fdocuments.net Open in urlscan Pro
51.178.185.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Submission: On March 18 via api (March 18th 2021, 4:16:30 pm UTC) from BR

Summary HTTP 49 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 49 HTTP transactions. The main IP is 51.178.185.126, located in France and belongs to OVH, FR. The main domain is fdocuments.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 17th 2020. Valid for: 2 years.

This is the only time fdocuments.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	51.178.185.126 51.178.185.126	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3034::6815:269f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
49	13

15 51.178.185.126 (France)

ASN16276 (OVH, FR)
PTR: ip126.ip-51-178-185.eu

fdocuments.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3034::6815:269f (United States)

ASN13335 (CLOUDFLARENET, US)

static.fdocuments.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
demo.fdocuments.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	fdocuments.net fdocuments.net static.fdocuments.net demo.fdocuments.net	1 MB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	157 KB
5	doubleclick.net googleads.g.doubleclick.net	6 KB
3	gstatic.com fonts.gstatic.com	52 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	262 B
1	googleapis.com fonts.googleapis.com	803 B
49	10

	Domain	Requested by
15	fdocuments.net	fdocuments.net
10	static.fdocuments.net	fdocuments.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	fdocuments.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	demo.fdocuments.net	fdocuments.net
2	www.google-analytics.com	fdocuments.net www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	fdocuments.net
49	13

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
www.linkedin.com
pinterest.com

Subject Issuer	Validity	Valid
fdocuments.net Sectigo RSA Domain Validation Secure Server CA	`2020-08-17` - `2022-11-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Frame ID: 3131BA4C9306C262FA05D128C08A212F
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 96A7F161F133453EA05BB4689C1DF2F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=4392097774&adk=2610560428&adf=3965255410&pi=t.ma~as.4392097774&w=770&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=770x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171274&bpp=30&bdt=125&idt=85&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5499322595806&frm=20&pv=2&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a7FG1vvAvr&p=https%3A//fdocuments.net&dtd=105
Frame ID: 2F2604271434959028E46F4B9A76C7A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=462&slotname=8519045042&adk=1710531504&adf=3195842695&pi=t.ma~as.8519045042&w=770&cr_col=4&cr_row=2&fwrn=2&lmt=1616084171&rafmt=9&psa=0&format=770x462&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1616084171304&bpp=3&bdt=155&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cvXsoJ79gZ&p=https%3A//fdocuments.net&dtd=88
Frame ID: D097CF5F06E4C3FA8F40A1F4FF069954
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=6168213877&adk=3748408954&adf=888466175&pi=t.ma~as.6168213877&w=370&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171307&bpp=1&bdt=157&idt=92&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=132o22fiNe&p=https%3A//fdocuments.net&dtd=95
Frame ID: 70120D7ED38B6CA4D210F7F58EF6D413
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&adk=1812271804&adf=3025194257&lmt=1616084171&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&ea=0&flash=0&pra=7&wgl=1&dt=1616084171309&bpp=1&bdt=160&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462%2C370x280&nras=1&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=112
Frame ID: AB4C2FC100A45B7A40EF47907FA319BE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: EF612CEE96ACF954A8A08C1C839D2963
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

49
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

1544 kB
Transfer

2045 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/sharer/sharer.php?u=https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=Novembro%20de%202012&url=https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html&title=Novembro%20de%202012&source=https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html&media=https://static.fdocuments.net/img/1200x630/reader024/reader/2021010904/568c0dd11a28ab955a8e32f3/r-1.jpg?t=1616084171&description=Novembro%20de%202012

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request novembro-de-2012-56e566fb67b23.html Show response
fdocuments.net/document/ 86 KB
19 KB 141ms
69ms Document
text/html 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 / PHP/7.2.32
Resource Hash: 288ea78bd492846253bdaf0f1b51ee808f5a601d776a4ae19e8a2252ae65d35b

Request headers

Host: fdocuments.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com

Response headers

Server: nginx/1.16.1
Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.32
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK blazy.min.js Show response
fdocuments.net/public/js/ 5 KB
2 KB 34ms
34ms Script
application/javascript 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/public/js/blazy.min.js
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: 308f30cfaf48da6f9aed4585446aded5ac9250ba8384f2d052d2c9b665ec9e75

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: W/"5e25ab76-1444"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK base.js Show response
fdocuments.net/public/js/ 5 KB
951 B 71ms
36ms Script
application/javascript 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/public/js/base.js
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: 66003005aa0d88475c5a0279cd033ec6dc3c6eb15dca88eb29e5fe0d2329a02f

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: W/"5e25ab76-136b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK jquery.js Show response
fdocuments.net/public/freader/ 94 KB
33 KB 113ms
53ms Script
application/javascript 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/public/freader/jquery.js
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: W/"5e25ab76-176f8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK detail.js Show response
fdocuments.net/public/js/ 3 KB
1 KB 96ms
37ms Script
application/javascript 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/public/js/detail.js?noCache=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: ffbc35fdadc96a71d88d093e3dcb63a3b1cf71a77a29a2df6445dd1da191e627

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Nov 2020 08:12:33 GMT
Server: nginx/1.16.1
ETag: W/"5fa3b3f1-d24"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK pdf.js Show response
fdocuments.net/public/mreader/ 5 KB
2 KB 90ms
30ms Script
application/javascript 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/public/mreader/pdf.js?noCache=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: a3ac60ca37c99a61122f09baf1da983f4bb4ea0196d731a733663b941e16ee1a

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 00:18:43 GMT
Server: nginx/1.16.1
ETag: W/"603449e3-127d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dbd5f38bf075b231539a2d27042f3a9ea686e0452fb9ff85ae0ea802acc65a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49798
x-xss-protection: 0
server: cafe
etag: 11973022775356856803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 16:16:11 GMT

GET
H/1.1 200
OK download-thumbnail.png
fdocuments.net/public/t1/desktop/images/details/ 2 KB
2 KB 92ms
29ms Image
image/png 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/desktop/images/details/download-thumbnail.png
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: 947868bc6cb6adf5c46d5848bb9c79780c62c05d1e4250812886af86b1a4baa2

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-85a"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2138
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 816
date: Thu, 18 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Mar 2021 18:02:35 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 5 KB
803 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7COpen+Sans:400

Requested by

Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94f63d2cd2a6b04b51c454e408016d42d225898b8e053efed3039995980b6a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 16:12:39 GMT
server: ESF
date: Thu, 18 Mar 2021 16:16:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 16:16:11 GMT

GET
H/1.1 200
OK spinner-80.gif
fdocuments.net/public/images/ 46 KB
46 KB 101ms
45ms Image
image/gif 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/images/spinner-80.gif
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: ba2b18a97ae263785253842f6c709777aab52769f5dcb0bdcdf078c31b39bc90

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-b7c1"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47041
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK r-back.png
fdocuments.net/public/t1/images/ 174 B
506 B 40ms
32ms Image
image/png 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/images/r-back.png
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: 013d5f771afac4aa3d8d98b7e78b08cfebfd604f01b56fd16d4fd3696e434671

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-ae"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 174
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK r-next.png
fdocuments.net/public/t1/images/ 181 B
513 B 46ms
28ms Image
image/png 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/images/r-next.png
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: 7f179f96d222f7569039722a9b998b583562dba8e84a6300d61fb52d25d4eb74

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-b5"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181
Expires: Sat, 17 Apr 2021 16:16:11 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 14ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=807690379&t=pageview&_s=1&dl=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&ul=en-us&de=UTF-8&dt=Novembro%20de%202012%20-%20%5BPDF%20Document%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1707732476&gjid=1257167933&cid=1379706449.1616084171&tid=UA-145885986-1&_gid=666401014.1616084171&_r=1&_slc=1&z=1650654015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:16:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fdocuments.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7COpen+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fdocuments.net
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 592486
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:25 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7COpen+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fdocuments.net
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 10:28:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 452854
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Sun, 13 Mar 2022 10:28:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700%7COpen+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://fdocuments.net
Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 51122
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4025249392381557&plah=fdocuments.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 16:16:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 96A7 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 04:26:34 GMT
expires: Thu, 01 Apr 2021 04:26:34 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 42577
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK search.png
fdocuments.net/public/t1/desktop/images/header/ 659 B
992 B 33ms
29ms Image
image/png 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/desktop/images/header/search.png
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: f0a0b15f39220fcc90514340d6a24cfb3ff9a2243ac0221a7d4f149e6a8c10be

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-293"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 659
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H2 200 568c52bc1a28ab4916b7dfa4.png
static.fdocuments.net/img/165x107/reader015/image/20181109/ 37 KB
37 KB 511ms
480ms Image
image/png 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader015/image/20181109/568c52bc1a28ab4916b7dfa4.png?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e1aaaa27b190c76b1ae8f49d18a3a5dece0da78fd41a9c2c9a87e18545146e

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37968
cf-request-id: 08e7b89269000005bfc4b52000000001
last-modified: Fri, 02 Oct 2020 05:20:38 GMT
server: cloudflare
etag: "5f76b8a6-9450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=64diucza5cjCjS8dLjV502u3pPFUiPhYhUj2UQQJkL9MJSBG9hXpodYp7IRqJlDK3HxzV3ugK%2FVrCrdmZqKT%2Fh6F%2FdgqXRdzL%2F%2F0HDNtl4Ec6kNlHKYPH2sVAUCK69JqK%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4905bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 568c51791a28ab4916b2c824.png
static.fdocuments.net/img/165x107/reader018/image/20191029/ 37 KB
37 KB 491ms
460ms Image
image/png 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader018/image/20191029/568c51791a28ab4916b2c824.png?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd17ef8d1d2f76866e404beb99a045763c39a115d017f764e16d5813f906629

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37568
cf-request-id: 08e7b89269000005bfa719e000000001
last-modified: Tue, 28 Jul 2020 09:05:03 GMT
server: cloudflare
etag: "5f1fea3f-92c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zpanz7WSfn8F51lFfP9nLl0%2BNlI3xa0mdtRCgT1ZARt4BDqD4Ctw5vD6nTG6dnFSVkhwFcs3mdT3674Uk9eAtlm1Jb68UcgBMJQUsQIGuKGf6Nz8TSIQZLZa7Xq%2FxZ7a3K0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4a05bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 568bd7391a28ab20349ef413.png
static.fdocuments.net/img/165x107/reader016/image/20181130/ 40 KB
40 KB 483ms
452ms Image
image/png 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader016/image/20181130/568bd7391a28ab20349ef413.png?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b7c892f74a1849e51b8b62785107b64ed9e100a636fc77c6264b62b5f1e315a

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40727
cf-request-id: 08e7b89269000005bfe7320000000001
last-modified: Thu, 01 Oct 2020 14:25:54 GMT
server: cloudflare
etag: "5f75e6f2-9f17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eLCGv9YIM4ycwcLm6yA3QxMIdxoHZ%2BN%2Bqz0FOsstsrcwKXhS4qDO1W6CiSZi%2B3vkbtt9vxDdMmBy0jeDkFt%2FxYRNkjfc3T7x8YsSpr68LL%2Frj0BhZxz3IVjPLIecObUphsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4b05bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 568c4e4f1a28ab4916a76cd8.png
static.fdocuments.net/img/165x107/reader011/image/20190206/ 35 KB
36 KB 516ms
485ms Image
image/png 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader011/image/20190206/568c4e4f1a28ab4916a76cd8.png?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c68ae51a1c3faca20a75f97f640f862a88c99750244113f1eee13971746047a

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36117
cf-request-id: 08e7b89269000005bfe586a000000001
last-modified: Tue, 21 Jul 2020 02:49:03 GMT
server: cloudflare
etag: "5f16579f-8d15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aOdiYVXKGtLPKkNNxDBByS60jRMut5rLSoV26ILCSjnKkVnYefdlOD8qFlvT2sHp3K%2BcaOQ5JAHfEiXIKwf3ab9aWgbCkkexM6ik1iAHQ9dGzI6x34eMvU%2FM9735tlWie8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4c05bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r-1.jpg
static.fdocuments.net/img/165x107/reader019/reader/2020031223/5c13f87909d3f2587a8d5b74/ 2 KB
3 KB 461ms
430ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader019/reader/2020031223/5c13f87909d3f2587a8d5b74/r-1.jpg?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4463419d5f93016aca920e90a1d27670d6f0ff4f69f6196c07c4b23e3c08d664

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2286
cf-request-id: 08e7b8926a000005bfe50b5000000001
last-modified: Wed, 02 Sep 2020 04:44:13 GMT
server: cloudflare
etag: "5f4f231d-8ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E44GhiVA66CahVzFCxSiLNM7WT8lrReVd2MOGzNXNSNJIpC3JGHTLCHQer23YsmB0SOY6cbx74iEll7wVPkhdoOSdKTxMfQkkfAZ%2FQ8L7v%2BeO9%2B9fFUAWpUAo3c7h65wbJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4d05bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r-1.jpg
static.fdocuments.net/img/165x107/reader023/reader/2020110512/5fa27516ae8edd12790b56e9/ 4 KB
5 KB 618ms
588ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader023/reader/2020110512/5fa27516ae8edd12790b56e9/r-1.jpg?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e0570234bb1d21563581356759e557634fb80a47ba1b4cac8d5c8f90b2642a

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4579
cf-request-id: 08e7b8926a000005bfc62bf000000001
last-modified: Tue, 08 Dec 2020 16:57:39 GMT
server: cloudflare
etag: "5fcfb083-11e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4CWGsyfAVDyeEG0ur67eAAumwLii7eSreiZJUNnUJM0q7Bnr93FZ37fkArtSCjvXECnw%2FZc4mgV4blQmx68Lo1WFBGFN2V0aFu2V8x6TkTyBRwieQgbnIhbSnfaP7SVqm3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3970f4e05bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK category-thumbnail.png
fdocuments.net/public/t1/desktop/images/global/ 12 KB
12 KB 39ms
36ms Image
image/png 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/desktop/images/global/category-thumbnail.png
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: bd6905634551c4f116f3dc465c599e4305e039ec5c5d80ddd2625d0f32f79384

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-2e1f"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11807
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H2 200 r-1.jpg
static.fdocuments.net/img/165x107/reader023/reader/2020112122/568bf2091a28ab8933953b6c/ 2 KB
3 KB 512ms
510ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader023/reader/2020112122/568bf2091a28ab8933953b6c/r-1.jpg?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8bc064b5c46232684196468066b96b02d78cd480546f7f243a0c20ac9f155f

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2456
cf-request-id: 08e7b8926b000005bf03a97000000001
last-modified: Sun, 24 Jan 2021 20:19:07 GMT
server: cloudflare
etag: "600dd63b-998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6Qa3GcnZk4UlGQzodjQ3E4Fprz5Qejmqur6PZr%2BHKx2WNDu5GsR0XEiVWdM4Hieil%2Ft3OReWbdV2eet0j9X%2FsmZia%2FpSIroDV%2BhMQhHCz%2BhPIXs7DPwDAPubbdKhcjyiyk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3971f5405bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 568c530e1a28ab4916b9350a.png
static.fdocuments.net/img/165x107/reader016/image/20190617/ 34 KB
35 KB 540ms
539ms Image
image/png 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader016/image/20190617/568c530e1a28ab4916b9350a.png?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6275faeeead220b6b0eec76e9445d4c21b06e432b353199dede718e5abf99f6a

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35038
cf-request-id: 08e7b8926c000005bfc71a5000000001
last-modified: Wed, 29 Jul 2020 00:46:30 GMT
server: cloudflare
etag: "5f20c6e6-88de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OTn9xFh7e0SfBMtRICoBRdNhyyAKPmklIiudxtms%2BZfrGIrsJtAjVy6xyPR9Er8FhEuHobOqb%2FCy6kURTtmi%2BAY6fU4bjzQrEc47Kzy8AyY29OFpOBP1VKMB%2FZe19syHC%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3971f5505bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r-1.jpg
static.fdocuments.net/img/165x107/reader018/reader/2020020405/568bf3bd1a28ab89339b7153/ 7 KB
7 KB 476ms
475ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader018/reader/2020020405/568bf3bd1a28ab89339b7153/r-1.jpg?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 411018e64ca163d4f6b80569788e0afc139ccac745b2f73b43ad6f76064d822f

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6719
cf-request-id: 08e7b8926c000005bf92bea000000001
last-modified: Thu, 18 Mar 2021 15:42:51 GMT
server: cloudflare
etag: "605374fb-1a3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rTOic5Vkz%2FYtbIjcyiCKsDwOdyX2SrYkFP%2FD%2BfhZyt2lB0qbRFCFHVLVlAZtiDlNvVWDtZ6k0eulJNQSQzcFGagxfxNog4K%2F6vglOPhRVDJdRC5Dk%2BXyGh9cHOLT8SM%2FYBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 631fc3971f5605bf-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 r-1.jpg
static.fdocuments.net/img/165x107/reader023/reader/2020112512/55b29fc0bb61ebf8028b4579/ 6 KB
7 KB 1199ms
1198ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.fdocuments.net/img/165x107/reader023/reader/2020112512/55b29fc0bb61ebf8028b4579/r-1.jpg?t=1616084171
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 27e42eb906f3b6388e162550b5a73804f0f70444ac0df2e626feec413dc2cc4e

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:12 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j1w2PagMf9VCgaOXtYxx%2F0ZBs%2Fpv4tAdPyp5WCSw%2Fn8H61LIvp8XhHHw9DS%2FseSCvezeGbZuVUl595d9Nivv3QDB%2FMnOpUH41FesOCbYdXuJ81KBsmwxD9OdILMPBMmZfvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 631fc3971f5705bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e7b8926c000005bf8a080000000001

GET
H/1.1 200
OK fdocuments.net.svg
fdocuments.net/public/t1/logo/black/ 625 KB
625 KB 51ms
49ms Image
image/svg+xml 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdocuments.net/public/t1/logo/black/fdocuments.net.svg
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 /
Resource Hash: ddcac82a1cfebb9d82318375606d73bd42ae32db31576ab7f41edde0d5446098

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Last-Modified: Mon, 20 Jan 2020 13:30:30 GMT
Server: nginx/1.16.1
ETag: "5e25ab76-9c3a6"
Content-Type: image/svg+xml
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 639910
Expires: Sat, 17 Apr 2021 16:16:11 GMT

GET
H/1.1 200
OK incView Show response
fdocuments.net/ajax/ 36 B
331 B 35ms
33ms XHR
application/json 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/ajax/incView?currentUrl=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/public/freader/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 / PHP/7.2.32
Resource Hash: d66c56650de2d2b7dbbd4fef02aaa018fad807e95348a6bbcfeb65f203e15b70

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK loadTranscript Show response
fdocuments.net/ajax/ 40 KB
14 KB 58ms
57ms XHR
application/json 51.178.185.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://fdocuments.net/ajax/loadTranscript?documentId=568c0dd11a28ab955a8e32f3
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/public/freader/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.178.185.126 , France, ASN16276 (OVH, FR),
Reverse DNS: ip126.ip-51-178-185.eu
Software: nginx/1.16.1 / PHP/7.2.32
Resource Hash: 3a48d90e6d2927ffd4cf03f36b62b1b8ce6d2b3d1f907d8f3ef9e4de52d75266

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 18 Mar 2021 16:16:11 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: PHP/7.2.32
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 r-1.jpg
demo.fdocuments.net/img/766x1032/reader024/reader/2021010904/568c0dd11a28ab955a8e32f3/ 134 KB
134 KB 1328ms
1300ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo.fdocuments.net/img/766x1032/reader024/reader/2021010904/568c0dd11a28ab955a8e32f3/r-1.jpg
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 294a57fc06c26db94ebbfbba460cb417a9ede5aca488b13d5f3bea9fb6633548

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:12 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5qGk2mezlegOMbWFXE1AVHHdzTZz%2BrR8KstevAsoqFrGSvtG43uVTrBFQTAaatY46CilRb%2FJJzZ0%2FpQwE%2FuBH6GmlmygPrVDZdV9maqDww6F%2B6R7W6mCnj%2F%2Bl0tIwk5K"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 631fc3971f5805bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e7b8926c000005bfa21db000000001

GET
H2 200 r-2.jpg
demo.fdocuments.net/img/766x1032/reader024/reader/2021010904/568c0dd11a28ab955a8e32f3/ 176 KB
177 KB 1411ms
1410ms Image
image/jpeg 2606:4700:3034::6815:269f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://demo.fdocuments.net/img/766x1032/reader024/reader/2021010904/568c0dd11a28ab955a8e32f3/r-2.jpg
Requested by: Host: fdocuments.net
URL: https://fdocuments.net/document/novembro-de-2012-56e566fb67b23.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:269f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: f052845d3e37cca72b6b0653d378c05d117c45af7893869fbd719ba6437a1e3c

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:12 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
x-powered-by: PHP/7.2.34
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7aB0LAmd%2FGdS2bWuV1e8AaWn9psyhAOJbjarmafhjyqK38V3gQ0stn0Wbf1W%2BuCpMgAL%2F1nRm%2FWtEuoYSnpr6uMdLkoZu1wPKXrmm%2BAGDBXnBYAnne5%2BFXTzsH5qQ22C"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 631fc3971f5a05bf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08e7b8926c000005bfd5b0a000000001

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
262 B 43ms
42ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fdocuments.net&callback=_gfp_s_&client=ca-pub-4025249392381557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4025249392381557&plah=fdocuments.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

bb4ec7a00b466120e079c54f7f41154ab5dc952bcebb246e78188c7d4d35c494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fdocuments.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fdocuments.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F26 399 B
762 B 143ms
128ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=4392097774&adk=2610560428&adf=3965255410&pi=t.ma~as.4392097774&w=770&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=770x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171274&bpp=30&bdt=125&idt=85&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5499322595806&frm=20&pv=2&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a7FG1vvAvr&p=https%3A//fdocuments.net&dtd=105

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61ce0e125c9d0edb5d3ca181b8a91762bab7a5815874e7a1117214659d90aaeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=4392097774&adk=2610560428&adf=3965255410&pi=t.ma~as.4392097774&w=770&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=770x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171274&bpp=30&bdt=125&idt=85&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5499322595806&frm=20&pv=2&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=a7FG1vvAvr&p=https%3A//fdocuments.net&dtd=105
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 16:16:11 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 16:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 16:16:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:16:11 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D097 399 B
224 B 164ms
160ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=462&slotname=8519045042&adk=1710531504&adf=3195842695&pi=t.ma~as.8519045042&w=770&cr_col=4&cr_row=2&fwrn=2&lmt=1616084171&rafmt=9&psa=0&format=770x462&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1616084171304&bpp=3&bdt=155&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cvXsoJ79gZ&p=https%3A//fdocuments.net&dtd=88

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48737e09a1648f19ee16c3c55d0d366f19d2bc0887bc7ad16e77399bb35c8686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4025249392381557&output=html&h=462&slotname=8519045042&adk=1710531504&adf=3195842695&pi=t.ma~as.8519045042&w=770&cr_col=4&cr_row=2&fwrn=2&lmt=1616084171&rafmt=9&psa=0&format=770x462&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1616084171304&bpp=3&bdt=155&idt=86&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=1436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cvXsoJ79gZ&p=https%3A//fdocuments.net&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 16:16:11 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 16:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 16:16:11 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7012 399 B
227 B 127ms
127ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=6168213877&adk=3748408954&adf=888466175&pi=t.ma~as.6168213877&w=370&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171307&bpp=1&bdt=157&idt=92&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=132o22fiNe&p=https%3A//fdocuments.net&dtd=95

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b5bcc4ab3c5664e73f76e38e55b4972dc84095a259c36ae42b45e6ad74a9891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4025249392381557&output=html&h=280&slotname=6168213877&adk=3748408954&adf=888466175&pi=t.ma~as.6168213877&w=370&fwrn=4&fwrnh=100&lmt=1616084171&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1616084171307&bpp=1&bdt=157&idt=92&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1015&ady=138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=132o22fiNe&p=https%3A//fdocuments.net&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 16:16:11 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 16:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 16:16:11 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB4C 3 KB
698 B 153ms
152ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4025249392381557&output=html&adk=1812271804&adf=3025194257&lmt=1616084171&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&ea=0&flash=0&pra=7&wgl=1&dt=1616084171309&bpp=1&bdt=160&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462%2C370x280&nras=1&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=112

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925ccf13ff2262b5f24bdbad39d8cff4660ac4ef0043fb6036959d4706c4ee68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4025249392381557&output=html&adk=1812271804&adf=3025194257&lmt=1616084171&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Ffdocuments.net%2Fdocument%2Fnovembro-de-2012-56e566fb67b23.html&ea=0&flash=0&pra=7&wgl=1&dt=1616084171309&bpp=1&bdt=160&idt=97&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=770x280%2C770x462%2C370x280&nras=1&correlator=5499322595806&frm=20&pv=1&ga_vid=1379706449.1616084171&ga_sid=1616084171&ga_hid=807690379&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060288%2C44739387&oid=3&pvsid=4413305188519545&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=4&uci=a!4&fsb=1&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 18 Mar 2021 16:16:11 GMT
server: cafe
content-length: 670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 18-Mar-2021 16:31:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 18 Mar 2021 16:16:11 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 48ms
32ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1384690f2f9ed7a98641ef29d914c555663a2f6b80bc904f1475167903e9fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 18 Mar 2021 16:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6624
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 16:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 18 Mar 2021 16:16:12 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame EF61 12 KB
5 KB 11ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fdocuments.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
referer: https://www.google.com
Referer: https://fdocuments.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 18 Mar 2021 16:12:34 GMT
expires: Fri, 18 Mar 2022 16:12:34 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 218
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js Show response
pagead2.googlesyndication.com/bg/ Frame EF61 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kkn9n4GD9OXgriPD4kOG_dPH557D54jLHxFIPOGmCpU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 13:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 10080
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5656
x-xss-protection: 0
expires: Fri, 18 Mar 2022 13:28:12 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=4413305188519545&bg=!fn2lfTnNAAbUo7L91KM7ACkAdvg8WhQwwovTPUzXdueCnRxSFK7ze6Nzb0X9jaoIhZLSFanIH_YQ7QIAAABEUgAAAAtoAQcKAVgdkgrzYLLOzM3I5MXKuDcOdcQQWDQizd9m6_a4zwg6bGYagBJAGOR52QvA5MwB6S9r0ltdhGusH-ZbJ-dYKuiARnOhl2cDu9mrc5XNhvUr0X9i2vzTAcd4f3cXKEJ1BQ1zryMumq6R_l3lbfs3QuLaa8DxAbqGrhU_6i0imCA6HHnGItSmGfPkeT0t5lhCiIexPgPirZ9O-F6ueRUbro1I9p7Lt64XIExIPH24zCCiRaeEvDL4Y4BAPEAytW_j4Ya8nltJlVbLdmt3nnYap7xRi3B-At9pdHBxPFwyXLNzP1svvcoSQZBTob1Ea65wkTyJf7IiM8tWlffXcAatMPvevYAOmYFEeRKjC-mrXe8dU4N_PYQhsU_Vj-fcSzcvFCVJgOKywhrmyT98wloTrT-qQi83o9GCPn8FdPEUmyQNrqQ4so_-6otJTXAVJYyNl_W_HaANEROGTZkBzfvxAuMICEmIEx3UFqwVipWoeZ8TkfMbMQqr-SbdJxX5mX6a_dK2pryEEuJ9gpyZ65yYwLH2LAWvPpnVet_mpGPjrLbOlxgqAU9mmG744tNhhy_im_oXfxkxClLHCCxoqpNqxDdgKZ04tQiISBkhR9kYSDc2nAeZ4G1numz0i_aOWPLY9LrrVst0yKqut2kq1-zr1LokoPEnD6hxHqRzyV0BIns8mDgnXgV7nfVruiBMon-yHJMHYPMb5-KTLosnpj2MLAwwxCu1DHKInLIDCq8_FIO1Zcatt6MDm59D9pL-iW5ZWYeiHFjL5j7jexOvk6c79Qctx3KOcUD5H_HFYpr_muzWEoBj7UPmw29hXt-wXEHwLQRiBLHfO_nfjkAWThvmT60cbVVxQuIsjas3oEIBoFDVvK-_JTNrVpKoG_ZsihseQpBL5jhxFVUY23jSTmNsbhb8qlY-MGtAhzEkv8B3o8grPQ6fUHgCq8VkZZMmf87jTCxBI8LnG64o_KoYm7GaOGAoMBn3EoMD3UBuqqN3q_vIGEpk23M-GHLHi01CT4cXr-GDsI7SFr5y54IdxbxUDtbKy9ny8x0VwkrZdPZZs8L6pWwJjoz-qgYT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 16:16:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:54:45	Name: test_cookie Value: CheckForPermission
.fdocuments.net/	1970-01-19 16:54:44	Name: _gat Value: 1
.fdocuments.net/	1970-01-20 02:16:20	Name: __gads Value: ID=47a9db3bd34d37f7-2230702c21a700d3:T=1616084171:RT=1616084171:S=ALNI_MYF_ezDs1wPd3lrSod-XWrGE8sUVA
.fdocuments.net/	1970-01-19 16:56:10	Name: _gid Value: GA1.2.666401014.1616084171
.fdocuments.net/	1970-01-19 17:37:56	Name: __cfduid Value: d7a0f59b3eb7a00b3d42f0c137591d3381616084171
.fdocuments.net/	1970-01-20 10:25:56	Name: _ga Value: GA1.2.1379706449.1616084171

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
demo.fdocuments.net
fdocuments.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.fdocuments.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
142.250.185.162
2606:4700:3034::6815:269f
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2001
51.178.185.126
013d5f771afac4aa3d8d98b7e78b08cfebfd604f01b56fd16d4fd3696e434671
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1b7c892f74a1849e51b8b62785107b64ed9e100a636fc77c6264b62b5f1e315a
1c68ae51a1c3faca20a75f97f640f862a88c99750244113f1eee13971746047a
27e42eb906f3b6388e162550b5a73804f0f70444ac0df2e626feec413dc2cc4e
288ea78bd492846253bdaf0f1b51ee808f5a601d776a4ae19e8a2252ae65d35b
294a57fc06c26db94ebbfbba460cb417a9ede5aca488b13d5f3bea9fb6633548
2dd17ef8d1d2f76866e404beb99a045763c39a115d017f764e16d5813f906629
308f30cfaf48da6f9aed4585446aded5ac9250ba8384f2d052d2c9b665ec9e75
3a48d90e6d2927ffd4cf03f36b62b1b8ce6d2b3d1f907d8f3ef9e4de52d75266
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
411018e64ca163d4f6b80569788e0afc139ccac745b2f73b43ad6f76064d822f
42e0570234bb1d21563581356759e557634fb80a47ba1b4cac8d5c8f90b2642a
4463419d5f93016aca920e90a1d27670d6f0ff4f69f6196c07c4b23e3c08d664
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
48737e09a1648f19ee16c3c55d0d366f19d2bc0887bc7ad16e77399bb35c8686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
61ce0e125c9d0edb5d3ca181b8a91762bab7a5815874e7a1117214659d90aaeb
6275faeeead220b6b0eec76e9445d4c21b06e432b353199dede718e5abf99f6a
66003005aa0d88475c5a0279cd033ec6dc3c6eb15dca88eb29e5fe0d2329a02f
73e1aaaa27b190c76b1ae8f49d18a3a5dece0da78fd41a9c2c9a87e18545146e
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7a8bc064b5c46232684196468066b96b02d78cd480546f7f243a0c20ac9f155f
7f179f96d222f7569039722a9b998b583562dba8e84a6300d61fb52d25d4eb74
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8b5bcc4ab3c5664e73f76e38e55b4972dc84095a259c36ae42b45e6ad74a9891
8dbd5f38bf075b231539a2d27042f3a9ea686e0452fb9ff85ae0ea802acc65a1
9249fd9f8183f4e5e0ae23c3e24386fdd3c7e79ec3e788cb1f11483ce1a60a95
925ccf13ff2262b5f24bdbad39d8cff4660ac4ef0043fb6036959d4706c4ee68
947868bc6cb6adf5c46d5848bb9c79780c62c05d1e4250812886af86b1a4baa2
94f63d2cd2a6b04b51c454e408016d42d225898b8e053efed3039995980b6a9b
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3ac60ca37c99a61122f09baf1da983f4bb4ea0196d731a733663b941e16ee1a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
ba2b18a97ae263785253842f6c709777aab52769f5dcb0bdcdf078c31b39bc90
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4ec7a00b466120e079c54f7f41154ab5dc952bcebb246e78188c7d4d35c494
bd6905634551c4f116f3dc465c599e4305e039ec5c5d80ddd2625d0f32f79384
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
d66c56650de2d2b7dbbd4fef02aaa018fad807e95348a6bbcfeb65f203e15b70
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
ddcac82a1cfebb9d82318375606d73bd42ae32db31576ab7f41edde0d5446098
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052845d3e37cca72b6b0653d378c05d117c45af7893869fbd719ba6437a1e3c
f0a0b15f39220fcc90514340d6a24cfb3ff9a2243ac0221a7d4f149e6a8c10be
f1384690f2f9ed7a98641ef29d914c555663a2f6b80bc904f1475167903e9fa4
ffbc35fdadc96a71d88d093e3dcb63a3b1cf71a77a29a2df6445dd1da191e627

fdocuments.net Open in urlscan Pro 51.178.185.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

83 %IPv6

10 Domains

13 Subdomains

13 IPs

3 Countries

1544 kBTransfer

2045 kBSize

6 Cookies

4 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fdocuments.net Open in urlscan Pro
51.178.185.126 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

1544 kB
Transfer

2045 kB
Size

6
Cookies

49 HTTP transactions
2 data transactions