=3842012423

42 B
408 B

58ms
33ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957&slf_rd=1&random=3842012423

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-1&cid=723846683.1690383240&jid=1394466736&_v=5.7.2&z=188467957&slf_rd=1&random=3842012423
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=969082323&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baix...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323&slf_rd=1&random=231312897

42 B
107 B

34ms
33ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323&slf_rd=1&random=231312897

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-144680-62&cid=723846683.1690383240&jid=1534743046&_v=5.7.2&z=969082323&slf_rd=1&random=231312897
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
194 B 11ms
10ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=835320230&utmhn=m.baixaki.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utmhid=579168488&utmr=-&utmp=%2F&utmht=1690383240224&utmac=UA-144680-1&utmcc=__utma%3D65309810.723846683.1690383240.1690383240.1690383240.1%3B%2B__utmz%3D65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 01:09:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49481
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
91 B 11ms
11ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=4&utmn=719458885&utmhn=m.baixaki.com.br&utmt=event&utme=5(Baixaki%20Mobile*Acesso%20Novo*)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utmhid=579168488&utmr=-&utmp=%2F&utmht=1690383240225&utmac=UA-144680-1&utmcc=__utma%3D65309810.723846683.1690383240.1690383240.1690383240.1%3B%2B__utmz%3D65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 01:09:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49481
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
91 B 12ms
11ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=5&utmn=41102899&utmhn=m.baixaki.com.br&utmt=event&utme=5(Baixaki%20mobile%20android*Home*%2F)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utmhid=579168488&utmr=-&utmp=%2F&utmht=1690383240225&utmac=UA-144680-1&utmcc=__utma%3D65309810.723846683.1690383240.1690383240.1690383240.1%3B%2B__utmz%3D65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6AAgAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 01:09:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49481
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Jul 2023 13:04:39 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6561
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 26 Jul 2023 15:04:39 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/8756095/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

11ms
11ms

Script
application/javascript

65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 00:51:03 GMT
content-encoding: gzip
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:00:20 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 50579
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 9bJT3tYFXFUudyO8O95oB7G7DZ_ctstQeG1pirJArqwtuQGxKV3SIA==

Redirect headers

date: Wed, 26 Jul 2023 14:54:00 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 0Wz9W3ZhfJ4Cn8i_7HDiSz7mHjDbDqw-uDvia_r1_mtj0dDsrUiPOg==

GET
H2 200 injector.js Show response
tag.goadopt.io/ 312 KB
96 KB 64ms
23ms Script
text/javascript 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=a8b131a9-d7fb-4185-b074-da8dd2ac7aa8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 95bc7969ac71505ff848c48a40d4a09b8defbcabbdf62d9ba8ec85aecb6e4ad0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15934
cf-polished: origSize=320051
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 26 Jul 2023 10:28:26 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jad0maDZfZPDofPkHAyaQWEXIrkbdDCEQugQjLMANSre8DBo7ymhj0eg6ER84n1%2FZDAhGGEDmQeNdnDq6%2BMyy6%2BsinIOMz1XHM%2FNxRWkJ9SKzZDKzzflxVYZS%2BtJ973ouzxyM1Nv7XgXd1dJ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=120
access-control-allow-credentials: true
cf-ray: 7ecd79b41c6f91ea-FRA

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 47ms
11ms Script
application/javascript 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 22:24:05 GMT
content-encoding: gzip
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 59396
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 7vMk_UxzrYfPtdaIEvS0uO6jXPoN48kKmvuhPK-BYjrXrWqB4t0icA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4e6a2488f26ec76bb89979f54abb51180f8829fbdef14b977a628819478ccb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 26 Jul 2023 14:54:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 111ms
73ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94f3d3e57bca328f6b52780fc0e82a8e6a3a8f9e852bd5294d8bb2499eeb90a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27951
x-xss-protection: 0
server: cafe
etag: 565 / 19564 / 31076376 / config-hash: 8317567018028545507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:00 GMT

GET
H2 200 tm13767.js Show response
tag.navdmp.com/ 17 KB
6 KB 171ms
137ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13767.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 May 2023 18:47:14 GMT
server: cloudflare
etag: W/"6470feb2-432e"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7ecd79b409c72c7e-FRA
expires: Wed, 26 Jul 2023 15:54:00 GMT

GET
H2 200 denakop.js Show response
tags.denakop.com/10571/ 45 KB
12 KB 55ms
21ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10571/denakop.js
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fb277cba5ab3344f7db0feae9de3613b986580648ccea52ac15c84ee6d42db5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 20:28:32 GMT
server: cloudflare
age: 1704
etag: W/"64c03070-b2c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7ecd79b40f16373d-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 16ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=579168488&t=pageview&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=65309810.723846683.1690383240.1690383240.1690383240.1&_utmz=65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1690383240339&_u=YQBCAEABAAAAACAAI~&jid=750140986&gjid=943648289&cid=723846683.1690383240&tid=UA-144680-1&_gid=180544879.1690383240&_r=1&_slc=1&gtm=45He37o0n81TFCS6ZG&z=1442294453

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 40ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDJP529EVF&gtm=45je37o0&_p=579168488&cid=723846683.1690383240&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690383240&sct=1&seg=0&dl=https%3A%2F%2Fm.baixaki.com.br%2F&dt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDJP529EVF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
149 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-144680-1&cid=723846683.1690383240&jid=750140986&gjid=943648289&_gid=180544879.1690383240&_u=YQBCAEAAAAAAACAAI~&z=1797915390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 25ms
24ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=8756095&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690383240384&ns_c=UTF-8&c3=11&c7=https%3A%2F%2Fm.baixaki.com.br%2F&c8=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&c9=
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: UD3kBMJoT4Ax4FQEyTVJf_YJPmjC13_6-nxX9jk8qfAp34K7NepOqg==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 25ms
24ms Image
text/plain 65.9.95.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690383240385&ns_c=UTF-8&c7=https%3A%2F%2Fm.baixaki.com.br%2F&c8=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&c9=
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-111.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ulhnM4Of8y4zkCzgT5Tlb-TsiwmYC_ayZpAbvSJDh0C-I2iEmPtLvA==
x-cache: Miss from cloudfront

GET
H2 200 prebid.js Show response
tags.denakop.com/ 272 KB
83 KB 25ms
24ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/prebid.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 17 Apr 2023 14:43:23 GMT
server: cloudflare
age: 734
cf-polished: origSize=279167
etag: W/"643d5b0b-4427f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7ecd79b46fc1373d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 m.baixaki.com.br.js Show response
tags.denakop.com/10571/ 227 KB
40 KB 34ms
33ms Script
application/javascript 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.denakop.com/10571/m.baixaki.com.br.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b205c7ab2aed2606e636f12dc07f1f6ca8216da55fcf7363ca88a8a1f69a65c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 25 Jul 2023 20:28:32 GMT
server: cloudflare
age: 2503
etag: W/"64c03070-38a66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, must-revalidate, max-age=3600
timing-allow-origin: *
cf-ray: 7ecd79b46fc4373d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 244 KB
60 KB 64ms
13ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/10571/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:25:03 GMT
content-encoding: gzip
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront), 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 19:22:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, PRG50-C1
age: 1738
x-amz-server-side-encryption: AES256
etag: W/"4c32a3d3ddb526b72e7dd25429eaaa2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: qP6xl3SjTw6dOqErfZZMKCsdF1xHbfXcUOwUZqeslY72FOzV7rmuPQ==

POST
H2 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 141 B
775 B 425ms
408ms XHR
application/json 2606:4700:20::ac43:4606
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4606 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 67b61dfdcd4c140018cdbb945dcceceb0afe7deddbff710bda77afe619c6f51e

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"8d-PvWBYccYxFtiaWKb5x7NqNMDvLE"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.baixaki.com.br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FN1Q15VmH7xX5iVvX3vZpF5KlQF0Oj4NBBBKDhGfD2YLxY2c8MfuoIHYX5N9qpGGUt0Cazo8JeRVYp4Oqigd8%2FtvwcTJxP8Ml4rs4ldLKu4vPLRryjHhnBosfs%2BpK36qbPkQ1f7wP3ZhlFHUJuvHIsfWJld08E%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 5
access-control-allow-credentials: true
cf-ray: 7ecd79b4edd891ea-FRA
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
118 B 35ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=723846683.1690383240&jid=750140986&_u=YQBCAEAAAAAAACAAI~&z=491836316

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-144680-1&cid=723846683.1690383240&jid=750140986&_u=YQBCAEAAAAAAACAAI~&z=491836316

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 385 KB
123 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:55:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14329
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Jul 2024 10:55:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=undefined

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/10571/m.baixaki.com.br.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e0503a6b93d43cc92b83360783a2658eb924a2a2cc4778936491dee93f19ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41996
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:00 GMT

GET
H3 200 api.gif
tags.denakop.com/ 0
345 B 391ms
391ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=p&p=https%3A%2F%2Fm.baixaki.com.br%2F&t=1690383240487&cb=0.5891979593981007

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7ecd79b51a2abbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 26ms
25ms XHR
text/plain 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fm.baixaki.com.br&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:35:47 GMT
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
age: 19093
x-cache: Hit from cloudfront
access-control-allow-origin: https://m.baixaki.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 51mzJmwXLJqi95HW6qqRduwPe8B5if9GdOA4mAI3X14tJJAgQX-qyw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 31ms
11ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:37:39 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 44182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: y96shzoqf9b-1PakXoxn5R5Q84Tt92Fk5bTvZnjQICrxhMJ0UqTD-g==

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
264 B 168ms
151ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13767&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b7ee3fa27f9a14e1363fe4b89fb2228018bc0e03d76da8fc545090c0bb3d57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: public
date: Wed, 26 Jul 2023 14:54:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7ecd79b59c772c7e-FRA
expires: Wed, 26 Jul 2023 15:54:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 143 KB
45 KB 985ms
984ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2727511368750681&correlator=3202954857569351&eid=31076376%2C31070233%2C31075149&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=36373682%2Cbxk%2CFooter_Leaderboard%2Cmobile%2Cweb%2Chome%2Csquare1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5%2F6&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100%2C300x250&ifi=1&adks=812633205%2C93057978&didk=3710878717~438225783&sfv=1-0-40&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252F%26category%3Ddocument.location.pathname&sc=1&cookie_enabled=1&abxe=1&dt=1690383240603&lmt=1690383240&adxs=650%2C650&adys=1150%2C557&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=20&vis=1&psz=1600x-1%7C1600x3558&msz=320x-1%7C1600x-1&fws=512%2C0&ohw=0%2C0&ga_vid=723846683.1690383240&ga_sid=1690383240&ga_hid=579168488&ga_fc=true&dlt=1690383240052&idt=517

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39cea2c43b89d01101273fe2024ed6887374546ea5576c2b25b5531f5ae6f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46205
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E64 6 KB
3 KB 94ms
42ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:00 GMT
expires: Thu, 25 Jul 2024 14:54:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 163ms
147ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=1311c0055dc62e460c00cd9cf410&acc=13767&url=https%3A//m.baixaki.com.br/&tit=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&utm=65309810.1690383240.1.1.utmcsr%3D%28direct%29%7Cutmccn%3D%28direct%29%7Cutmcmd%3D%28none%29&h1=Baixaki
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13767.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ecd79b6adfa2c7e-FRA
content-length: 6
content-type: application/x-javascript

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
338 B 126ms
22ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://m.baixaki.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 204
No Content hb Show response
cpm.denakop.com/ 0
263 B 240ms
27ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.denakop.com/hb?zone=166150&v=1.6
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:01 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://m.baixaki.com.br
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
364 B 39ms
10ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://m.baixaki.com.br
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 136 B
697 B 41ms
8ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

66cce11e08ef0af534dabdaef21b9fd2020ab83e8e53e076d8d7a1a49ed0f26c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:00 GMT
an-x-request-uuid: 24cc645c-090e-4de6-aeb7-600b20f764b6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 136
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 263 B
789 B 399ms
162ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23648&site_id=401834&zone_id=2250872&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!denakop.com,10571,1,,,!google.com,pub-8170966538152543,1,,,&rf=https%3A%2F%2Fwww.baixaki.com.br%2F&tk_flint=pbjs_lite_v7.11.0&x_source.tid=7fcb1376-5f50-4474-aacc-979094ad0326&l_pb_bid_id=105389946a083f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23075665340664875
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a73e4e5b8d2d3b67115676837f4e17ecc0f5929964934ffec08d97597fadb965

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 263
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
310 B 61ms
28ms XHR
text/plain 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 26 Jul 2023 14:54:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7ecd79b73e043731-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
179 B 316ms
105ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://m.baixaki.com.br
date: Wed, 26 Jul 2023 14:54:01 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 403ms
380ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9855a2ff1f865588de2f5e205f5d3fa3544b13afc122706e0408545602955bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11650
x-xss-protection: 0

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 413ms
8ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:14:08 GMT
content-encoding: gzip
via: 1.1 google
age: 5993
x-guploader-uploadid: ADPycdvav_qNBadR5VruyYy_Q6Y4ceAN5YjOn988mgeNNggbEP2V2jeHwDr05SyDHOYH8g8xJL4QIJ7Yx1v3AHin_Av2Fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21236
last-modified: Tue, 11 Apr 2023 17:26:14 GMT
server: nginx/1.8.1
etag: "8d242bfc70276e9b827cbc9217e0fe74"
vary: Accept-Encoding
x-goog-generation: 1681233974827693
x-goog-hash: md5=jSQr/HAnbpuCfLySF+D+dA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21236
accept-ranges: bytes
expires: Wed, 26 Jul 2023 15:14:08 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=579168488&t=event&ni=1&_s=1&dl=https%3A%2F%2Fm.baixaki.com.br%2F&ul=en-us&de=UTF-8&dt=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll%20depth&ea=https%3A%2F%2Fm.baixaki.com.br%2F&el=10&_utma=65309810.723846683.1690383240.1690383240.1690383240.1&_utmz=65309810.1690383240.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1690383241195&_u=aQDCAEABAAAAACAAI~&jid=&gjid=&cid=723846683.1690383240&tid=UA-144680-1&_gid=180544879.1690383240&gtm=45He37o0n81TFCS6ZG&z=571304195

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 20:30:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66211
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%222bb0a508-595f-49a8-87af-9e3915fc9884%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
414 B 451ms
55ms Fetch
image/gif 65.9.93.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%222bb0a508-595f-49a8-87af-9e3915fc9884%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fm.baixaki.com.br%252F%22%2C%22lv%22%3A%2223.717.1557%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.93.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-93-173.prg50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-amz-rid: 272WTM1H3H722F0CXC6K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: 8ktbGnwkhyAAVkLMOHnqd6o4qlaawPDsqgMthplTW7pD8lwMYQHDMA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 466ms
73ms XHR
text/javascript 65.9.93.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fm.baixaki.com.br%2F&pid=0dbgIq5sQjsQA&cb=0&ws=1600x1200&v=23.717.1557&t=2000&slots=%5B%7B%22sd%22%3A%22denakop-single-horizontal-3692cd0f-4038-47bd-aaa6-73529bb39cc8%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22728x180%22%5D%2C%22sn%22%3A%22%2F21715141650%2C36373682%2Fm.baixaki.com.br%2Fdesktop_horizontal%22%7D%5D&schain=1.0%2C1!denakop.com%2C0%2C1%2C%2C%2C!google.com%2Cpub-8170966538152543%2C1%2C%2C%2C&pubid=2bb0a508-595f-49a8-87af-9e3915fc9884&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.93.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-93-173.prg50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-amz-rid: FBE93KCQGK0M6HDYQS89
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://m.baixaki.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: hUCKrGOsehBKQLj1qdH_gGOiTlLBhq4sOzrn0ISSx0w32nvXA8wrhA==

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 478ms
478ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=a&p=https%3A%2F%2Fm.baixaki.com.br%2F&t=1690383241218&cb=0.9633053528413738&aa=horizontal

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7ecd79bbec8dbbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%222bb0a508-595f-49a8-87af-9e3915fc9884%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
417 B 445ms
53ms Fetch
image/gif 65.9.93.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%222bb0a508-595f-49a8-87af-9e3915fc9884%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fm.baixaki.com.br%252F%22%2C%22lv%22%3A%2223.717.1557%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.93.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-93-173.prg50.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-amz-rid: QJY5TC5KKS8QR2G6TJ8W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: q_wvqoqa9CSZEY2F2HWV9k07cBS8Ljcb07WfxyXkfMpEvLuj5jMfZQ==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
17 KB 482ms
482ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2727511368750681&correlator=1237715723022203&eid=31076376%2C31070233%2C31075149&pied=Eh4KHAoaQ0ttQzRLVFFySUFERlFqSjNnb2RQWE1Jdnc.&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=36373682%2Ctcm%2Cinternal%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=2792147645&didk=1038626840&sfv=1-0-40&ists=1&fas=8&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252F%26category%3Ddocument.location.pathname%26amznbid%3D1%26amznp%3D1&sc=1&cookie=ID%3D6f26a582b4ddfd8b%3AT%3D1690383240%3ART%3D1690383240%3AS%3DALNI_MZiGDb_-38ShiM42H9w-eAXVgZnaw&gpic=UID%3D00000c70c324c33a%3AT%3D1690383240%3ART%3D1690383240%3AS%3DALNI_MbBUWAc8ty6dRHKpFV-_kyYcXOZ1A&abxe=1&dt=1690383241612&lmt=1690383241&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=723846683.1690383240&ga_sid=1690383240&ga_hid=579168488&ga_fc=true&ga_cid=180544879.1690383240&dlt=1690383240052&idt=517

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ee79723b70eddbd5a9de9203c236c85d1f8a9c6fdab5572b177803d57c20c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16924
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 37 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl_page_level_ads.js?cb=31076376

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14318
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13167
x-xss-protection: 0
server: cafe
etag: 17457124678373541327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 25 Jul 2024 10:55:23 GMT

GET
H2 200 container.html Show response
9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 49F7 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:00 GMT
expires: Thu, 25 Jul 2024 14:54:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B1E 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:00 GMT
expires: Thu, 25 Jul 2024 14:54:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 49F7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:51:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 49F7 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:10:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 49F7 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 10:07:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 49F7 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 20:18:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49F7 179 KB
57 KB 80ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 49F7 33 KB
14 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:03:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:41:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 13:03:30 GMT

GET
H2 200 14150108286683984223
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49F7 13 KB
13 KB 50ms
49ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14150108286683984223?w=100&h=100&tw=1&q=75

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfa9f350a761b523f5a75330e375974a2559df3ce6c7852653d6705761868ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13622
x-xss-protection: 0
last-modified: Sat, 20 May 2023 21:51:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 14:54:01 GMT

GET
H2 200 2385289627770824085
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49F7 10 KB
10 KB 14ms
13ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/2385289627770824085?w=100&h=100&tw=1&q=75

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d80d05a267c0044db3d858543c0f8bd166eb5f1df4db3eee4d76c0c4716788a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:19:53 GMT
x-content-type-options: nosniff
age: 66848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10021
x-xss-protection: 0
last-modified: Sun, 21 May 2023 16:01:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 20:19:53 GMT

GET
H2 200 15306634943908496339
tpc.googlesyndication.com/gpa_images/simgad/ Frame 49F7 19 KB
19 KB 9ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15306634943908496339?w=100&h=100&tw=1&q=75

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb5e7f49b159485c47ccec19db29a929077d26d8cc5c6b6db9a4487cbaf2e7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 19:38:39 GMT
x-content-type-options: nosniff
age: 414922
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19189
x-xss-protection: 0
last-modified: Sat, 20 May 2023 22:40:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Jul 2024 19:38:39 GMT

GET
H3

200

8579365493167841872
tpc.googlesyndication.com/simgad/ Frame 49F7
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEyYC36QEQiwEYiwEyCIinBiYtLq3K
https://tpc.googlesyndication.com/simgad/8579365493167841872

13 KB
13 KB

13ms
12ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8579365493167841872

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b3c81b46ab182fb79274a7f46fb3f3cc759e49bb9829c63a590eef2338e3578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 07:33:39 GMT
x-content-type-options: nosniff
age: 26422
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12808
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 05:49:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 25 Jul 2024 07:33:39 GMT

Redirect headers

date: Tue, 25 Jul 2023 19:40:07 GMT
x-content-type-options: nosniff
server: cafe
age: 69234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/8579365493167841872
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Aug 2023 19:40:07 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A426 624 B
827 B 84ms
50ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDS0I6HBBj1p9LxATAB&v=APEucNU9cDimG_AlRfiTXYVYJJ1M2z5HJJ3amPx3kI66USjDSN0EZOH-ukfu5FSyra6DK90gs0Y2qvbA4_qE9cwTBhNhVVrDeDneUTcpnGcnf-MSwDstf8mLmrkSf-telacv-J5RngOw6n4IBCw5EhsZl0otpXuXV4rttnWcCQqYVjF8VR8H2T0

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:01 GMT
expires: Wed, 26 Jul 2023 14:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0B1E 85 KB
29 KB 88ms
68ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B1E 42 B
63 B 60ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQBogydfWMMC3DH1LqrXxhdZvR8GUDqMhpYVHDGrfYRu1HBjKI8MoFnQW7UDaqYwGKBnunrPJJcPTMb8dE2HWaJJsSiY8ECBgoGpMwZiuKqnILOh8

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B1E 0
20 B 61ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11856568744999050691&x=1&ct=77

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 0B1E 32 KB
8 KB 82ms
26ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 0B1E 3 KB
2 KB 68ms
14ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=4837500&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0s5yiDPBZKqeKIiS-wa95qH4C6jpiutxlaG5-cgRZBABIMKm1htglYKAgJgHyAEJqQKph_i025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2-utxFRgcbKNmy1i3pEVL-B6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9-OwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c-bsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk-RzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX-4MejllCJ-9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL-IW-BOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&num=1&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&sig=AOD64_2x02VIdlnwwCqflgfjq6zD94TpvQ&client=ca-pub-1712420989769758&dbm_c=AKAmf-DW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0-YOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL_E9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj-eVHRI1GU6mqiEnKqiZhsAlzK_a64PVb5KzcHHjN3Z-iyrWr0SeuI8wIFmtfkOcho&cry=1&dbm_d=AKAmf-AK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay_iYt-bDLIwLks5_0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J-49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl_yy81Im_QlvOy9ksSGwcLLKCNhCzusRi8jiDxH-QFbMw6bbzKWKONzGSD1-CYysJms-OVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x_g5E_TPyMLhsvYn0BCfPX3JChU1NCOZ_Wu-zSk4phm1V_pmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82_qB4owJWZgZkRumK-FxgkuKwy4Hh5b0aCc-DkKDUHJW26wH7_vNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU&adurl=
Requested by: Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 8c55e56354a934e1736c5905d2b5faec2f0e01e762aca90ad61a510c3579d2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Wed, 26 Jul 2023 16:54:01 +0200
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 0B1E 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 10:07:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 0B1E 20 KB
8 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 20:18:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B1E 179 KB
56 KB 135ms
115ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 23ms
8ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 06:08:54 GMT
content-encoding: gzip
age: 31507
x-guploader-uploadid: ADPycduusThepVyL-NGGemfd4LYyhUARA0N29zOVOmDsrQ3p6VuwftYYLqbrJNBLt31TR5iJqZq_ZKzOW16B6vyR00qKkB4Sfohj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Thu, 27 Jul 2023 06:08:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
69 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

642fc86196888a5802d6132d4dbd85bbde4df0bcb58cd0978004cc4cc8618cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70723
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de86b1805c5a226614292faffde5e688a172b05cfa96c14401af14e5d2211fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76735
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6cd97af0d53997a342b7d5f19532b5f3d49aa7dbad1a157b9fe2b52e4f832553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76766
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2de94b1104bfca3c7c09467321c657fc010e9dc0b140ecd77e06f4829bb0f3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76734
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 38ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cadffd182f701b24bc47e7e239b4da13b8eb4473f52dcd430fda0f70bad6721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76814
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 141 KB
54 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCS6ZG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a461631dcbc63332413fc3452f40e607067811431dcfabc2def206271cdb492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54909
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Jul 2023 14:54:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5902 13 KB
5 KB 16ms
12ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 10:08:42 GMT
expires: Thu, 25 Jul 2024 10:08:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EC4 783 B
536 B 28ms
25ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

99cf6f64e39eeb38f7b22241ccb4312d02c8a35281a1a2cca8f9947b2d4185b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1AxRQRn2_pt0AM4jaF-68Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1AxRQRn2_pt0AM4jaF-68Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:01 GMT
expires: Wed, 26 Jul 2023 14:54:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 901ms
900ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2727511368750681&correlator=3281516696685994&eid=31076376%2C31070233%2C31075149&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=21715141650%3A36373682%2Cm.baixaki.com.br%2Cdesktop_horizontal&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C728x180&ifi=4&adks=1794676696&didk=2280012242&sfv=1-0-40&prev_scp=dk_refresh%3Dtrue%26hostname%3Dm%2Cbaixaki%2Ccom%2Cbr%2Cm.baixaki.com.br%26pathname%3D%252F%26placement_name%3Dhorizontal%26tier%3D1&eri=1&cust_params=referer%3Dhttps%253A%252F%252Fm.baixaki.com.br%252F%26category%3Ddocument.location.pathname&sc=1&cookie=ID%3D6f26a582b4ddfd8b%3AT%3D1690383240%3ART%3D1690383240%3AS%3DALNI_MZiGDb_-38ShiM42H9w-eAXVgZnaw&gpic=UID%3D00000c70c324c33a%3AT%3D1690383240%3ART%3D1690383240%3AS%3DALNI_MbBUWAc8ty6dRHKpFV-_kyYcXOZ1A&abxe=1&dt=1690383241751&lmt=1690383241&adxs=315&adys=173&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=20&vis=1&psz=1600x146&msz=970x0&fws=0&ohw=0&ga_vid=723846683.1690383240&ga_sid=1690383240&ga_hid=579168488&ga_fc=true&ga_cid=180544879.1690383240&dlt=1690383240052&idt=517

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe18091ae2b3c6478383bea40eb926a00cd4a22290d89218432b6426fc1f29a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13050
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://m.baixaki.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 15ms
10ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:02:58 GMT
content-encoding: gzip
age: 17463
x-guploader-uploadid: ADPycdtQoVuoj86mbkVrO1ydeket0W5eWW0N7zBdY5cKCDEqj-st3Q9oHML35vUJhxMUsFLR5mcHtTKjJtA_OjoUQEDUiQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Thu, 27 Jul 2023 10:02:58 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
681 B 155ms
109ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-baixaki:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1690383242&tM=direct&tL=direct&tN=direct&tY=3&tZ=942954006
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:01 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
DATA 200
OK truncated
/ Frame 49F7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5922f4215664df7f7ce2742e55607d7d1997771057f3c67de70495f9ff9ff40c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A426
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1

43 B
766 B

21ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDS0I6HBBj1p9LxATAB&v=APEucNU9cDimG_AlRfiTXYVYJJ1M2z5HJJ3amPx3kI66USjDSN0EZOH-ukfu5FSyra6DK90gs0Y2qvbA4_qE9cwTBhNhVVrDeDneUTcpnGcnf-MSwDstf8mLmrkSf-telacv-J5RngOw6n4IBCw5EhsZl0otpXuXV4rttnWcCQqYVjF8VR8H2T0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:01 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A426
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMEziRhiWErUSDW-HWipZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1

43 B
766 B

14ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDS0I6HBBj1p9LxATAB&v=APEucNU9cDimG_AlRfiTXYVYJJ1M2z5HJJ3amPx3kI66USjDSN0EZOH-ukfu5FSyra6DK90gs0Y2qvbA4_qE9cwTBhNhVVrDeDneUTcpnGcnf-MSwDstf8mLmrkSf-telacv-J5RngOw6n4IBCw5EhsZl0otpXuXV4rttnWcCQqYVjF8VR8H2T0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFxTL-bnubi1Qag5wE7gs1s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A426
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEP50vilA-7qCK1-464LuLzo&google_cver=1

43 B
838 B

23ms
22ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEP50vilA-7qCK1-464LuLzo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDS0I6HBBj1p9LxATAB&v=APEucNU9cDimG_AlRfiTXYVYJJ1M2z5HJJ3amPx3kI66USjDSN0EZOH-ukfu5FSyra6DK90gs0Y2qvbA4_qE9cwTBhNhVVrDeDneUTcpnGcnf-MSwDstf8mLmrkSf-telacv-J5RngOw6n4IBCw5EhsZl0otpXuXV4rttnWcCQqYVjF8VR8H2T0

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
an-x-request-uuid: 1c2c2432-449f-4456-bb03-40dc8c1d879b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEP50vilA-7qCK1-464LuLzo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A426
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

170 B
243 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
an-x-request-uuid: 9c517ffc-856c-4832-bdcb-5a1d6450f4f6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B1E 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6294249932849&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B1E 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6294249932849&version=m202306200101&ct=77&x=1&cor=11856568744999051000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0B1E 15 KB
12 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaTdLpobWos-48cDjFbaTpL8zqUlJZUhdFHYD4if9IHXoB7WAzYke4FFaNSDjKj_VDbB_wl_dm8kipOHi_E9sDRbUbJYcgmKXgAEMtMuRf40U2NEPmS1n8WjE8ZI-7DdIzKOE0Q7z-sHjNYW_uIbt7QMDcH0_XAmXInhjYkzKipfV8UKc&cry=1&dbm_d=AKAmf-A3HE5XzyxIWdoLP-MHrXhXkCXWVJ80yr3HRCutJgKy2JVABHLAI-O5YrOouIbFWGl8fX4f0TiAgv_03epPIAz9r_LsyyhH-RRFM_FQ2H5k7arDVXGqEzmWOBRh3AIn9flkHL9oIC-a94VYPLHLpx7IRBMjp_uSoB1dtNNGqDZdwOCRfifh0DV29jaETUXc7eXQgO_qRgsLKefHuCbOkUq-Hz1od6USWT_95Wl5J7L-k1SsT0QzVISabaYZR_R4hi3PwJaVoTOGKi2DgMB0oia9ClVmCPN3L7DAOLF4kLeTlLjs65z4Ymn8rfXhC-ezTDo8XwL3Lqpz_dID6nVDISrCXgfp5IkUPpqxKQCu0Hi3-2gFhxZvdvkXp_Qf4lfLzDJLl3x1LlpDwfPPzAc3verodpxy2jzUujiO6_2tJlg__WaX5iyzel5kKKPH5Xm7suemiySM6EQWIw0xdiASZNgA0b959HEm0FGV2YElMJZ33muWMLpJU6tzGz-87Xnkcqt1Q_5eW8UiJDzCl-LeGsRZxph-pMS59tX_3_5TzVCPnNGua1aUEEv8ru-Vb7ipJK03ruRIxk_c3H66Jyk4Ogr5mAnqCxaZQIkvNw_akRC7OLpXlCk7cS7_W385dKLD4uv-SgsdBZzYUmJJhLVUamsNev7JUsEOEu17T69YUX_GHJ1OipmszFMg6jkLhm7vw5qLe1szZvOKV48sMexTlupJjayJ0qO8HyCzAeWCoIdCygkQBx70V6wtXyIuR9lXfhlRZc1PgnF8CdHYRAcSeD8VJVEMgfpYHwfgYBW2pIta255imKrNuEt82vhOIJ4BLSbQ_qAkEJYNcvT0uGxFaykKChhGBTOD1lIAvRVieBESL9lLtCkSw-ACd0fmzuhyBBKJRPX4jNxvtcJuButi1Cma5heuVp-gS5Jw39fFhKmkbbJprO48omEiusbPMto4etNJXTFRVIZYfwnozZHnQA0ADbD9VguHN5YTik-OKe3GRrll97f-uq36t7C3Dky0F1TFl_45ZiUQ3Zhc-B_GUvaWkpNTYHFD9IxwjRBV4Rqc0VcYsS0MHfyJ7G4fyx4w2i8_1Lww67Z7Dfv44NXCeb7VELt42nUKfwa4CnkNMeSZbRpsAJnXpKtrqW14ku0lxmOydhyM1WddKk0fqT2bJpuhYNauvY8mhokqxPxhnTeKC9SKl5KelS_Q8RVyC2DjAG2_Ac4FFGYdWyOzUgPIUlOOJXpCw5gls12jmXnBUUuF_uH4j-LNbkyudGuwymY4ywft_p6YjTuiQEZNhR1P7sjmpWH6elzgNP3ZzJihHRpBs83Vd3QYmfrDCGIw2cePWupyl9dXPsaghqX5_Zn8fvw4oEId_jXInDBeY4gSx9ubjb8HB1SzWl3h4IxJRTL4OXlgdsMwnWNfF-XGWc4wlu49kp6HHoadksErOTs-pDewQ5LFXzN6Y2-rNW8PDeb3myT0S-5hlg379iQ14Dv5di9HuGz20jFLJJOfAdf8bPbZpCj1r4csYpzr_eN_SJ_Mvo_p5_dzDdB--bDPAPxBOe1i5WSPYMmrt6YK86SGWXM3gLM_qqAdbwwxtBONMeBy0C50uY8_mtT8ZQ_G-jk3XWQmdhdgUi_ujg8FM2uk3CAcci7bdJ1BS4_ppu9yxBUr-_ViET2wEFkVUngWmycPpR_bCmnUD3644e7UaFfzBjMNfeL1arHkkJfUosU550o0OUuB0aTWsXTim2CkgChL4UD61T2xEDgP1B5jXMaUOwTHA1YC2X0dLyKwqKROiSwrG0uANscNzhLd_f4HlPrfWTSQbgX-CISvdRzJegvJyyEM2KbGjptIZVgGirSU5mL2NxY9U3tfLW9O3IbJJF_N9xuLb9nufNe9pIvSf8iLv4v9gblu9c9OJ_fadIwvjK70aZkX5YlQR_Vwsx0SAZBZq716xqA6Ev2MycJfrtYZi0kwZ29T0OkzjvvKSZ-ALOyWlynDcOjdDMCycVQFTW7pUz46eqbQA6jzMaIxwSUPq0M_f8UfFRCu_p6F4p-XvxxXbnP0QMJ9YUDEFJViImqlmZOhG5vcC43e1LxW9y0INju-EJWpYDZ9_ApBSd4X5yetdFniZ5tkqoiHYdLkz_Hwi2Uq7MzErcYH1ndVv5pNOyrjZW8OC-dsYMPo0ZP5KxPBmJMbyAAVEg93_NMPMAv77k7dQtbvwrUYuaO0Egz4P6Gf7YE27o_3_rmVBB678xAeBzQPpsPAuhc5liNnTG56vM_cW0wRvmFyJYn20KFsEmazmH-fhVws4l2b7ybYBg3sWbAHhlxp5FwyWlxL5zpY3Z4o5MF87F5O365Bu45QPRUVCesa9OGjByR2j9gztqWHe8jXaL_vcr0TmLWpIM7Nk1bmrC4YbcwC_3JyChP3NZkdG7gVAFNYvFxuajqUJF_MRdnvloVydy0MbcTIGRZqhLEWsWtDmQBCmCcAb353gINuD8IQgCtZIebFi7-ztdn75bdUqj-Kp4KoU7x1Hn16On5jzbUYt5SzEGBRBu0XeEM0e69z3GhIdSD8jPjm5ncO9js0WCRCzC9rJfLXncqPgtURPraTDquwUAcWNOGaApkb5ecfNWltfyWSviytah5JKFsATmIZNX498zzepQMuqPFGMoJ8T9ygMLfivZC4rm3RLiqPusOHxff8VGy15FavxIv03h7u1vURQCvmMy3Aw9ce22JsL50ltISJ4pDJ8Y0PnNYUy-UQcltmKL_0lxQ6_WslSStXoNvFJYXneNBTY7j0Q05soa9iRZRlTKW7jEgSzSkACrHH6roReJ-iMknVSlzy20kwXyR_IwHDe-H_-tCMv1pDBRkeD4u9ZUEdIleZkvYFgfBdo-E4uR6bcV2bKMw4uU39x9EDaTW9KPnEOiI6Df2VLoiibYVwYLbYtErVo0inoo5EVQfW-6Gqd5fYqj_qf7A6uSxs6FznWlr-kv4YeCdnHBbl2jvAbCJWR7d4USGst44OxPO5mWXytpQcf1VghfjIHSV7d9LYmWj6vJO9hInppjD6TUaFgLCOsRe5KDwJvSMO2_XwNV6iKFd43Zah2axCh_M1II94dIMdPhSWhXK8H00RO3RDq0BmEUgPC4777TxhxBx53Zpe-TB2v9rND85xDE71T6I2YzErqDQm7XTQXLjngoHe2CytXyHpmtYdQtEKVpm0Bz6Sh8hrrShkzbQH0Um8HWIQPRaC5zA5dSEuDUwraxp6ONymL5P3wYi-tD_aM3IO2Nmsg-bXaoc5G-m_dutC3f5lxiTt9LJD0E2I17-_zfE5AzzhYD3lGyIOvFeOIdAHuwEmx3JyOjnwjXAA65bt-6J5hL3P39Jz-BsKAVtMAKN1CF7_myCSWW8f-UvsgW5xTQgKu2ZxJqQLaR1WWJsDj5-BFr5Q0OVYZ703koduUQbeEAL2FBstwMpP6N1FkgzJKZmribKvzp8X0Gqh_PkDqv3cL6b0jmf5Ui-5kwGaOpO3umLM4gMo0uP1SZXsqrUOyfW-pRVOyQS43oLpgQWeFY9R2u6-bm5LjCGYMVBRdsmarw578_kiGQ2syco4mOQef26D7dDFbSnKNhc_&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fm.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=11856568744999051000&adk=2923430907&idt=98&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2803ae7fb5a3d7249d9890ef8321cac80067b4114c1028d95e962b0cfacb8c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11765
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1690383241906&cv=11&fst=1690383241906&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&auid=795074436.1690383242&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13612e49ddf926f83fad83cef3302031844f8b86fe2647303988b3efe64cf19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1690383241933&cv=11&fst=1690383241933&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&auid=795074436.1690383242&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

654b8106d9082eacbae188dd838b278ce0953f89715fae4db0d70b5b7079a1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1331
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EC4 0
0 45ms
45ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=2727511368750681&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
160 B 135ms
109ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 4b0bdf1b66fc19ccb38df392e0f67df8c62c666cebcabd66bf6a6b0cfe25f6c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js Show response
pagead2.googlesyndication.com/bg/ Frame 5902 38 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c24a069fb93b40fdeb54dd0bd49c7097b783265cda87add095c90f435b407a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14802
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:40:39 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1690383241982&cv=11&fst=1690383241982&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&auid=795074436.1690383242&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

645955b7f492431d3ddba43b0de2a871619b187587696d3a003f226b650daef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 49F7 0
0 53ms
53ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmVi5iDPBZKmeKIiS-wa95qH4C_PJoPxtofyWzOwR-tGt6pMOEAEgwqbWG2CVgoCAmAegAdqvsfMoyAEJ4AIAqAMByAPLBKoE8wFP0EKPVdIjOsLKqMsjSH6YUYSgtR1zKQHKYDabh_gCCGc1oxeK-HOno6pOWe452BTN0_P8bWQBiyFDbCYZEcV3s9k11zcqAHQcLNaCgoBke8dSntm9JK8oB-ia7wXTGRozCDS1l0-hWnGWCKIbibBFqEQFH1YrVLfIyiYtskHhgzmSO1QdULMcsgdXrHQWb40ul_I40BHq_mBTcEIXt8fnKnlgeF1kBS8wGJ53O2s2ei2YKbDnS9Q6kJGb5mmJj8FNLuRAnCuK19vtV-Tr4DTQmr-8be3r3ea-ZzighWNJsdlWXB8KBE87vSqQzGi6eJkilNjABJLW3eylBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfa54HTA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDMogfSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTcwMTkwOTEwOTQ4OTYyNjAY0sAW&sigh=qdxdYcTTfr8&uach_m=[UACH]&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&template_id=494&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B1E 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaTdLpobWos-48cDjFbaTpL8zqUlJZUhdFHYD4if9IHXoB7WAzYke4FFaNSDjKj_VDbB_wl_dm8kipOHi_E9sDRbUbJYcgmKXgAEMtMuRf40U2NEPmS1n8WjE8ZI-7DdIzKOE0Q7z-sHjNYW_uIbt7QMDcH0_XAmXInhjYkzKipfV8UKc&cry=1&dbm_d=AKAmf-A3HE5XzyxIWdoLP-MHrXhXkCXWVJ80yr3HRCutJgKy2JVABHLAI-O5YrOouIbFWGl8fX4f0TiAgv_03epPIAz9r_LsyyhH-RRFM_FQ2H5k7arDVXGqEzmWOBRh3AIn9flkHL9oIC-a94VYPLHLpx7IRBMjp_uSoB1dtNNGqDZdwOCRfifh0DV29jaETUXc7eXQgO_qRgsLKefHuCbOkUq-Hz1od6USWT_95Wl5J7L-k1SsT0QzVISabaYZR_R4hi3PwJaVoTOGKi2DgMB0oia9ClVmCPN3L7DAOLF4kLeTlLjs65z4Ymn8rfXhC-ezTDo8XwL3Lqpz_dID6nVDISrCXgfp5IkUPpqxKQCu0Hi3-2gFhxZvdvkXp_Qf4lfLzDJLl3x1LlpDwfPPzAc3verodpxy2jzUujiO6_2tJlg__WaX5iyzel5kKKPH5Xm7suemiySM6EQWIw0xdiASZNgA0b959HEm0FGV2YElMJZ33muWMLpJU6tzGz-87Xnkcqt1Q_5eW8UiJDzCl-LeGsRZxph-pMS59tX_3_5TzVCPnNGua1aUEEv8ru-Vb7ipJK03ruRIxk_c3H66Jyk4Ogr5mAnqCxaZQIkvNw_akRC7OLpXlCk7cS7_W385dKLD4uv-SgsdBZzYUmJJhLVUamsNev7JUsEOEu17T69YUX_GHJ1OipmszFMg6jkLhm7vw5qLe1szZvOKV48sMexTlupJjayJ0qO8HyCzAeWCoIdCygkQBx70V6wtXyIuR9lXfhlRZc1PgnF8CdHYRAcSeD8VJVEMgfpYHwfgYBW2pIta255imKrNuEt82vhOIJ4BLSbQ_qAkEJYNcvT0uGxFaykKChhGBTOD1lIAvRVieBESL9lLtCkSw-ACd0fmzuhyBBKJRPX4jNxvtcJuButi1Cma5heuVp-gS5Jw39fFhKmkbbJprO48omEiusbPMto4etNJXTFRVIZYfwnozZHnQA0ADbD9VguHN5YTik-OKe3GRrll97f-uq36t7C3Dky0F1TFl_45ZiUQ3Zhc-B_GUvaWkpNTYHFD9IxwjRBV4Rqc0VcYsS0MHfyJ7G4fyx4w2i8_1Lww67Z7Dfv44NXCeb7VELt42nUKfwa4CnkNMeSZbRpsAJnXpKtrqW14ku0lxmOydhyM1WddKk0fqT2bJpuhYNauvY8mhokqxPxhnTeKC9SKl5KelS_Q8RVyC2DjAG2_Ac4FFGYdWyOzUgPIUlOOJXpCw5gls12jmXnBUUuF_uH4j-LNbkyudGuwymY4ywft_p6YjTuiQEZNhR1P7sjmpWH6elzgNP3ZzJihHRpBs83Vd3QYmfrDCGIw2cePWupyl9dXPsaghqX5_Zn8fvw4oEId_jXInDBeY4gSx9ubjb8HB1SzWl3h4IxJRTL4OXlgdsMwnWNfF-XGWc4wlu49kp6HHoadksErOTs-pDewQ5LFXzN6Y2-rNW8PDeb3myT0S-5hlg379iQ14Dv5di9HuGz20jFLJJOfAdf8bPbZpCj1r4csYpzr_eN_SJ_Mvo_p5_dzDdB--bDPAPxBOe1i5WSPYMmrt6YK86SGWXM3gLM_qqAdbwwxtBONMeBy0C50uY8_mtT8ZQ_G-jk3XWQmdhdgUi_ujg8FM2uk3CAcci7bdJ1BS4_ppu9yxBUr-_ViET2wEFkVUngWmycPpR_bCmnUD3644e7UaFfzBjMNfeL1arHkkJfUosU550o0OUuB0aTWsXTim2CkgChL4UD61T2xEDgP1B5jXMaUOwTHA1YC2X0dLyKwqKROiSwrG0uANscNzhLd_f4HlPrfWTSQbgX-CISvdRzJegvJyyEM2KbGjptIZVgGirSU5mL2NxY9U3tfLW9O3IbJJF_N9xuLb9nufNe9pIvSf8iLv4v9gblu9c9OJ_fadIwvjK70aZkX5YlQR_Vwsx0SAZBZq716xqA6Ev2MycJfrtYZi0kwZ29T0OkzjvvKSZ-ALOyWlynDcOjdDMCycVQFTW7pUz46eqbQA6jzMaIxwSUPq0M_f8UfFRCu_p6F4p-XvxxXbnP0QMJ9YUDEFJViImqlmZOhG5vcC43e1LxW9y0INju-EJWpYDZ9_ApBSd4X5yetdFniZ5tkqoiHYdLkz_Hwi2Uq7MzErcYH1ndVv5pNOyrjZW8OC-dsYMPo0ZP5KxPBmJMbyAAVEg93_NMPMAv77k7dQtbvwrUYuaO0Egz4P6Gf7YE27o_3_rmVBB678xAeBzQPpsPAuhc5liNnTG56vM_cW0wRvmFyJYn20KFsEmazmH-fhVws4l2b7ybYBg3sWbAHhlxp5FwyWlxL5zpY3Z4o5MF87F5O365Bu45QPRUVCesa9OGjByR2j9gztqWHe8jXaL_vcr0TmLWpIM7Nk1bmrC4YbcwC_3JyChP3NZkdG7gVAFNYvFxuajqUJF_MRdnvloVydy0MbcTIGRZqhLEWsWtDmQBCmCcAb353gINuD8IQgCtZIebFi7-ztdn75bdUqj-Kp4KoU7x1Hn16On5jzbUYt5SzEGBRBu0XeEM0e69z3GhIdSD8jPjm5ncO9js0WCRCzC9rJfLXncqPgtURPraTDquwUAcWNOGaApkb5ecfNWltfyWSviytah5JKFsATmIZNX498zzepQMuqPFGMoJ8T9ygMLfivZC4rm3RLiqPusOHxff8VGy15FavxIv03h7u1vURQCvmMy3Aw9ce22JsL50ltISJ4pDJ8Y0PnNYUy-UQcltmKL_0lxQ6_WslSStXoNvFJYXneNBTY7j0Q05soa9iRZRlTKW7jEgSzSkACrHH6roReJ-iMknVSlzy20kwXyR_IwHDe-H_-tCMv1pDBRkeD4u9ZUEdIleZkvYFgfBdo-E4uR6bcV2bKMw4uU39x9EDaTW9KPnEOiI6Df2VLoiibYVwYLbYtErVo0inoo5EVQfW-6Gqd5fYqj_qf7A6uSxs6FznWlr-kv4YeCdnHBbl2jvAbCJWR7d4USGst44OxPO5mWXytpQcf1VghfjIHSV7d9LYmWj6vJO9hInppjD6TUaFgLCOsRe5KDwJvSMO2_XwNV6iKFd43Zah2axCh_M1II94dIMdPhSWhXK8H00RO3RDq0BmEUgPC4777TxhxBx53Zpe-TB2v9rND85xDE71T6I2YzErqDQm7XTQXLjngoHe2CytXyHpmtYdQtEKVpm0Bz6Sh8hrrShkzbQH0Um8HWIQPRaC5zA5dSEuDUwraxp6ONymL5P3wYi-tD_aM3IO2Nmsg-bXaoc5G-m_dutC3f5lxiTt9LJD0E2I17-_zfE5AzzhYD3lGyIOvFeOIdAHuwEmx3JyOjnwjXAA65bt-6J5hL3P39Jz-BsKAVtMAKN1CF7_myCSWW8f-UvsgW5xTQgKu2ZxJqQLaR1WWJsDj5-BFr5Q0OVYZ703koduUQbeEAL2FBstwMpP6N1FkgzJKZmribKvzp8X0Gqh_PkDqv3cL6b0jmf5Ui-5kwGaOpO3umLM4gMo0uP1SZXsqrUOyfW-pRVOyQS43oLpgQWeFY9R2u6-bm5LjCGYMVBRdsmarw578_kiGQ2syco4mOQef26D7dDFbSnKNhc_&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fm.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=11856568744999051000&adk=2923430907&idt=98&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:23:14 GMT

GET
H3 200 fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js Show response
pagead2.googlesyndication.com/bg/ Frame 37DC 38 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c24a069fb93b40fdeb54dd0bd49c7097b783265cda87add095c90f435b407a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14802
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:40:39 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 0B1E 3 KB
3 KB 21ms
19ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=4837500&adjsver=3&fvers=&iframe=1&ref=https%3A//m.baixaki.com.br/&ro=https%3A//9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/115.0.5790.110%20Safari/537.36&os=17&browser=11&userid=0&wi=978450744&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=4837500&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C0s5yiDPBZKqeKIiS-wa95qH4C6jpiutxlaG5-cgRZBABIMKm1htglYKAgJgHyAEJqQKph_i025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2-utxFRgcbKNmy1i3pEVL-B6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9-OwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c-bsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk-RzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX-4MejllCJ-9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL-IW-BOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ&ae=1&num=1&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&sig=AOD64_2x02VIdlnwwCqflgfjq6zD94TpvQ&client=ca-pub-1712420989769758&dbm_c=AKAmf-DW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0-YOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL_E9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj-eVHRI1GU6mqiEnKqiZhsAlzK_a64PVb5KzcHHjN3Z-iyrWr0SeuI8wIFmtfkOcho&cry=1&dbm_d=AKAmf-AK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay_iYt-bDLIwLks5_0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J-49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl_yy81Im_QlvOy9ksSGwcLLKCNhCzusRi8jiDxH-QFbMw6bbzKWKONzGSD1-CYysJms-OVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x_g5E_TPyMLhsvYn0BCfPX3JChU1NCOZ_Wu-zSk4phm1V_pmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82_qB4owJWZgZkRumK-FxgkuKwy4Hh5b0aCc-DkKDUHJW26wH7_vNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: b58e9e078b8c748300927b8c8dac7b18ef574a4991b6afe90d4180c90c9f12b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 16:54:02 +0200
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1690383241906&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2728785721&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 28ms
27ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1690383241906&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2728785721&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1690383241933&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1308341864&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1690383241933&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1308341864&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 55DF 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 259492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 14:49:10 GMT
expires: Mon, 22 Jul 2024 14:49:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame C2A9 10 KB
4 KB 69ms
20ms Document
text/html 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4836337&gdpr=0&gdpr_consent=&ts=7260140737819115878&kid=6025927&wpt=H&keyword=PACS_4837500_18234966&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=4837500&adjsver=3&fvers=&iframe=1&ref=https%3A//m.baixaki.com.br/&ro=https%3A//9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/115.0.5790.110%20Safari/537.36&os=17&browser=11&userid=0&wi=978450744&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 457517f201aee297e5e02dd9ed6f47c3d4302532cd4d4f4f89c3b889fcea4773

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 26 Jul 2023 16:54:02 +0200
expires: Sat, 01 Jan 2000 00:00:00 GMT
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pragma: no-cache
server: ADITIONSERVER v1.0

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame 0B1E 2 KB
692 B 25ms
22ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7260140737819115878&btr=true&pos=top-right&cid=547308&aid=547308
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 9028fb78c0f14e347fa7e986ade7d2a3a055053003a9e6703fad535d6f1a023d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
content-length: 610
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H3 200 container.html Show response
9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 264B 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:00 GMT
expires: Thu, 25 Jul 2024 14:54:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0B1E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815c12ec367738087b3b7495cda830e227063913fa51d7fdf95df598706596be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1690383241982&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2903198109&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1690383241982&cv=11&fst=1690380000000&bg=ffffff&guid=ON&async=1&gtm=45be37o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.baixaki.com.br%2F&frm=0&tiba=Baixaki%20-%20Download%20e%20Jogos%20para%20Android&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2903198109&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js Show response
pagead2.googlesyndication.com/bg/ Frame 55DF 38 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c24a069fb93b40fdeb54dd0bd49c7097b783265cda87add095c90f435b407a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14802
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:40:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 264B 4 KB
767 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 14:22:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 14:54:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E5C9 624 B
242 B 54ms
49ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXC-Ud_iTa6EjDuT1jUgqPRQew_o8yy5Rl2W9djgOY4BeDAfSgtDe5-obW19MANIrWAJotC-gkIDtL8dTunlmgVXyRwDCB86pxBpr18A8hdzUj9wWeb6gD58pX62RXCVtatG7S3BGlorHMdqo46-8TpO3QBcCj6lhNSp8NFFAMOcCD3c9Y

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 14:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4B84 85 KB
29 KB 122ms
121ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4B84 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/window_focus_fy2021.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 10:07:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/ Frame 4B84 20 KB
8 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8302
x-xss-protection: 0
server: cafe
etag: 1396992018294926149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 20:18:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B84 0
0 19ms
17ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQv9fz2j5SyanCPduV6m66gBLoPDKZ6XXbwD4_t9K9YlJM_H9Q3j-4DzOC-Kl1MBT5E9gRePGzJnsvcahjbqyIceWIN1Q
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B84 179 KB
56 KB 100ms
94ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57383
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690198756579870"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 14:54:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B84 42 B
63 B 47ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BguG3z_KLA1irrDQ2BkqAQwrntgowcYnaBuyN8XoepW_j8mp0mStCDWDW-in1ozVmXEfopgjrNJO68GvxHkIBxkcaTi2x7q2vFp94qF6qm9ZeAFTs

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B84 0
20 B 48ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15751322649381758477&x=1&ct=76

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame 264B 20 KB
8 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd514ffbccdaba03d423b0bc47ed4602c734d534f3d5e2669d58cf40c133c3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 1797702365616887767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:21:44 GMT

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame 0B1E 20 KB
6 KB 66ms
65ms Script
text/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7260140737819115878&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7260140737819115878&btr=true&pos=top-right&cid=547308&aid=547308
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 09de1a37e9715986fcb39e2438722eb82d07493873834df8f10c782b832871fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
content-length: 6072
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 83 KB
18 KB 82ms
81ms Document
text/html 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/banner?sid=4836337&gdpr=0&gdpr_consent=&ts=7260140737819115878&kid=6025927&wpt=H&keyword=PACS_4837500_18234966&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: a8da0791ef0aae52a1b30ac5cbb09c99377935dae28f9622f2a0d4fa51a11ee6

Request headers

Referer: https://ad2.adfarm1.adition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 17941
content-type: text/html
date: Wed, 26 Jul 2023 14:54:02 GMT
etag: "1515684018-br"
last-modified: Fri, 21 Jul 2023 12:44:27 GMT
vary: Accept-Encoding

GET
H2 200 b Show response
b.t.tailtarget.com/ 121 B
577 B 111ms
110ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=3&tU=0100007F8933C164BB063E7202E85B19&tX=b.52&tZ=3778658
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 2fe67310de0f6cec0a966e6815d315486c28b5f2bc6b75b92100d12f53f9a652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E5C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXC-Ud_iTa6EjDuT1jUgqPRQew_o8yy5Rl2W9djgOY4BeDAfSgtDe5-obW19MANIrWAJotC-gkIDtL8dTunlmgVXyRwDCB86pxBpr18A8hdzUj9wWeb6gD58pX62RXCVtatG7S3BGlorHMdqo46-8TpO3QBcCj6lhNSp8NFFAMOcCD3c9Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E5C9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMEziRhiWErUSDW-HWipZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1

43 B
766 B

13ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXC-Ud_iTa6EjDuT1jUgqPRQew_o8yy5Rl2W9djgOY4BeDAfSgtDe5-obW19MANIrWAJotC-gkIDtL8dTunlmgVXyRwDCB86pxBpr18A8hdzUj9wWeb6gD58pX62RXCVtatG7S3BGlorHMdqo46-8TpO3QBcCj6lhNSp8NFFAMOcCD3c9Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:02 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbDtaERtkdR-aX9zZjSc3E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E5C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPs7P0gvkpLH0-cKID_HPfg&google_cver=1

43 B
845 B

9ms
8ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPs7P0gvkpLH0-cKID_HPfg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwtPDmAEwAQ&v=APEucNXC-Ud_iTa6EjDuT1jUgqPRQew_o8yy5Rl2W9djgOY4BeDAfSgtDe5-obW19MANIrWAJotC-gkIDtL8dTunlmgVXyRwDCB86pxBpr18A8hdzUj9wWeb6gD58pX62RXCVtatG7S3BGlorHMdqo46-8TpO3QBcCj6lhNSp8NFFAMOcCD3c9Y

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
an-x-request-uuid: 07f913d6-f0aa-4d3a-a999-430df06f0860
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPs7P0gvkpLH0-cKID_HPfg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5C9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

170 B
188 B

21ms
21ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
an-x-request-uuid: ada23b9d-762f-4338-b658-66d9196bd6c7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5902 0
10 B 34ms
30ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IcgDOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 0B1E 3 KB
1002 B 27ms
22ms Stylesheet
text/css 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7260140737819115878&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame BD9B 753 B
410 B 13ms
13ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
last-modified: Thu, 20 Aug 2020 14:03:40 GMT
etag: "1134380014-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame BD9B 139 KB
48 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48652
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 26 Jul 2023 14:57:14 GMT

GET
H2 200 oba_icon.png
imagesrv.adition.com/js/adplayer/ Frame 0B1E 3 KB
3 KB 14ms
13ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/js/adplayer/oba_icon.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:02 GMT
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
accept-ranges: bytes
etag: "502461915"
content-length: 3262
content-type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B84 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8606859306968&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B84 0
20 B 44ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8606859306968&version=m202306200101&ct=76&x=1&cor=15751322649381759000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B84 95 KB
39 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxDQQl-OfOKEtllrwF_P97IUqQS19_yo729lBgzLu8_jNe8Fqvf0LgIYN6KD-fE4MGDywchxaDqyZSg2MR4x0A6q_E0g&cry=1&dbm_d=AKAmf-B50cJmjoIfpna_ADxKoarqsp3HcOVY1nBfSZATBe3fHRA00CsYRonKPZSemQ77pjXFdBR2TxMAjnj_P0OrctTup4xovcNmwa2kL-YwxsUeS7_Th79I_S5IcGba3SebUJ5yYn4xzNi_ERtxLg_6JXH3lvf2P7va5BFNEP78qqa7tSyy8wZR7irRShNTSzycAdz9i08F_2MEJYmUTTtZVBAwZSZBXMQwSX95XtLN3o78ZGLfdE-Ayk3TvNLjU1uEjhC0DxoMBD40Wjr6m-HUODc_p1DPMu4KeEWlTezuEJnwBysCvxEiKArqV9hjbKOYv9G6GI5fsgd7vw4Hlfk3ADSW_0_DPMdxXlcXvxLQskAiyKKHnipRrm-jfWhOAiRYd5_tEk0fzoIti-ff_hnIQ8aPq2eOWQbZi4n6uVrIeD17egsAulJiTkswuEnQZNnI23OgVk5VkdbOV3PfI-4f7MZK9cpKQNWDJABPjmkiBEsk6NvAy7gOowGz0jDW7MY6BYYuwx0aIqxatgckBbYnmRR2QRMkMUFdO7G-W-0Rc9W8K4BsVVvPTjOvPEZLMJidTsogHmB2r1eH7fr9I77v_Jzv47EEzkdGtmTo1_M97y6j9pDeLPK15HEkPAfIhOH9lW820pGh-ICSNRp3ZxPI-klxM5Ba4G5mlS0iN07dAVgmlYa2tvZPEwdPQtkXGYc3OwvroN3zwfiKXsJxC6a4Ulufp3mcAPeIub0kYXgSC85rhJaz86_vCn_NNJFjQgAxxfr10-T8n24N5byQxvV--HYaKf6aF92WNib5HTuJijQBGYLUxJ2fSd126iUnmOw5UvUeBzkFngdOd2rhfskLdwd83LhXRP7TNOv-NFxtdoWQqkf-9DdOy0r83eZ78O9LG-Q76z_a3VQjF-0kpSkct_zUHQ6fRB-xXNipE75WuMSAj-SRTAQHvurxCLXXev1vUUnKaWu_8-9tJafqaGOmjD-jAM56mgYGfT49Am8iQbnXkxPwbLgXZQTwqYXIBruw99vqmoge-jCMrvMy81IgzegBllXX-5TdDv_xq-huL_z4AnBLNBJX-rMCKCpjIKvGVJEKc_jkLCB2-af06nrD1of30weSJLhF-v-B77bCEHY2HFs-hmoLO9biUafZAlikq6_ajuTdmws7oPFLR9aGQsdB_z-1yYAyeX1-u92MwnK-mdS1naH6pqA2FxvvOJfOZPO8K6qZ3Xhz3FcqxoWJIpp8LTCj5Io0E8pOjj70hPtyXs6yqsvx9dc9l1p-sZRr4cT-gWTLG1DsRzLEtOQQP0YfHB-6Uq98P9L8xGTA5d87LgS-YQohMZMtylhdFksTZACjTzHnZjLTtV_kQceRuJzhpEuZkFOU14y6Jd_ZaUk-SKvFOW9-qCvulomYls3mYyNNyctaDyUwJaWAH8_GryTeuTZpRD3IJSKb53AFE_CoRYYp2omYxRyeA2icboLL-8XDsV4wy3T3WwTtYv0K_Ody_nEWUicudayzklxJ70tUtRzNelRTyVHv4h7a9zmeY6Pae6klE-4lALkbFncgkuZGYxPEIy15feb_IydObHJZmO-9DOjMzwtpBkA9AOQtZHfmLSvf25hG13pQb2PU2CkiFPse2BJwRDAy_XxOCn-SRBnSI0CYm2rLcF5Vp6D_zop-wvcqYS4YV9d2AcVvWC3BpQWxq-Kszxg9r0kp2mf0jr-ZThYKcsYA32cdqjqlSMowuG4jkfTXG4Rg7RmYdLwwIxiU8i23u1sgYhn-cKNhXvcLj0DcuHAHvPWoryeUKCsQbgtnsWN99-6M3a77l3mneWrcW-MPQ2VGHxjGGmUcA3nIswu-hdiuiLGRdccAvIBr8RYnv5OGrSi1thNmcMYQiojI7vPZMLzDxka_xz2v0q-H8GAK9m3ESc_CzaouHhDobijjAjvinYSCpALByUFMsgtb28P-42PIlpEwkYA0i4rOzyeGzicRNBsv72NJMAH_J1g8TSyPPP7XYu86IBw3HXwzg-ETbtsF5VWPscVMkn5xApfchmroDGxToOHSgyOFUhD6Mdm8RTCZGEerMlFDwcIbocysh04DC5lfnT91kitQ3LMt0N3OO_CN_L9eTMRcJMl8XppGHx_eWnm-zA8tXeNqZEmg_B5ETXZcLa3ejV2HuK18ouU-lHZbz0WerQ8upWYNlupUST9X0KZcHSrTeyCr_Ct77_43w9F8_OTEgjXnyLEm0EaO4AS8EKuNLNbC6hreHUAxbuWj3A0UQ902XAfCSJhWhXHdSaJltxQyzCzVmvKYBG1lh8QeIHWK_iMcFtTUgXCD3eoRItwGmtmXVpGj9r8MC28_S4osXPUWGMK5nWTz2tZYr0esZx83yn4KgVDP5n-zHnp5IrtCnkjUg7S-8TSj8uA38e_JSDSkKB_oDKvYrOGl68FGeNW5R7kzyC81K21N3ujd31uHaLX4VcZ1eIls2T831K7L9IIhTnJEKRnm9oIeKAhVJKVZFXgPaUYgC4Ur47mZ3ISxuQ0tzMg7Sb7_4xz3TxZK82lfmlvAB59pSeA0ugS3uHeAY7XvynP0JGygggjxzkgPHKpzAh47adIxJUFwykTDgvdfn2Z_9z-nhd_sJzhzqQadR8Qry-G2Oq6eQFy6fZI6HpaVxOBWUmLlzdeWvXxdIrI05ZHd83oEAwMxg9GaJbLt55aJ_U_Z4jCYiYv6yk1vE2_DNR6Mxgtut55kE8MKdn05p4T8qwasBh4S4vK8z7DyeqKj2KSNOiTznnAJ-b_kTwuPiIMN5Y8NvkdKIEywXvZ5QacxfBpIKAIXtkiJ_gysoyNj7aZVauYA4aymcyrZNBezH-B4X_fKeq41gSl2ZgAI8y4EZQOE_f2pc6rPlG5vQXuWjXlfc_StcuDLWJAnTuf2lIw-5pxvfbjfsGvQ0SUFh2tcO5iKtnqp_1BwhAwxvGzimV8v2GzBK5Y8FXZRJzoylp-0gEw6Bd-AzAGPfxV1A3csPscohgQx79ZAxYY3cz-KzRzgETETnxk1lLZvSdcwoaYvSpDaPFLiVESXKJLhPVXK1YoS7E9i8pLPfYOg_jdhAt4-eK1aHiapiwGPjsqHAX-PHRfPpv8COiySHs2NYn0x44fe-5De61G2zqLxRpc-nHyNDgHxMmNPwHUivFu7468jQsbQZRvk545hr78TbKiLYckjiUqWC2gX7B-_UnLpu3UOT_GUeydv8BVs5A3NA7tYpfWY_i0fujUJRDpbc2qRAW6QVsUj2dojuFxmw6ePW5AtrF31bF5zXyt3-yFG_3Y2oayt1x0hRZdYeFmWU8HmhC_TyuagPYz6gqxuxRLFonm77_4ZIqCx-EeeFEd4Huq1-3w1vlNEf0Y3zwywit0UeBU&cid=CAQSOwBpAlJWxxRboTz1jMi0DVPomtHtjw569-o-HRjIq8twmeydZbW09lQN6Ex2ey80rt8Tpdt5bchRn3uxGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fm.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=15751322649381759000&adk=1726166460&idt=126&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62451da7df7723ae7e8ee24b5c2d53971c61d677f915b6463896ff89caaddc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39492
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4B84 111 KB
39 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Origin: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 13:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 13:46:58 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/ Frame 4B84 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxDQQl-OfOKEtllrwF_P97IUqQS19_yo729lBgzLu8_jNe8Fqvf0LgIYN6KD-fE4MGDywchxaDqyZSg2MR4x0A6q_E0g&cry=1&dbm_d=AKAmf-B50cJmjoIfpna_ADxKoarqsp3HcOVY1nBfSZATBe3fHRA00CsYRonKPZSemQ77pjXFdBR2TxMAjnj_P0OrctTup4xovcNmwa2kL-YwxsUeS7_Th79I_S5IcGba3SebUJ5yYn4xzNi_ERtxLg_6JXH3lvf2P7va5BFNEP78qqa7tSyy8wZR7irRShNTSzycAdz9i08F_2MEJYmUTTtZVBAwZSZBXMQwSX95XtLN3o78ZGLfdE-Ayk3TvNLjU1uEjhC0DxoMBD40Wjr6m-HUODc_p1DPMu4KeEWlTezuEJnwBysCvxEiKArqV9hjbKOYv9G6GI5fsgd7vw4Hlfk3ADSW_0_DPMdxXlcXvxLQskAiyKKHnipRrm-jfWhOAiRYd5_tEk0fzoIti-ff_hnIQ8aPq2eOWQbZi4n6uVrIeD17egsAulJiTkswuEnQZNnI23OgVk5VkdbOV3PfI-4f7MZK9cpKQNWDJABPjmkiBEsk6NvAy7gOowGz0jDW7MY6BYYuwx0aIqxatgckBbYnmRR2QRMkMUFdO7G-W-0Rc9W8K4BsVVvPTjOvPEZLMJidTsogHmB2r1eH7fr9I77v_Jzv47EEzkdGtmTo1_M97y6j9pDeLPK15HEkPAfIhOH9lW820pGh-ICSNRp3ZxPI-klxM5Ba4G5mlS0iN07dAVgmlYa2tvZPEwdPQtkXGYc3OwvroN3zwfiKXsJxC6a4Ulufp3mcAPeIub0kYXgSC85rhJaz86_vCn_NNJFjQgAxxfr10-T8n24N5byQxvV--HYaKf6aF92WNib5HTuJijQBGYLUxJ2fSd126iUnmOw5UvUeBzkFngdOd2rhfskLdwd83LhXRP7TNOv-NFxtdoWQqkf-9DdOy0r83eZ78O9LG-Q76z_a3VQjF-0kpSkct_zUHQ6fRB-xXNipE75WuMSAj-SRTAQHvurxCLXXev1vUUnKaWu_8-9tJafqaGOmjD-jAM56mgYGfT49Am8iQbnXkxPwbLgXZQTwqYXIBruw99vqmoge-jCMrvMy81IgzegBllXX-5TdDv_xq-huL_z4AnBLNBJX-rMCKCpjIKvGVJEKc_jkLCB2-af06nrD1of30weSJLhF-v-B77bCEHY2HFs-hmoLO9biUafZAlikq6_ajuTdmws7oPFLR9aGQsdB_z-1yYAyeX1-u92MwnK-mdS1naH6pqA2FxvvOJfOZPO8K6qZ3Xhz3FcqxoWJIpp8LTCj5Io0E8pOjj70hPtyXs6yqsvx9dc9l1p-sZRr4cT-gWTLG1DsRzLEtOQQP0YfHB-6Uq98P9L8xGTA5d87LgS-YQohMZMtylhdFksTZACjTzHnZjLTtV_kQceRuJzhpEuZkFOU14y6Jd_ZaUk-SKvFOW9-qCvulomYls3mYyNNyctaDyUwJaWAH8_GryTeuTZpRD3IJSKb53AFE_CoRYYp2omYxRyeA2icboLL-8XDsV4wy3T3WwTtYv0K_Ody_nEWUicudayzklxJ70tUtRzNelRTyVHv4h7a9zmeY6Pae6klE-4lALkbFncgkuZGYxPEIy15feb_IydObHJZmO-9DOjMzwtpBkA9AOQtZHfmLSvf25hG13pQb2PU2CkiFPse2BJwRDAy_XxOCn-SRBnSI0CYm2rLcF5Vp6D_zop-wvcqYS4YV9d2AcVvWC3BpQWxq-Kszxg9r0kp2mf0jr-ZThYKcsYA32cdqjqlSMowuG4jkfTXG4Rg7RmYdLwwIxiU8i23u1sgYhn-cKNhXvcLj0DcuHAHvPWoryeUKCsQbgtnsWN99-6M3a77l3mneWrcW-MPQ2VGHxjGGmUcA3nIswu-hdiuiLGRdccAvIBr8RYnv5OGrSi1thNmcMYQiojI7vPZMLzDxka_xz2v0q-H8GAK9m3ESc_CzaouHhDobijjAjvinYSCpALByUFMsgtb28P-42PIlpEwkYA0i4rOzyeGzicRNBsv72NJMAH_J1g8TSyPPP7XYu86IBw3HXwzg-ETbtsF5VWPscVMkn5xApfchmroDGxToOHSgyOFUhD6Mdm8RTCZGEerMlFDwcIbocysh04DC5lfnT91kitQ3LMt0N3OO_CN_L9eTMRcJMl8XppGHx_eWnm-zA8tXeNqZEmg_B5ETXZcLa3ejV2HuK18ouU-lHZbz0WerQ8upWYNlupUST9X0KZcHSrTeyCr_Ct77_43w9F8_OTEgjXnyLEm0EaO4AS8EKuNLNbC6hreHUAxbuWj3A0UQ902XAfCSJhWhXHdSaJltxQyzCzVmvKYBG1lh8QeIHWK_iMcFtTUgXCD3eoRItwGmtmXVpGj9r8MC28_S4osXPUWGMK5nWTz2tZYr0esZx83yn4KgVDP5n-zHnp5IrtCnkjUg7S-8TSj8uA38e_JSDSkKB_oDKvYrOGl68FGeNW5R7kzyC81K21N3ujd31uHaLX4VcZ1eIls2T831K7L9IIhTnJEKRnm9oIeKAhVJKVZFXgPaUYgC4Ur47mZ3ISxuQ0tzMg7Sb7_4xz3TxZK82lfmlvAB59pSeA0ugS3uHeAY7XvynP0JGygggjxzkgPHKpzAh47adIxJUFwykTDgvdfn2Z_9z-nhd_sJzhzqQadR8Qry-G2Oq6eQFy6fZI6HpaVxOBWUmLlzdeWvXxdIrI05ZHd83oEAwMxg9GaJbLt55aJ_U_Z4jCYiYv6yk1vE2_DNR6Mxgtut55kE8MKdn05p4T8qwasBh4S4vK8z7DyeqKj2KSNOiTznnAJ-b_kTwuPiIMN5Y8NvkdKIEywXvZ5QacxfBpIKAIXtkiJ_gysoyNj7aZVauYA4aymcyrZNBezH-B4X_fKeq41gSl2ZgAI8y4EZQOE_f2pc6rPlG5vQXuWjXlfc_StcuDLWJAnTuf2lIw-5pxvfbjfsGvQ0SUFh2tcO5iKtnqp_1BwhAwxvGzimV8v2GzBK5Y8FXZRJzoylp-0gEw6Bd-AzAGPfxV1A3csPscohgQx79ZAxYY3cz-KzRzgETETnxk1lLZvSdcwoaYvSpDaPFLiVESXKJLhPVXK1YoS7E9i8pLPfYOg_jdhAt4-eK1aHiapiwGPjsqHAX-PHRfPpv8COiySHs2NYn0x44fe-5De61G2zqLxRpc-nHyNDgHxMmNPwHUivFu7468jQsbQZRvk545hr78TbKiLYckjiUqWC2gX7B-_UnLpu3UOT_GUeydv8BVs5A3NA7tYpfWY_i0fujUJRDpbc2qRAW6QVsUj2dojuFxmw6ePW5AtrF31bF5zXyt3-yFG_3Y2oayt1x0hRZdYeFmWU8HmhC_TyuagPYz6gqxuxRLFonm77_4ZIqCx-EeeFEd4Huq1-3w1vlNEf0Y3zwywit0UeBU&cid=CAQSOwBpAlJWxxRboTz1jMi0DVPomtHtjw569-o-HRjIq8twmeydZbW09lQN6Ex2ey80rt8Tpdt5bchRn3uxGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fm.baixaki.com.br%2F&ds=l&xdt=1&iif=1&cor=15751322649381759000&adk=1726166460&idt=126&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Aug 2023 14:26:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/ Frame 4B84 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230724/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 15:18:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11572
x-xss-protection: 0
server: cafe
etag: 5014499061205845695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 15:18:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B84 41 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jul 2024 14:23:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D21D 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 05:53:40 GMT
etag: 48472445140208031
expires: Thu, 27 Jul 2023 05:53:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55DF 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_-nmiTPBZKjdN-e17_UP7MSZqAgAAAAAOAHgBAI&bg=!wsGlwZXNAAa0yfNklMk7ADkAdvg8WhUQfxzYOTBIOYvA-tfCRH1I0A0TovJv38YOE7JJQVeHhCw75AR-oHkSD-BeeFX6ELGcWvgCAAAA01IAAAAHaAEHCgA9ohh6XxEup56pbW-c1ewzzIA4ya09TXpF5hLqUdAF1_GIRn7YNLnaGrnbJUIvHKGIme1aL3ZBkCyc2Ukhs5kC9HCopY65brL-4xofiWnF4C9Se2EUv4F2yXG-BkPVlqVGJBIMaAOBR68GDmzzhtJ06szirTYUOAV3fcC_isyLPJu2zinAzTEJjoyPycCVj5pLX3ft4vxJWCmbA2m1Un-wJ8p1HmEEZwgklS9BS1riFdqyLsgMoq83aSmHhognob8J1rJwznNDwPj5thfXfmp-bFNp5P67Q0J1h4ZKAxcncdiHHB_Xyl_ZaoJEcznagCkk3a-IhRkJ2iH_FAQtvG0DuoWzJSCTd0IbyTkbLY9nZZ9AVKp7WngsuutDwlSY-Wbx1f8_GZmMj_Kk0rwXDacodUzv6YNDnfSA-ELgc08WcS-QKsb11_-ugtEwSQVD_G5atbaZWdVaBI6ovbXflz7IWOTKLNBCHiYNaiD98kYEQAviTwzsXIAEJTVPfeVrSRVXfxlLkVOl18GZ356NbUfHi4LaA0w9cUHOMLD2nSoAnYQwfJwFa2S92sNF5NLVPp4l8bZNQkirFBBj22qzdym5bR4MWl8Kw1wiC3qmsF7DwHw_c9XWgYsjeqXgKERxlhVWyVnD8LfESVPxuaIlAkLDVNqM8gLq0RlHTloCn3ErhJ4q1onCpku-ry5G_wqitO3noQvOSWlkmtkei7psbTkUkOahJAkOgI6pw8kSIu8Em-tjw6dtB1PEMxha371rt1OpJTMb3UgPTjDOELX3TCFrloAg8ctsea0ODXoGfM1n8m_YmFi_RDCGoOYYtWVCGG_1JjUag991KD38R5tm9l_RElXv042wd9DP2KrurWAu5WlVT1EadCi7SeQP1R_kSqez26jG5dRgECSjK-AHgbBPEe9dBczP2-C_XfIa-aLOv_CD3sQqWwbKLXBq8DyCOD0Gzk8E-OeG7u0CfPrYC5oPRVBOnjFSuFwgnX3-7aTXelDs42UGy5nkQ-3kkxHJ4LnWYNsLw-vfRuuHSMlFfCYhAY7-yNFn1YI0qZ93fgcxRzvMNKQ1PwOZ5sLBlSxlZBUtfb6Xtw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
119 B 129ms
129ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=448594641
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 1e0b2444328177bed79c32fc18f2b9de4ec674fda1afa828e9f28b889f3cf5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dpixel
cms.quantserve.com/ Frame D21D 35 B
465 B 47ms
15ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDVYeUmkWWVGeg2F4P5kp4s&google_cver=1&google_push=AaAOQGGBIdoYTJpyLZXVdTAo_y-cDeX-A3tY6gwVRK1j-bcvseUwoeZgJqknXHEGDspscgw0hyjs0vHA2p7vVVicyRyiPZjXdTc

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D21D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGVBUKClsGbDTdiEqSKtwUk&google_push=AaAOQGG-ovPVDObT-JZUK1Sj5ELwyT87H6nuXwbGFXWZMe-o0uDWxU2BeC...

170 B
188 B

26ms
26ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGVBUKClsGbDTdiEqSKtwUk&google_push=AaAOQGG-ovPVDObT-JZUK1Sj5ELwyT87H6nuXwbGFXWZMe-o0uDWxU2BeCiucGll0BZvRXlA1X5JTPnKAZkAgKZ4KOPs9JBc1Ck

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220072-FRA
pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1690383243.543452,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGVBUKClsGbDTdiEqSKtwUk&google_push=AaAOQGG-ovPVDObT-JZUK1Sj5ELwyT87H6nuXwbGFXWZMe-o0uDWxU2BeCiucGll0BZvRXlA1X5JTPnKAZkAgKZ4KOPs9JBc1Ck
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D21D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHBXlJnpB0SroEdUcMOTlcE&google_cver=1&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOHae1Z-3248Vrdi
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EDC2C72ECF84BD49F257427B98944E6&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOH...

170 B
188 B

18ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EDC2C72ECF84BD49F257427B98944E6&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOHae1Z-3248Vrdi

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Jul 2023 14:54:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EDC2C72ECF84BD49F257427B98944E6&google_push=AaAOQGHS7lICqLx335rkMD5VjvnG4N-tAuSe2s5tEYJePbDn8sH5UB1qEPAWbkAjyIiCMo77jQE00ggeqPQQqOHae1Z-3248Vrdi
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 25 Jul 2023 14:54:02 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D21D 70 B
265 B 110ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOPtHu344ZQzLhW3Q_hX-mc&google_cver=1&google_push=AaAOQGGRQRjXY3uk-TtvUqSW1fjCQe7XqWiYTeWOxSOj6nir_GcmYDOukDIf_znqGv4fGLI6vpjgFCp4YvxVTnJK2UbPFcUSa5Fe
Requested by: Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D21D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENhY4pfyk--C855aFuLdQm0&google_cver=1&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1bKERG&google_hm=eS1GMnpwR19wRTJwRUd4Zi...

170 B
188 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1bKERG&google_hm=eS1GMnpwR19wRTJwRUd4Zi40eGx1LlJFWnk2cGtNOFZsM35B

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 26 Jul 2023 14:54:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHI7YAhbrK6lQodL81IEDRDy3TAndEgoQeJczU1xu2QI-T2L8D7qIaM8yQ7VEOP4hKJ7QLBqEIfSfNtMzdbG_4cAD1bKERG&google_hm=eS1GMnpwR19wRTJwRUd4Zi40eGx1LlJFWnk2cGtNOFZsM35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D21D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o6yAxMm_QWybz05N3DwYdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o6yAxMm_QWybz05N3DwYdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGwf02Ji7_CGgDZg-CvHM0W4LVBA43Q9wMTKBmxGM7f3jGG6uTfPD8sB3GMzPn1wn8rk6Hw_znMEiWiA5SBQ0gYZrOPfav7

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=o6yAxMm_QWybz05N3DwYdg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGGwf02Ji7_CGgDZg-CvHM0W4LVBA43Q9wMTKBmxGM7f3jGG6uTfPD8sB3GMzPn1wn8rk6Hw_znMEiWiA5SBQ0gYZrOPfav7
date: Wed, 26 Jul 2023 14:54:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D21D
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZf...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZfA94qudi9SJ-NwHCZr...

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZfA94qudi9SJ-NwHCZrv-7R_PeIUCZHqibP1ud1jC6uNG827jK3H275xqbw1uzZN3viHZtj9yJLyoXIP59HPn6w

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
an-x-request-uuid: a59fb680-20d9-4455-91e3-02ea2f29d804
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTU0ODM1NjU1NDM2Mzg4NzM5OQ%3D%3D&google_gid=CAESEDlig6NLMV7Np3DPTqBbM14&google_cver=1&google_push=AaAOQGH80YzhSeHZfA94qudi9SJ-NwHCZrv-7R_PeIUCZHqibP1ud1jC6uNG827jK3H275xqbw1uzZN3viHZtj9yJLyoXIP59HPn6w
x-proxy-origin: 81.95.5.39; 81.95.5.39; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D21D 0
12 B 17ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I41ReuHu3y8I218GwuTksLPPobL1bv4o_66-9Ldh_L8prhUGL7AjNMexnhjgmSDUgtOtzEcg

Requested by

Host: 9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
URL: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/13099171184661990128/ Frame 26DC 27 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1f79f84021a62a020fc4687a69585e29671596f5fbcd1a02f1c39f267a4e763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5229
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 12:49:19 GMT
expires: Thu, 25 Jul 2024 12:49:19 GMT
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9471 22 KB
8 KB 11ms
10ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 259492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Jul 2023 14:49:10 GMT
expires: Mon, 22 Jul 2024 14:49:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4f581af76132f23ddaa82506b975942c.js Show response
s0.2mdn.net/sadbundle/13099171184661990128/ Frame 26DC 107 KB
30 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/4f581af76132f23ddaa82506b975942c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16df19b39a143d665562636343e411f30b84dcf21c7086ec0b0f739c558ff103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31030
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jul 2024 15:47:59 GMT

GET
H3 200 fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js Show response
pagead2.googlesyndication.com/bg/ Frame 9471 38 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fCSgafuTtA_etU3QvUnHCXt4MmXNqHrdCVyQ9DW0B6k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c24a069fb93b40fdeb54dd0bd49c7097b783265cda87add095c90f435b407a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 20:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14802
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jul 2024 20:40:39 GMT

GET
H3 200 3f369d207a0ff02b7c4b3d11f21f0836.png
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 23 KB
23 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/media/3f369d207a0ff02b7c4b3d11f21f0836.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

136706e77b18773010cb1298654dc14ef20f0789497781bc136d471497ffd9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 11:46:07 GMT
x-content-type-options: nosniff
age: 97675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23265
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Jul 2024 11:46:07 GMT

GET
H3 200 aec8e5d095f4d4bf79f9286d4ae5a043.jpg
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 4 KB
4 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/media/aec8e5d095f4d4bf79f9286d4ae5a043.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c21996549fbde9dfd05ab6419f2d9159e3fc4168636a097b931d0a577adf7e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 02:22:04 GMT
x-content-type-options: nosniff
age: 390718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3994
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Jul 2024 02:22:04 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 5 KB
3 KB 11ms
11ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 08:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jul 2024 08:19:44 GMT

GET
H3 200 ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/13099171184661990128/fonts/ Frame 26DC 173 KB
80 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/fonts/ibm_plex_sans_500_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 06:44:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288576
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81411
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jul 2024 06:44:26 GMT

GET
H3 200 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 5 KB
3 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/media/6d7052ff6df13eae564657f4b45cc79a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/4f581af76132f23ddaa82506b975942c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 08:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23658
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2640
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jul 2024 08:19:44 GMT

GET
H3 200 1b0f3b2d9a60cbf4577536b7db655f6a.png
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13099171184661990128/media/1b0f3b2d9a60cbf4577536b7db655f6a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

244c790e3b8b1395c5e705a16de47feb60b216651dd82994d442152a7e8b904d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13099171184661990128/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 02:02:45 GMT
x-content-type-options: nosniff
age: 46277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4508
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:12:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Jul 2024 02:02:45 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 41ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 26 Jul 2023 14:54:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHw9bn4mzr5M-WbVMrweBzQ&google_cver=1&google_ula=862479430,0

70 B
364 B

132ms
109ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHw9bn4mzr5M-WbVMrweBzQ&google_cver=1&google_ula=862479430,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEHw9bn4mzr5M-WbVMrweBzQ&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012307180709000/ Frame 7F8C 222 KB
62 KB 71ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:41 GMT
age: 164601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62064
x-xss-protection: 0
server: sffe
etag: "7c75c6afffb97d84"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7F8C 15 KB
5 KB 89ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:41 GMT
age: 164601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5274
x-xss-protection: 0
server: sffe
etag: "b24c5d555100d699"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7F8C 94 KB
28 KB 90ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:41 GMT
age: 164601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29021
x-xss-protection: 0
server: sffe
etag: "908f04349b1b2df1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7F8C 5 KB
2 KB 93ms
33ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:41 GMT
age: 164601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "5416cfef676738bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 7F8C 40 KB
13 KB 94ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 24 Jul 2023 17:10:41 GMT
age: 164601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13013
x-xss-protection: 0
server: sffe
etag: "4da616cd662b7cdb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 23 Jul 2024 17:10:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F8C 14 KB
1 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Jul 2023 14:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 14:24:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Jul 2023 14:54:02 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7F8C 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 05:55:49 GMT
x-content-type-options: nosniff
server: cafe
age: 32293
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
expires: Thu, 27 Jul 2023 05:55:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7F8C 344 B
369 B 9ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 09:40:06 GMT
x-content-type-options: nosniff
server: cafe
age: 18836
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 27 Jul 2023 09:40:06 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F8C 0
0 17ms
16ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrIfTvBhN3MDS5hikXmzKnNlaX6ZthSO0KDjVKECDswMUhStGmwkwl8VdCtztAKLmLqVgYCW5Ue5jvdfRQzRC6o40IJw
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7F8C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc36a993950684e2a53e9a4f5a84d136f7b4cbb25dfab0972feaa78e88a6625d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9471 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9DMYijPBZLe3F4m6x_APzuWO6AYAAAAAOAHgBAI&bg=!mZqlms7NAAa0yfNklMk7ADkAdvg8Wty00Q_N3CIJy3t5zlNE8n9Qki27eFmXLaT2hhuiB-7aQlVQWRvF103EfRVBFgFVijfTAu4CAAAAblIAAAAFaAEHmQNJ-KtoK71sys2HSN-bwTWsNpzmRM-4eJFLaP-MfxQ1e5eoSMaeyE9l5o0SbqpDLcR-O7DctTM0ONI_sUqtqywnHNtgFWUZ1WfIgcp0DmZEJS_TropsbXk8auMbmMg74yvNUjsEx4lWgTubzvoZqe3c_toEFGN6rO-r4e9JACGY_QKNPMNqlmsg5186eNsipJ0NvK7HaU7Z229cKaaXwys5CSsW4zzrhQ9d56WdCgReMuOQBU2L5PInRwexXOjpVUzL0kmyJWd73Gbq5keNEELQsrvuKkcjfFB8A5TPQ4hRPZ355AaCC0GmKgsi4cV4KSJgT398qP86uYKWvrtlOU7Cp4nvP_4n90NLRZLio5gvMKS5bNj7Wntn2taNyCdCBzed0PY0eiPzvYsS7kLo47WHe2K7VfyDpUiARrXf6px-JkB-GBdcVaYihT58jPmPQJiMXAfkPZF1AR4B9D4dSnoXK60nD4ojqPsiFyQ-6K-Xlbc0DFbVJz_CrnWEmvQw8LQrtQlX_o8zfBg31q75uPiiebOFFprXTOBR0p2PiPdLic5z73PLxYb75s93RAH8UT3r0wr5K5yEK3YxL3n-FYu6DGZ4PgOE0Au9RLOKCjvd7xFzCU-_nAZbgp0y4QzHbBxshmtHvoCcRVSjM4kZDbt5JKYO7gqzIklXWbXcjIDszvWEG8MxdGDg1k2OBFXaHj7x-o6r4RO9Ppw_ZJcT_uaAwJVGZOj9zk9OB79T5PB9u0zECdq2z1N5XxGArpvTP71L6Dva-EfPAhKCDfxi8SKxrsiZrDVtFvE0u84xJaL_cl_O49TuXd4bfVoYP5GcJOsjkUL2qRIal6MhMDq-VVaBgJ8X4kQeVjeSNnHf3Mq3c7j8zR3S1iaBsqKdJvSbLoowocyshOG3HB5Olo3xdoKQhR6guoFKoKDF0SmY0UjLp093SxVwIjNxO0kQmWMXqxrK0PSQeKG5Gzi5iTxbhqCVyJlpyRlqtVkkgPw1DruQBGekK3O4TGVkNylxNXAJUzcNSXhWPNFEJi_Um1sOZoudaE34L81AN2ckFzciTW347pN5jOBB_DN7m_nBEfRjgv2L7skZGqdWh0Xc1sY_Q37p4u7Uk4iYJ42sUw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 7F8C 33 KB
33 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.baixaki.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 71085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jul 2024 19:09:17 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 136ms
109ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_cologne_north%20rhine-westphalia_de_1690383242288_1365181735&tJ=CA28766,CA15795,CA15771&tQ=par-baixaki,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F8933C164BB063E7202E85B19&tX=b.52&tY=1&tZ=946815139
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:02 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7F8C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

23ms
23ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H3
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Redirect headers

date: Wed, 26 Jul 2023 14:54:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F8C 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ct-AziTPBZOOlMJP9mLAPufiDqAvyvO6_cYrHqZ79EK7N5q2JAhABIKrTjGhglYKAgJgHoAH09_T-A8gBBqkC8Pt9JR-Vsj7gAgCoAwHIAwqqBO8BT9BH1yT4GGRN8xELIK6bdU5-_pFimJusxCBns4YX8JAjrw7SXIGtxs5ISUNFnNOIqPc5LtB_XW-Z0XSWJQ4DyKQ8MJnGtl3kPZetXrkfi45H1piqnZyBydZGjW2h2mQS-WxvU_pOOT6Iv98cgM5m3WeH1dVm2zngiYx2dHDfJi8kbhzggrw4pUIL3gZHxfZKAbjxH5113KTpX4b2w70WT9v7WuhNXa3X2hA_0kSvWVHh_Fb3GAOkI6Djc-6Ki-mdlJirL0H255eeXgSiHklut8-0KHXHI_qdOJ-EeBtq-tW18q4bYYkkJA0iENJQWOnABK7TmI6tBOAEAZIFBAgEGAGSBQQIBRgEgAf0h4sBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnJgg0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzY3MjQ3ODYzNzEyNzA3MoAKA8gLAaIMCCoGCgTDsLEC2BMM0BUBgBcBshceChwIABIUcHViLTYyMDE4MzY5Njk0MjQ5ODYYkfNs&sigh=zPJNGrCp3dI&uach_m=[]&cid=CAQSOwBpAlJWO6ZEeAAtHrYof2dFfDFr4qJ7RilSvLc6QAYzSOMtXaPT6-rtETJNb2CcbbhDSzg9AihER_P0GAE&template_id=492&cbvp=2
Requested by: Host: m.baixaki.com.br
URL: https://m.baixaki.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=2727511368750681&bg=!hYalhtLNAAa0yfNklMk7ADkAdvg8WvyTw15hrBB3FHSA5CqJ2w-PbS4__2u_RPu7EwnKTOEalemQO-Xi72Ro0h0CHhvB0_fuPWUCAAABPFIAAAAGaAEHCgB_zFQI51NScBV6LAwQGWUwAJlvr1ZDk-LvtErJMbwVw8ehYbXL4g-aJLXwiF_DvVZ2uCCz_oeipqD5FIw-1hM2h0h0A9znRKK171ZKq4R2JbzveDWCe4jbwV-4asxAeZMwFwlkesrIj7bHo9OvpzvaFZ7y498nH3OKwwJ2VAkEtpkCtM2h2E3-33S9O3se5hIY3v72F9KO5hLXFylFpxA6tLOdcodA3Hpe73ZEl2nzPHxM-xthNZ1LfC1geNNXxxn48SnubSHmlM3N7EX7awUeOXP7oG1BlmYgiKVgf5OXlLd7M_P36S17p70s3Zsm3Xk-soJrXz-sdHlp6gYvEXrTaBWzC5BLUYW7OB3KDamFYcGvP4zAofE9XKKXUZzTb9oPtQ2UEFb5crWiI_y-54g_PQCtMlf9dX3zhUGl2IlVaRygHNOdL3kO3yTu58AaSa24RLFHl6aANvrpx0shgwWpyx9UlWFoedVvv93yYqTEjxIQxHKztok309AQgJSurb201fiUkB4Du3HbEgv10t2YuwdG4EjLjO5-fZwidD7jwV_DxBtwKFxFURSmSICMSR-TuKbo_Sl5NF5XrAwqm2kEdDm3i0ksJLJmmvTGrcaY-RmQMKSSVuGigQWo4TfDPdFKWzsfajLnhayzuBX2i7AJkNZqTM_p9FkG4h52vjWImsW8DbTgn_IO3L3SEn2wLoSt4DfMV_kP0A26Dh0pq0mL43cE8xnHd4RQo5-u6n55TYqGtjrifwugxGPeJcpMRKsXuq2vQBwIdbtGIP95BV1iVS_IfFv8zUS3jtUTBGbiB03s7WMueDTzn0C-FPPIU8P3lW2wUUwOq_nh5kBcHPc4gbMj3xHTw7oPN4MZWjUitC3vFJwmvYec_mUjXUTy4OGU5gy57wLrmj6iQF_okChS6kEJxLKXu3m3JHtnl2-0IfOWx6KpdMwM-OmBwCwBy9o2ci0C4aqkD34taZMSZLb_h6B4eHZmE63vEI559LM_0-7kWQVknthubFSlPyyvYsHar5WoU81nvvRDlsdI9P-zfDViUYx1yrQScguitLRDQwARu4B4zOjNFFjaibsb-eetHANasAQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49F7 42 B
174 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq4c1zjqt3gcSfIX3l0gsdx02hpkDnap_zQycgVI3K9WmNUOuz2r5YGvFFQbIg89o5f8LA8_SB-RiglOZtR2K-SAurhHhKC8cmo7rjeMaXer-Gs3lOWxlwopUIMsLncbq_F94EFl19hSvm&sai=AMfl-YQ24_-XTc1YjBdAx31si_oHJGO4uFMZHvrUkBbtaC_rdD-ccNWhIY-9SS6Pln50LgyHGCYP-GgyxeGX_lDpGpHCaCzStPRSLmwSq6QchmVzulzaxyWAiG5yvcOCqL5Xg-ALhvXCnZ4vRI2N&sig=Cg0ArKJSzE_lC9woQMo7EAE&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&id=lidar2&mcvt=1000&p=1100,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=812633205&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690383241629&rpt=371&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B1E 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteyiHPN9Pn3tlUlYfMDq8aaAUVbSdhfAY0uqtgLNLFke6egBIFu2Yg4wgtgTpU9Kk6Tfpgt7NPOCb23y_yA9waP-I7dKSf_w6vj5s2ftif3FTYrN4_bkmGZoIKfGoIOvw&sai=AMfl-YTWrFI4Wrq8W6ku6b2VtFMNVNC5oACuMKMsAHWVdIuCaGeao9b0MCntDjSo2JgMT9pItnSBrGYbDiO_1i-k-lnwS4RtQpLjGIdXNSHXlKzUe366_ztMVHjD7SN275X6zHM2VMfy_i1d0ERf&sig=Cg0ArKJSzDI63rVSkSgbEAE&cid=CAQSSwBpAlJW-HAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl--sURJmknhgB&id=lidar2&mcvt=1000&p=557,650,811,950&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230724&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=93057978&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690383241638&rpt=516&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B1E 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6294249932849&version=m202306200101&ct=77&x=1&cor=11856568744999051000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B84 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8606859306968&version=m202306200101&ct=76&x=1&cor=15751322649381759000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7F8C 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2ZNJ0LPqJbRN8A3D9lu4c3K-WcsrE22QDDu0PS8Es9SAkUVf-v7KOYYHNTFB0EY4NI85axl2le7Y3Vi6znTUeXFDYMC1lCUgjdkGOqQkPd4_Em3ZFQZOhs0rYo7iE_Z-Y2ajPlUNfDulx&sai=AMfl-YSowdzd3Qh_BCJEvKyzmZ0eTdkuTK1NwIAQM4P1538giuaSow28CB6QxKhvB_UmAFGsdDDy24jay45Z2kC6HeojjLSpeS3K0g07T8Lmnnaz_tf1ykSF5WP8ou0&sig=Cg0ArKJSzFPtDRGywH9cEAE&cid=CAQSOwBpAlJWO6ZEeAAtHrYof2dFfDFr4qJ7RilSvLc6QAYzSOMtXaPT6-rtETJNb2CcbbhDSzg9AihER_P0GAE&id=ampim&o=315,110&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=173&tls=1173&g=100&h=100&tt=1173&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 71ms
22ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.baixaki.com.br%2F&domain=m.baixaki.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://m.baixaki.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 26 Jul 2023 14:54:04 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 200643
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
390 B 73ms
26ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.baixaki.com.br%2F&domain=m.baixaki.com.br&cw=1&lsw=1

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://m.baixaki.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://m.baixaki.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 210684
expires: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame AD0C 0
0 11ms
10ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1690383240845

Requested by

Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B7FC 52 KB
17 KB 48ms
8ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 30004
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 26 Jul 2023 14:54:04 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 16 Jul 2023 08:40:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2186, 157358
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220119-FRA
X-Timer: S1690383244.263002,VS0,VE0

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 0BEE 6 KB
2 KB 40ms
25ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ecd79cc7fb63731-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4981 281 B
554 B 55ms
10ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tags.denakop.com
URL: https://tags.denakop.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://m.baixaki.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 26 Jul 2023 14:54:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 0BEE 48 KB
12 KB 36ms
22ms Script
application/javascript 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 325234
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7ecd79ccd84f3731-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B7FC 0
593 B 9ms
8ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
an-x-request-uuid: ba1f4619-eabc-439e-8882-754d309cbe08
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4981 34 KB
10 KB 11ms
10ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7512b0239510732aeb6717a7ff9e02f1ed5950290c98c6057f3f681dd2a37e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 26 Jul 2023 14:54:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Jul 2023 04:22:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=48499
Connection: keep-alive
Content-Length: 10114
Expires: Thu, 27 Jul 2023 04:22:23 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame DCCA 0
318 B 30ms
30ms Document
text/html 172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ecd79cd08a13731-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:04 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame B799 0
0 10ms
10ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CB06 0
0 71ms
29ms Document
text/plain 216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Wed, 26 Jul 2023 14:54:04 GMT
X-Sovrn-Pod: ad_ap2ams1

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 4981 70 B
264 B 39ms
38ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4981
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/_YrrZRg8xXiMuUPW9Cf5DMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-t4GFMgRE2oI3I2tpxnP6_iyqEHp721EihNPC0w--~A

0
239 B

13ms
12ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-t4GFMgRE2oI3I2tpxnP6_iyqEHp721EihNPC0w--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 26 Jul 2023 14:54:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-t4GFMgRE2oI3I2tpxnP6_iyqEHp721EihNPC0w--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4981
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTM2OWRjOWYxYTQzOTFiN2EwNmRmZGFmOGVhMDYzYTg2MzM3MmJmOQ

170 B
188 B

22ms
22ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTM2OWRjOWYxYTQzOTFiN2EwNmRmZGFmOGVhMDYzYTg2MzM3MmJmOQ

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTM2OWRjOWYxYTQzOTFiN2EwNmRmZGFmOGVhMDYzYTg2MzM3MmJmOQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4981
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0Tuz4WXJO6itR3wcInSFc&google_cver=1

0
239 B

48ms
12ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0Tuz4WXJO6itR3wcInSFc&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB0Tuz4WXJO6itR3wcInSFc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4981
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FugQg8HXScqOob4O6N_I6g&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FugQg8HXScqOob4O6N_I6g

43 B
479 B

37ms
37ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FugQg8HXScqOob4O6N_I6g

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YAFCYRKKMRE2Q42F46XG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FugQg8HXScqOob4O6N_I6g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 4981
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKJUJCD1-28-I593

0
649 B

156ms
117ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKJUJCD1-28-I593
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 14:54:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 45ABCE840B8648A18A3C67C57FB81B0A Ref B: DUS30EDGE0812 Ref C: 2023-07-26T14:54:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBZQTTeZ1T3T7rFMPlqw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKJUJCD1-28-I593
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4981
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtKVUpDRDEtMjgtSTU5Mw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEP2mOLusMtLlsP1tPsnE-do&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtKVUpDRDEtMjgtSTU5Mw==&google_push=

170 B
188 B

23ms
22ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtKVUpDRDEtMjgtSTU5Mw==&google_push=

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtKVUpDRDEtMjgtSTU5Mw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 4981
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=J5cWDoCaScS2Tq_fQxP_Vw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=J5cWDoCaScS2Tq_fQxP_Vw

43 B
479 B

98ms
97ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=J5cWDoCaScS2Tq_fQxP_Vw

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 26 Jul 2023 14:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 08JP5D0DZVK8BA1V2CZE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=J5cWDoCaScS2Tq_fQxP_Vw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame ADF7
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

95 B
236 B

17ms
17ms

Document
image/png

167.235.114.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.114.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.114.235.167.clients.your-server.de
Software: nginx / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Wed, 26 Jul 2023 14:54:00 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-powered-by: PHP/8.2.4

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:00 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server: nginx
x-powered-by: PHP/8.2.4

GET
H2

200

RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 0332
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1690383244541
https://ad.turn.com/r/cs?pid=45&rndcb=718937348
https://sync.1rx.io/usersync/turn/4188954886704146253?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-0fbe3b95-f7d3-45be-83db-64a...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003

0
457 B

29ms
28ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ecd79d198d63731-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Wed, 26 Jul 2023 14:54:05 GMT
etag: RX0fbe3b95f7d345be83db64a51e2fbc73003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

06a6e20b-2dfd-52cf-9774-d2b5f3b5e138 Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 421D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=2863623008553833081
https://csync.smilewanted.com/set_partner_userid_get/betweenx/06a6e20b-2dfd-52cf-9774-d2b5f3b5e138

0
436 B

24ms
23ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/06a6e20b-2dfd-52cf-9774-d2b5f3b5e138
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ecd79d1b8f83731-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/06a6e20b-2dfd-52cf-9774-d2b5f3b5e138

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame 00C6 0
0 291ms
94ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Wed, 26 Jul 2023 14:54:04 GMT
Server: nginx

GET
H2 200 cookie Show response
cm.adform.net/ Frame 46B2 43 B
106 B 89ms
27ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Wed, 26 Jul 2023 14:54:04 GMT
server: nginx

GET
H2

200

df477e29af49a31deca09ff6486fdec9 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame B6B4
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/df477e29af49a31deca09ff6486fdec9?gdpr_consent=&gdpr=0

0
393 B

26ms
25ms

Document
text/html

172.67.10.198
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/df477e29af49a31deca09ff6486fdec9?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7ecd79d1687e3731-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 26 Jul 2023 14:54:05 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Wed, 26 Jul 2023 14:54:05 GMT
Expires: Wed, 26 Jul 2023 14:54:05 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/df477e29af49a31deca09ff6486fdec9?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1690383244994022-400

GET
H3 200 api.gif
tags.denakop.com/ 0
208 B 115ms
115ms Image
image/gif 2606:4700::6812:160e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.denakop.com/api.gif?a=10571&d=desktop&b=Chrome&o=Windows&v=4.18.8&sw=1600&sh=1200&ac=v&p=https%3A%2F%2Fm.baixaki.com.br%2F&t=1690383244686&cb=0.3217079599114676&aa=horizontal

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:160e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.baixaki.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jul 2023 14:54:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: DENY
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 7ecd79cf4a35bbaa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 4349 0
0 327ms
14ms Document
text/plain 18.193.19.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.19.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-19-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Wed, 26 Jul 2023 14:54:05 GMT

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 1DEE 0
0 190ms
98ms Document
text/plain 8.2.110.114
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Wed, 26 Jul 2023 14:54:04 GMT
Server: nginx

GET
H2 200 Produkt_300x250.png
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 12 KB
13 KB 61ms
60ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/Produkt_300x250.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: f1c939b55defe66623e21626903f2e08245a070703e01a64c33261670db4df4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:04 GMT
last-modified: Fri, 21 Jul 2023 08:44:24 GMT
accept-ranges: bytes
etag: "909055450"
content-length: 12706
content-type: image/png

GET
H2 200 Logo_300x250.png
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 3 KB
3 KB 70ms
69ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/Logo_300x250.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3cfb845eb99c8dbbb4dd2e94dfcbe98b0eabab86ff57f273254436e4ba1866e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:04 GMT
last-modified: Fri, 21 Jul 2023 08:44:24 GMT
accept-ranges: bytes
etag: "2447922273"
content-length: 3221
content-type: image/png

GET
H2 200 HL2_v1_300x250.png
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 3 KB
3 KB 71ms
70ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/HL2_v1_300x250.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 89e4efc6fca03be75acb70416f1814e41b174977b8035176f4d54a43ab6aad35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:04 GMT
last-modified: Fri, 21 Jul 2023 08:44:24 GMT
accept-ranges: bytes
etag: "3825227347"
content-length: 3306
content-type: image/png

GET
H2 200 HL1_300x250.png
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 3 KB
3 KB 71ms
71ms Image
image/png 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/HL1_300x250.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7c3004f0a1c3b210676c96fba25fef02c26a68c2d975f2ae3e1196a8d8adb7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:04 GMT
last-modified: Fri, 21 Jul 2023 08:44:24 GMT
accept-ranges: bytes
etag: "484561004"
content-length: 2740
content-type: image/png

GET
H2 200 BG_300x250.jpg
imagesrv.adition.com/banners/268/01/16/18/92/ Frame BD9B 22 KB
22 KB 71ms
71ms Image
image/jpeg 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/16/18/92/BG_300x250.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 89325b5f78b65724fa0b09c479f5a49d126a9cb091314d5d13a4401ac8f9e322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/16/18/92/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0s5yiDPBZKqeKIiS%2Dwa95qH4C6jpiutxlaG5%2DcgRZBABIMKm1htglYKAgJgHyAEJqQKph%5Fi025SyPqgDAcgDmwSqBPUBT9Af6KsKS1D4ig2%2DutxFRgcbKNmy1i3pEVL%2DB6jRRrwu1W48gr26wSaWRnGSKgM1vv7bPsvNT6p3aGp9%2DOwVzYObIRxezKd5HDpsFBvscKZyZ34PSkt3K9XJYTTbW7E8c%2DbsNSWF3tlyafPYvx6rQ1ApPqO6LVu6IGK2IVglcBLrzgHs1Bk%2DRzfPUdSkPnlHZyqeYegucWKG6LhUCxrAwj9HbQma9nYZjuH2K4oCGjTma5FOcYtLqzHPQK6YTsZCuBhtCKuWbPOcd5GulpimX%2D4MejllCJ%2D9ixqb3YrGnWOdBDbDyM1SRntcK79TfPGTXKzVNkLABIiL%2DIW%2DBOAEA5AGAaAGTYAHq8m24AOoB47OG6gHk9gbqAfulrECqAf%2DnrECqAeko7ECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATzOmWFNATANgTCtgUAdAVAfgWAYAXAegXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwBpAlJW%2DHAir1bW78LiIJaQkjoLSsYG5AT49nzEcx3yKE2IrWzfa9UQlCyazFmsYr8BKVMZRA0vdPvfeWhXnBx1Zryl%2D%2DsURJmknhgB%26sig%3DAOD64%5F2x02VIdlnwwCqflgfjq6zD94TpvQ%26client%3Dca%2Dpub%2D1712420989769758%26dbm%5Fc%3DAKAmf%2DDW4LyNjvcJo5GtdZd3XhTtz7AAnzWeDJrJM2A0%2DYOOmTyakP2ZhCf0JEAZNRXRTOXUpQSQsbGlHZL%5FE9Yku0xcOQJXjyup3Yn3KWUSfcRN8tl1Vj%2DeVHRI1GU6mqiEnKqiZhsAlzK%5Fa64PVb5KzcHHjN3Z%2DiyrWr0SeuI8wIFmtfkOcho%26cry%3D1%26dbm%5Fd%3DAKAmf%2DAK0tf5lpfhuIvXtdGhtOCTyJVHex0fO46DibUecZn0HRay%5FiYt%2DbDLIwLks5%5F0mjoU6vf0w4cA5StvWq2UmeVG67wFB9lNZ42q13Z9ZlH9BScxqmDffI7NewXIHB6J%2D49XaeArcoA3QY1F2jMJI3tnN8LEm8US6UE9VQqIuI4Apl%5Fyy81Im%5FQlvOy9ksSGwcLLKCNhCzusRi8jiDxH%2DQFbMw6bbzKWKONzGSD1%2DCYysJms%2DOVuX2nYg6bs6CxHZ8lg9WsGAvrDSdYZ4oCLvl8Y0x%5Fg5E%5FTPyMLhsvYn0BCfPX3JChU1NCOZ%5FWu%2DzSk4phm1V%5FpmXUcHFjCYBhuxXgDodW0dD5E178YmRUHbzE67ZAu9tnnWSeDs5daa8rXSFHKDFAC9VCjCQO2hXE4eU1zsE0E6j23TC6OInzGAqPMS5jrk2Qy7QJgooksNfQRKQNhOt1QlUA8PrakvzNpPLfjlK82%5FqB4owJWZgZkRumK%2DFxgkuKwy4Hh5b0aCc%2DDkKDUHJW26wH7%5FvNnMYWt3rphX7eCDG5dX9RB4TOyWc3Mvc04hWU%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7260140737819115878%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4837500%2526kid%253D6031471%2526bid%253D18234966%2526c%253D34120%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7260140742097831125%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7260140737813676390%2526sid%253D4836337%2526kid%253D6025927%2526bid%253D18225298%2526c%253D51498%2526keyword%253D%2526sr%253D0%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jul 2023 14:54:04 GMT
last-modified: Fri, 21 Jul 2023 08:44:24 GMT
accept-ranges: bytes
etag: "3369948778"
content-length: 22641
content-type: image/jpeg

GET async_usersync
ib.adnxs.com/ Frame B7FC 0
0

GET 6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 0
0

GET 18e69e740fc2e818b3a337f11496090b.png
s0.2mdn.net/sadbundle/13099171184661990128/media/ Frame 26DC 0
0

GET ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/13099171184661990128/fonts/ Frame 26DC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/media/6d7052ff6df13eae564657f4b45cc79a.svg

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/media/18e69e740fc2e818b3a337f11496090b.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13099171184661990128/fonts/ibm_plex_sans_700_normal.ttf

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

73 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.m.baixaki.com.br/	1970-01-20 23:09:03	Name: __utma Value: 65309810.723846683.1690383240.1690383240.1690383240.1
.m.baixaki.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 65309810
.m.baixaki.com.br/	1970-01-20 17:55:51	Name: __utmz Value: 65309810.1690383240.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.m.baixaki.com.br/	1970-01-20 13:33:03	Name: __utmt Value: 1
.m.baixaki.com.br/	1970-01-20 13:33:03	Name: __utmt_geral Value: 1
.m.baixaki.com.br/	1970-01-20 13:33:05	Name: __utmb Value: 65309810.5.8.1690383240
.m.baixaki.com.br/	1970-01-20 13:33:03	Name: pageViewCount Value: 1
.baixaki.com.br/	1970-01-20 13:34:29	Name: _gid Value: GA1.3.180544879.1690383240
.baixaki.com.br/	1970-01-20 13:33:03	Name: _gat_UA-144680-1 Value: 1
.baixaki.com.br/	1970-01-20 23:09:03	Name: _ga_KDJP529EVF Value: GS1.1.1690383240.1.0.1690383240.0.0.0
m.baixaki.com.br/	1970-01-20 13:43:08	Name: denakop_freq Value: {}
m.baixaki.com.br/	1970-01-20 14:16:15	Name: _pbjs_userid_consent_data Value: 3524755945110770
.navdmp.com/	1970-01-20 23:09:03	Name: nid Value: 1311c0055dec662fa3d5d1c2a410\|0\|236
.baixaki.com.br/	1970-01-20 22:18:39	Name: nav13767 Value: 1311c0055dc62e460c00cd9cf410\|2_208
.goadopt.io/	1970-01-20 14:59:27	Name: VisitorId Value: 75a2d31e-3c1f-43ee-abd7-5c7fb874cda1
.baixaki.com.br/	1970-01-20 14:59:27	Name: AdoptVisitorId Value: OwVghgTAJgzAjAUwLQwMZwGZICwwcsAIymCRFWA0IA5htUow4g==
.denakop.com/	1970-01-20 23:09:03	Name: uxid Value: CZJ7ptDoS5aqNx1Lns1yrQ%2F0
.baixaki.com.br/	1970-01-20 23:09:03	Name: _ga Value: GA1.3.723846683.1690383240
.rubiconproject.com/	1970-01-20 22:18:39	Name: khaos Value: LKJUJCD1-28-I593
.rubiconproject.com/	1970-01-20 22:18:39	Name: audit Value: 1\|hLZGFuTafB0uGsjh3kI+FF4C1LCtWBX9mfsNIvv6QtosxPxU5qr+6KqYquGD1I16woKrdpLdarv0cqhPVA/wRptC3IWZC9rbcjFWAGbosfYjBFIrFFTrvSKPLRELhl3x0A+VO7RH1E0=
.baixaki.com.br/	1970-01-20 22:54:39	Name: __gads Value: ID=6f26a582b4ddfd8b:T=1690383240:RT=1690383240:S=ALNI_MZiGDb_-38ShiM42H9w-eAXVgZnaw
.baixaki.com.br/	1970-01-20 22:54:39	Name: __gpi Value: UID=00000c70c324c33a:T=1690383240:RT=1690383240:S=ALNI_MbBUWAc8ty6dRHKpFV-_kyYcXOZ1A
.adfarm1.adition.com/	1970-01-20 15:42:39	Name: UserID1 Value: 7260140737813676390
m.baixaki.com.br/	1970-01-20 13:33:05	Name: tt_c_vmt Value: 1690383242
m.baixaki.com.br/	1970-01-20 13:33:05	Name: tt_c_c Value: direct
m.baixaki.com.br/	1970-01-20 13:33:05	Name: tt_c_s Value: direct
m.baixaki.com.br/	1970-01-20 13:33:05	Name: tt_c_m Value: direct
.adnxs.com/	1970-01-20 15:42:39	Name: uuid2 Value: 5548356554363887399
.casalemedia.com/	1970-01-20 22:18:39	Name: CMID Value: ZMEziRhiWErUSDW-HWipZAAA
.casalemedia.com/	1970-01-20 15:42:39	Name: CMPS Value: 3390
.casalemedia.com/	1970-01-20 15:42:39	Name: CMPRO Value: 3390
.baixaki.com.br/	1970-01-20 15:42:39	Name: _gcl_au Value: 1.1.795074436.1690383242
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 14:16:15	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGl6Vsafu3LOMPGIS+PEZNNL
.t.tailtarget.com/	1970-01-20 22:18:39	Name: u Value: fwAAAWTBM4lyPga7GVvoAgB=
.t.tailtarget.com/	1970-01-20 13:35:56	Name: _ssc Value: y
.doubleclick.net/	1970-01-20 17:52:15	Name: APC Value: Aa3gxNqrupHAA8CfqzbZtAXuhE8rdXoSDVarE54GgrhGGpZ4We7SxA
m.baixaki.com.br/	1970-01-20 23:09:03	Name: _ttuu.s Value: 1690383241970
.adfarm1.adition.com/	1970-01-20 13:33:05	Name: lv_6031471 Value: w=4837500\|t=1690383241
.adfarm1.adition.com/	1970-01-20 13:33:05	Name: lv_6025927 Value: w=4836337\|t=1690383241
m.baixaki.com.br/	1970-01-20 22:18:39	Name: tt.u Value: 0100007F8933C164BB063E7202E85B19
.adnxs.com/	1970-01-20 15:42:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'!BnzyK!A#F3.TOKKnyW<U1`VROYQM+P8iBXg9%h`[N[KW?HV0fP=B!g`B1UzRt=Rx*(j#iP(Md+>)fy)`P+!5^
.t.tailtarget.com/	1970-01-20 14:16:15	Name: ttbprf Value: _cologne_north rhine-westphalia_de_1690383242288_1365181735
.t.tailtarget.com/	1970-01-20 13:33:05	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 14:16:15	Name: ttnprf Value:
m.baixaki.com.br/	1970-01-20 13:34:29	Name: tt.nprf Value:
.quantserve.com/	1970-01-20 15:42:39	Name: d Value: EHYBCQHHKYEA
.quantserve.com/	1970-01-20 23:03:17	Name: mc Value: 64c1338a-81899-f2e05-868e8
.simpli.fi/	1970-01-20 22:20:05	Name: suid Value: 1EDC2C72ECF84BD49F257427B98944E6
.pubmatic.com/	1970-01-20 13:34:29	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 22:18:39	Name: KADUSERCOOKIE Value: A3AC80C4-C9BF-416C-9BCF-4E4DDC3C1876
.yahoo.com/	1970-01-20 22:19:00	Name: A3 Value: d=AQABBIozwWQCEG69tuHNpuL1SB7HZMq5sJAFEgEBAQGFwmTLZAAAAAAA_eMAAA&S=AQAAAjVU95kt7nU0FuqIJk7bn7Y
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 13:33:06	Name: ttca Value: CA28766,CA15795,CA15771_1690383242
.everesttech.net/	1970-01-20 22:18:39	Name: everest_g_v2 Value: g_surferid~ZMEzigAAAPAh1gBV
.doubleclick.net/	1970-01-20 22:54:39	Name: IDE Value: AHWqTUmVulJMRoLPUBPZIb1VqCA5RCgqzN-mBa3usQDJNI7g8rlq8hIIlG7Vt4mYrgg
.t.tailtarget.com/	1970-01-20 14:16:15	Name: tp1 Value: CAESEHw9bn4mzr5M-WbVMrweBzQ
.t.tailtarget.com/	1970-01-20 14:16:15	Name: dc Value: 1
.doubleclick.net/	1970-01-20 13:33:06	Name: DSID Value: NO_DATA
.t.tailtarget.com/	1970-01-20 14:16:15	Name: n Value: 1690383242
.linkedin.com/	1970-01-20 22:18:39	Name: bcookie Value: "v=2&cf8f46d3-fcc0-4cc7-8257-335d8f4e9482"
.linkedin.com/	1970-01-20 17:52:15	Name: li_gc Value: MTswOzE2OTAzODMyNDQ7MjswMjGD0pObbyfeLf9mFs35vXpWonIgNfa0f1LE93s2rLt9Rg==
.linkedin.com/	1970-01-20 13:34:29	Name: lidc Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2919:u=1:x=1:i=1690383244:t=1690469644:v=2:sig=AQGKp6_r0ikDhQlpQF36UsjdwJu-tD-9"
.turn.com/	1970-01-20 17:52:15	Name: uid Value: 4188954886704146253
.1rx.io/	1970-01-20 22:18:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003%22%2C%22nxtrdr%22%3Afalse%7D
.amazon-adsystem.com/	1970-01-20 23:09:03	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:03	Name: ad-id Value: A_4INn6xtUZdrc9AnqL1hRI
.ads.stickyadstv.com/	1970-01-20 14:16:15	Name: UID Value: df477e29af49a31deca09ff6486fdec9
match.sharethrough.com/	1970-01-20 13:43:08	Name: AWSALBCORS Value: gK+hxW+PrHjl32KqE5FR/On1o10EnJufcFgt4MXzPpNOZpuCF9S8vCb4seVdyfwFDkLVPwiQhO3PRJByXmEzChOMt7sp/0C8gyw1yzA6t39nIvp/d4XYbaLVy+p3
.betweendigital.com/	1970-01-20 22:18:39	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 22:18:39	Name: tuuid Value: 06a6e20b-2dfd-52cf-9774-d2b5f3b5e138
.betweendigital.com/	1970-01-20 22:18:39	Name: ss Value: 1
.targeting.unrulymedia.com/	1970-01-20 22:18:39	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0fbe3b95-f7d3-45be-83db-64a51e2fbc73-003%22%7D
.betweendigital.com/	1970-01-20 22:18:39	Name: ut Value: ZMEzjQAA5niLdJaURzj6HaCbzUP5EsLfu9VbcA==
.smilewanted.com/	1970-01-20 22:19:00	Name: sw_user_params_infos Value: Izw6xageGYOIqN5z0LOapblsZkR%2BSQBYRQCNJVf7AO8exQcL7fvcCQzCXmTq%2FVgXIEpPNCRgLfnSo4f9aWILtzNDdm%2FtD%2F4Q1HO8CZAHGf7BIwoaxgUDYXk9O5vxtkVVrvsWET2IYYVrD2Av4JnNmyAVs9%2BOQJkEaMkWdMtkAYBkYO4G6dFbqKLapRSL%2FRR6UOy8oKcd%2F5RgxrrzkKYJ%2BlaRKyAYSiwvjkU1pULDZGxModPStZfNzyyk%2BgoJ8Q8acMOJaWZ3Gojk%2Ffi%2BsmVvvg%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://m.baixaki.com.br/ Message: Mixed Content: The page at 'https://m.baixaki.com.br/' was loaded over HTTPS, but requested an insecure element 'http://bk.ibxk.com.br/2023/05/10/10165437368045.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://m.baixaki.com.br/ Message: Mixed Content: The page at 'https://m.baixaki.com.br/' was loaded over HTTPS, but requested an insecure element 'http://bk.ibxk.com.br/2023/05/10/10165437368045.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9c5a58729bc535a8a7e3a693aa41ae88.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
ads.betweendigital.com
ads.stickyadstv.com
ap.lijit.com
b.t.tailtarget.com
bk.ibxk.com.br
c.amazon-adsystem.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.navdmp.com
cm.adform.net
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
cpm.denakop.com
csync.smilewanted.com
d.tailtarget.com
disclaimer-api.goadopt.io
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
imagesrv.adition.com
img.ibxk.com.br
m.baixaki.com.br
match.adsrvr.org
match.sharethrough.com
obj.ibxk.com.br
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-us.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
px.ads.linkedin.com
region1.google-analytics.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.richaudience.com
sync.targeting.unrulymedia.com
t.tailtarget.com
tag.goadopt.io
tag.navdmp.com
tags.denakop.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
us.ck-ie.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ib.adnxs.com
s0.2mdn.net
151.101.1.108
151.101.2.49
167.235.114.248
172.67.10.198
179.191.182.65
18.193.19.225
185.184.10.30
185.80.39.216
185.86.139.95
185.89.211.84
188.42.191.196
198.47.127.19
2001:4860:4802:32::36
216.52.2.6
216.58.206.34
217.79.188.21
217.79.188.46
217.79.188.59
2602:803:c004:200::140
2606:4700:20::ac43:4606
2606:4700::6810:5914
2606:4700::6810:bf3
2606:4700::6812:160e
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2006
2a00:1450:4001:801::2003
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9c
2a02:2638:d::d
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3601:9008:7637:b6ba:2b01
3.33.220.150
34.102.185.99
35.201.123.184
35.204.158.49
37.157.3.20
37.252.171.53
46.228.164.11
46.228.174.117
51.75.86.98
52.46.143.56
54.239.38.253
65.9.90.93
65.9.93.173
65.9.95.111
69.173.144.139
69.173.144.165
77.245.57.72
8.2.110.114
95.101.149.233
95.101.54.106
00b311cf6ee96aaddd21025cb368be72f70a5cd97cad47941ade03acc937ea86
00b5373ee48dfd578575f418691e30f66462ad7b31a57e9893e63269469de9b9
00c2e18e63aca27021f0097f27d83bc9794e06f4eb368f2e9beb8e00aa360fd7
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
05e0503a6b93d43cc92b83360783a2658eb924a2a2cc4778936491dee93f19ba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09de1a37e9715986fcb39e2438722eb82d07493873834df8f10c782b832871fb
0b2c524428c1a3604e3d1cdc61c2ae371a8f2fc767f801180fcf892db9e07c3c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13612e49ddf926f83fad83cef3302031844f8b86fe2647303988b3efe64cf19e
136706e77b18773010cb1298654dc14ef20f0789497781bc136d471497ffd9b7
13a0a4081ea4f913c64272a844d0221721826a3341f7ae1176a082b2d62ffd0b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16df19b39a143d665562636343e411f30b84dcf21c7086ec0b0f739c558ff103
1834f92d68bfa365edd9d976ff075df8bd3db43116c7e377a377f676c9e8b308
1a461631dcbc63332413fc3452f40e607067811431dcfabc2def206271cdb492
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e0b2444328177bed79c32fc18f2b9de4ec674fda1afa828e9f28b889f3cf5d5
21754c40ddb44a281cd35d71ebc0ac05c5160aca3a841dde85db24c6f91c6f2c
244c790e3b8b1395c5e705a16de47feb60b216651dd82994d442152a7e8b904d
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
2803ae7fb5a3d7249d9890ef8321cac80067b4114c1028d95e962b0cfacb8c7e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fe67310de0f6cec0a966e6815d315486c28b5f2bc6b75b92100d12f53f9a652
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ff9bf998cf59e2f25def004a13d818a90a26fdf631627beee581b12ca78cae
33efa183f212a940c132bab3a53c88b3adbf0044933a9b4a9a14cbd1c5b86e4b
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cfb845eb99c8dbbb4dd2e94dfcbe98b0eabab86ff57f273254436e4ba1866e8
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457517f201aee297e5e02dd9ed6f47c3d4302532cd4d4f4f89c3b889fcea4773
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49b7ee3fa27f9a14e1363fe4b89fb2228018bc0e03d76da8fc545090c0bb3d57
4b0bdf1b66fc19ccb38df392e0f67df8c62c666cebcabd66bf6a6b0cfe25f6c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4d80d05a267c0044db3d858543c0f8bd166eb5f1df4db3eee4d76c0c4716788a
4e7ff3797f4673e422a31c93c85e2c671ebf0dd7d9abee78d9cca235995dd60d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
553cbf5f1166b999f989ad4213f3b248cfe2f5678f7e6283b973ede027be9e91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5922f4215664df7f7ce2742e55607d7d1997771057f3c67de70495f9ff9ff40c
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5999e602db91b3677e62d88d7a3860796ff5de61ed456aa828cda8d1bd1214f8
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5cadffd182f701b24bc47e7e239b4da13b8eb4473f52dcd430fda0f70bad6721
5e57e1fc0236a89d86063ea73ae8ff58d86a066045f236588f9df34870c2b2f5
5ecad85ba6d1d687611e9cfa6edcf41c56b8b7cee19ef6d0576d07472e130741
5fb277cba5ab3344f7db0feae9de3613b986580648ccea52ac15c84ee6d42db5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62451da7df7723ae7e8ee24b5c2d53971c61d677f915b6463896ff89caaddc95
642fc86196888a5802d6132d4dbd85bbde4df0bcb58cd0978004cc4cc8618cd7
645955b7f492431d3ddba43b0de2a871619b187587696d3a003f226b650daef9
654b8106d9082eacbae188dd838b278ce0953f89715fae4db0d70b5b7079a1da
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66cce11e08ef0af534dabdaef21b9fd2020ab83e8e53e076d8d7a1a49ed0f26c
67b61dfdcd4c140018cdbb945dcceceb0afe7deddbff710bda77afe619c6f51e
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
6cd97af0d53997a342b7d5f19532b5f3d49aa7dbad1a157b9fe2b52e4f832553
6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512b0239510732aeb6717a7ff9e02f1ed5950290c98c6057f3f681dd2a37e30
7c24a069fb93b40fdeb54dd0bd49c7097b783265cda87add095c90f435b407a9
7c3004f0a1c3b210676c96fba25fef02c26a68c2d975f2ae3e1196a8d8adb7cf
815c12ec367738087b3b7495cda830e227063913fa51d7fdf95df598706596be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
89325b5f78b65724fa0b09c479f5a49d126a9cb091314d5d13a4401ac8f9e322
89e4efc6fca03be75acb70416f1814e41b174977b8035176f4d54a43ab6aad35
8c55e56354a934e1736c5905d2b5faec2f0e01e762aca90ad61a510c3579d2b4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9028fb78c0f14e347fa7e986ade7d2a3a055053003a9e6703fad535d6f1a023d
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
94f3d3e57bca328f6b52780fc0e82a8e6a3a8f9e852bd5294d8bb2499eeb90a4
952601ea2d50d1ed25402dd09ed8363a5c5ec2db978611902b938355cca3c30d
95bc7969ac71505ff848c48a40d4a09b8defbcabbdf62d9ba8ec85aecb6e4ad0
99cf6f64e39eeb38f7b22241ccb4312d02c8a35281a1a2cca8f9947b2d4185b1
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3c81b46ab182fb79274a7f46fb3f3cc759e49bb9829c63a590eef2338e3578
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e4397524fd5781891fca975016afd1b9ecccea7342a115687f0483366b3795
a2de94b1104bfca3c7c09467321c657fc010e9dc0b140ecd77e06f4829bb0f3e
a73e4e5b8d2d3b67115676837f4e17ecc0f5929964934ffec08d97597fadb965
a8da0791ef0aae52a1b30ac5cbb09c99377935dae28f9622f2a0d4fa51a11ee6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8545de3876815292506711e1369bff9dfe57ec7e04c45c3e1bdac48a11f3b2
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1eb81c781cf46da71d0915b6a6a27cf9948e114d6edc86f5d9ef41e81546dee
b205c7ab2aed2606e636f12dc07f1f6ca8216da55fcf7363ca88a8a1f69a65c6
b58e9e078b8c748300927b8c8dac7b18ef574a4991b6afe90d4180c90c9f12b6
bc36a993950684e2a53e9a4f5a84d136f7b4cbb25dfab0972feaa78e88a6625d
c066cbdc78f0d270397ebf8ed16dc4ade815d0746128383fd1fd2e4f65145cc1
c21996549fbde9dfd05ab6419f2d9159e3fc4168636a097b931d0a577adf7e81
c21b5d2f74f838c453f21552eaae3430653ad239f37649ccc4ffe4e0c0248ae4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3ec5fd82b2b5642bcd2bb6f6db113306135239c684e8b41ee971aaeeb436d84
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa9f350a761b523f5a75330e375974a2559df3ce6c7852653d6705761868ec2
d39cea2c43b89d01101273fe2024ed6887374546ea5576c2b25b5531f5ae6f24
d46a5be7c437285922592fcb2654d2cd1daef3d69a46c823878fb7f0e1f721e5
d74a6eb30b290b3301ce2e2c7461c214adee88be01adc4722725e1385525ad0a
d9dcf827b0f445b74899ed0f6e66865b902558be14d5a6f562434db02e865a4c
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dd514ffbccdaba03d423b0bc47ed4602c734d534f3d5e2669d58cf40c133c3cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de86b1805c5a226614292faffde5e688a172b05cfa96c14401af14e5d2211fd3
df137708c33a6b001ec6ea46d1f628f0b3ecc9f46a60d11bb249520b02056619
e0ee79723b70eddbd5a9de9203c236c85d1f8a9c6fdab5572b177803d57c20c0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e9855a2ff1f865588de2f5e205f5d3fa3544b13afc122706e0408545602955bd
ea4f299f6035001d8e1e584888c3d6c6e89ae48096e1ca64b839448e0947c9e0
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb5e7f49b159485c47ccec19db29a929077d26d8cc5c6b6db9a4487cbaf2e7ec
ee888bc3e7a166fe422eb4ba38421559ac0d86114235822d5ee02d8c5bdd7d63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c939b55defe66623e21626903f2e08245a070703e01a64c33261670db4df4d
f1f79f84021a62a020fc4687a69585e29671596f5fbcd1a02f1c39f267a4e763
f294f48a5bc171da79776780d32c77ae3323a508cb595a56f116ecb7578a8e7d
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f44220f62fd4bb6be4992fd3e6dcb1b84109d7cfd079b38f59f2f169a9b258b2
f4e6a2488f26ec76bb89979f54abb51180f8829fbdef14b977a628819478ccb3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe18091ae2b3c6478383bea40eb926a00cd4a22290d89218432b6426fc1f29a0

m.baixaki.com.br Open in urlscan Pro 179.191.182.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

248 Requests

88 %HTTPS

43 %IPv6

47 Domains

78 Subdomains

56 IPs

11 Countries

2934 kBTransfer

7482 kBSize

73 Cookies

8 Outgoing links

Page URL History

Redirected requests

248 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.baixaki.com.br Open in urlscan Pro
179.191.182.65 Public Scan

Screenshot
Live screenshot

Full Image

248
Requests

88 %
HTTPS

43 %
IPv6

47
Domains

78
Subdomains

56
IPs

11
Countries

2934 kB
Transfer

7482 kB
Size

73
Cookies

248 HTTP transactions
4 data transactions