fatorrrh.com.br Open in urlscan Pro
186.202.153.141  Public Scan

34 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.fatorrrh.com.br/ HTTP 301
   http://fatorrrh.com.br/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 93

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1

Request Chain 94

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXS5hHLrXXC.zv2mU0bLngAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1&google_hm=2

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEEFtBOALSSpZX9ulbvLvuxc&google_cver=1

Request Chain 96

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNTM0NDQ1NDg5ODE1ODAyMg%3D%3D

Request Chain 97

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq9jECOA_uxX6du1mXKmUM&google_cver=1

Request Chain 98

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU3YzA1MjEtNTYwNy0yMDU3LWYzYWUtMzI0NzhhMzc1ZTYz

Request Chain 99

• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
• https://sync.teads.tv/um?eid=3&uid=CAESEA2E5QfMrfsRcuSMrwVKMbU&google_cver=1

Request Chain 101

• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENmUafuTNSafVXIcShjoBvs&google_cver=1

Request Chain 102

• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=590d80d9-346b-11ec-a1f6-16ae82d30206 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTkwZDgwNzktMzQ2Yi0xMWVjLWExZjYtMTZhZTgyZDMwMjA2

Request Chain 125

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmONHX9ie3bNoojwHzE7Zlaxyb0XO0g0Fp6Gl6S_3KvivnY_wIjZ4QZxTlkM&google_gid=CAESEMpDQ6extwp2RuiRMuKxBos&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFCYmd2NUVUSw&google_push=AYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmONHX9ie3bNoojwHzE7Zlaxyb0XO0g0Fp6Gl6S_3KvivnY_wIjZ4QZxTlkM

Request Chain 127

• https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2&google_hm=rUVc1zb2x90AOiRJk8yquQ==

Request Chain 128

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPJdAe-zd6trZU0iz0DvdcnrJ0ce8QtR6b2peCee0tIWoUQ28o8M3Rm_88HK33pxE9d-3TO3NDEbn9yQQ0KzI8jn9Gk2cMJF HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPJdAe-zd6trZU0iz0DvdcnrJ0ce8QtR6b2peCee0tIWoUQ28o8M3Rm_88HK33pxE9d-3TO3NDEbn9yQQ0KzI8jn9Gk2cMJF&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DUTFgojyTRiQi2tUyFnC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdAe-zd6trZU0iz0DvdcnrJ0ce8QtR6b2peCee0tIWoUQ28o8M3Rm_88HK33pxE9d-3TO3NDEbn9yQQ0KzI8jn9Gk2cMJF

Request Chain 129

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFjp2TTguMxI_sG3mlWY1Y2MKTJg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ04tMjctR0hHQw==&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFjp2TTguMxI_sG3mlWY1Y2MKTJg

Request Chain 130

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD

Request Chain 137

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwFkPf5v0H3H4Jv3Yi5pFdu_WQBoHVVFnWCLkFSN7aq_7Ye4WVzZbNiKLXE&google_gid=CAESEMpDQ6extwp2RuiRMuKxBos&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBT29QRjBJbQ&google_push=AYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwFkPf5v0H3H4Jv3Yi5pFdu_WQBoHVVFnWCLkFSN7aq_7Ye4WVzZbNiKLXE

Request Chain 138

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJABMpgTNbMVYPwpXlm5A0sEDo5OOxIrPnD-4a4dee1dRKKxfRe4cEbcFBWCLCGaHYXMJg7P07IHhjVLAWNtaZSqb18IE8W&google_gid=CAESEK-rRMHT5766ydono65fgmU&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCITz0osGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKQUJNcGdUTmJNVllQd3BYbG01QTBzRURvNU9PeElyUG5ELTRhNGRlZTFkUktLeGZSZTRjRWJjRkJXQ0xDR2FIWVhNSmc3UDA3SUhoalZMQVdOdGFaU3FiMThJRThX HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwXzhMVFdtTThYWmxnWHp2OXZGQzNSbHluUjQ2eFJGMXZDMlJvM3AtZFBIUQ==&google_push

Request Chain 139

• https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM&google_hm=rUVc1zb2x90AOiRJk8yquQ==

Request Chain 140

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPJO4bB_ZfbUIsjGX_z2rpZeAhg8vIsxxug46eU12Q85o4U11oOSR1VK8eoqfoNhLI2QSe8eunZj6FArP8R0_mF3Tue3pObr HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPJO4bB_ZfbUIsjGX_z2rpZeAhg8vIsxxug46eU12Q85o4U11oOSR1VK8eoqfoNhLI2QSe8eunZj6FArP8R0_mF3Tue3pObr&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cStTYUQ_RhessBr-huiepw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJO4bB_ZfbUIsjGX_z2rpZeAhg8vIsxxug46eU12Q85o4U11oOSR1VK8eoqfoNhLI2QSe8eunZj6FArP8R0_mF3Tue3pObr

Request Chain 141

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JYDGqkZ9ra8HPZQ3qEMN9AvUWm0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ1QtUS03QlFU&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JYDGqkZ9ra8HPZQ3qEMN9AvUWm0

Request Chain 142

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk

Request Chain 148

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELcNDDVtU3avuYSBNEEF4M&google_cver=1&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZKjft4YjNUS18bXOaOeyRsek8uz38wF-L0GuY72hR9Mq HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZKjft4YjNUS18bXOaOeyRsek8uz38wF-L0GuY72hR9Mq&google_hm=Z6lkV2QxajLCXbwv5CGLhA

Request Chain 149

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuDfy6cemifGRGeloSCM58w_C5FxHcToQ9rPu5dBS_U5qMKG9kkeykdY2QeK&google_gid=CAESEMpDQ6extwp2RuiRMuKxBos&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBQjhQR2tJbQ&google_push=AYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuDfy6cemifGRGeloSCM58w_C5FxHcToQ9rPu5dBS_U5qMKG9kkeykdY2QeK

Request Chain 150

• https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE&google_hm=rUVc1zb2x90AOiRJk8yquQ==

Request Chain 151

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPLK7RbJToRyA1LOP3aXQriD5EwNo2KAx6xVjLZ5SZgr0A9fiHFa8T8DR9RGzLRwR8wNgsdM_QvWL3pCaxz17M7KbGzAdTGE HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELrX8__XMK5bpOYR8CmD72w&google_cver=1&google_push=AYg5qPLK7RbJToRyA1LOP3aXQriD5EwNo2KAx6xVjLZ5SZgr0A9fiHFa8T8DR9RGzLRwR8wNgsdM_QvWL3pCaxz17M7KbGzAdTGE&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BB-diHSSQJK1pEPQ1GfOuA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLK7RbJToRyA1LOP3aXQriD5EwNo2KAx6xVjLZ5SZgr0A9fiHFa8T8DR9RGzLRwR8wNgsdM_QvWL3pCaxz17M7KbGzAdTGE

Request Chain 152

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zlCTS9h4gJbHaf1AfMrNMJL8VFo HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIREUtMjUtNFhKRA==&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zlCTS9h4gJbHaf1AfMrNMJL8VFo

Request Chain 153

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1

Request Chain 154

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKwGj1EYzIi7kcyne7gYDE0&google_cver=1&google_push=AYg5qPK1pRpxIzCLdUVp8hqfb3qa3B18xW4OLbGdljk9O3h5FN9_1yzZ5-6mp3GELxey520tN6TCuRE2yqtM9q658gaHBefkIZQfcA HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK1pRpxIzCLdUVp8hqfb3qa3B18xW4OLbGdljk9O3h5FN9_1yzZ5-6mp3GELxey520tN6TCuRE2yqtM9q658gaHBefkIZQfcA&google_hm=

Request Chain 175

• https://gcdn.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/66C2A3966F68DE1367AA8A273858AD5E49F0985E.16A0ACA45C510B8A315C7AD3953FA36C7EB7B452/key/ck2/file/file.mp4 HTTP 302
• https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DDD7DC1B45DF03554F94DFAFCB3B49A37FEE588.2209804D6057F2A6767CA2F46031F4F0A4172811/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4

Request Chain 185

• https://gcdn.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/id,itag,source,ratebypass,mime,acao,ip,ipbits,expire/signature/66C2A3966F68DE1367AA8A273858AD5E49F0985E.16A0ACA45C510B8A315C7AD3953FA36C7EB7B452/key/ck2/file/file.mp4 HTTP 302
• https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/1929EE6E458FC83BABD25715F6A1BB1A24BA226C.2F3840D4FF8C49004FCF38EDF63B6CA2AD160D93/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4

Request Chain 186

• https://fw.adsafeprotected.com/rfw/st/769474/57793853/skeleton.js?adsafe_url=http%3A%2F%2Ffatorrrh.com.br&adsafe_type=g&adsafe_url=http%3A%2F%2Ffatorrrh.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1555033654987774%26output%3Dhtml%26h%3D250%26adk%3D1877004613%26adf%3D3419440085%26pi%3Dt.aa~a.1117774011~rp.4%26w%3D317%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1635039619%26rafmt%3D1%26to%3Dqs%26pwprc%3D7555190131%26psa%3D0%26format%3D317x250%26url%3Dhttp%253A%252F%252Ffatorrrh.com.br%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1635039619574%26bpp%3D1%26bdt%3D1535%26idt%3D1%26shv%3Dr20211020%26mjsv%3Dm202110180101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D2d2bab08453b394f-22c16d8cfdca0079%253AT%253D1635039619%253ART%253D1635039619%253AS%253DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg%26prev_fmts%3D0x0%252C317x250%252C317x250%26nras%3D4%26correlator%3D7888693500953%26frm%3D20%26pv%3D1%26ga_vid%3D1751867124.1635039619%26ga_sid%3D1635039619%26ga_hid%3D1217393066%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26adx%3D973%26ady%3D3215%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D31063218%252C31062526%252C31063139%26oid%3D2%26pvsid%3D930812183286448%26pem%3D227%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26ifi%3D4%26uci%3Da!4%26btvi%3D3%26fsb%3D1%26xpc%3DTnHiluwGlj%26p%3Dhttp%253A%2F%2Ffatorrrh.com.br%26dtd%3D18&adsafe_type=bd&adsafe_jsinfo=,id:a4f95f76-8905-5d80-c6a9-d89f9f8f528e,c:rVaPZ7,sl:na,em:true,fr:false,thd:1,mn:app06ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:310,fm:sMIzCsK+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1511%7C1512%7C15131%7C1514%7C161*.769474-57793853%7C1611%7C1612%7C16131%7C1614,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:323,oid:5926e955-346b-11ec-87b6-0a6d0b536c42,v:19.8.252,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response fatorrrh.com.br/ Redirect Chain http://www.fatorrrh.com.br/ http://fatorrrh.com.br/	69 KB 70 KB	4436ms 4222ms	Document text/html	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://fatorrrh.com.br/ Protocol HTTP/1.1 Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / PHP/7.3.28 Resource Hash 694a75666bf769d3cf65ac17a3c50d33895dbc85dfeb534aa4620be84b6bc6f1 Request headers Host fatorrrh.com.br Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 24 Oct 2021 01:40:13 GMT Server Apache X-Powered-By PHP/7.3.28 Link <https://fatorrrh.com.br/wp-json/>; rel="https://api.w.org/" Set-Cookie PHPSESSID=c9c19858137f6901f6a4bc03dde48165; path=/ Content-Length 70876 Connection close Content-Type text/html; charset=UTF-8 Redirect headers Date Sun, 24 Oct 2021 01:40:11 GMT Server Apache X-Powered-By PHP/7.3.28 X-Redirect-By WordPress Set-Cookie PHPSESSID=8ac52a9bf914cb1eb286c5dfa372f5fd; path=/ Location http://fatorrrh.com.br/ Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	2 KB 594 B	86ms 32ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:900 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash b286b9bc3648ce1f28e799eebbc58b1b7d113580a04117c9692ccafd098ca527 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 23 Oct 2021 23:59:02 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	85ms 32ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:600 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash fe320334f2be59790333391688d2e6161a969e957e842bd6fdbc0aa73a1f37a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 01:27:18 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 593 B	88ms 35ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:200 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash 92c99e2cf4c06b688a835a1aec1699c099f7977b5cca773fb41821d57b4e8e72 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 23 Oct 2021 23:49:43 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 697 B	115ms 62ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:800 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash b9e03b91e5be1c66ccc2438e0079cbcf7f17ec0d8c01241870e44ddf0262e2f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 00:47:31 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 696 B	116ms 64ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:700 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash 3a25fe868fa4b4f1fb29c123271225b359f11cf10a8eb04d8e0e964d2ba6ae0e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 23 Oct 2021 23:53:26 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 696 B	115ms 63ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:600 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash 933553768d57abd0897585e4189b8970765772444ce756843a94f80aa573c106 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 24 Oct 2021 00:10:14 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 696 B	85ms 33ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash bb4a9d9bcb3638d2a735be2e40f686f57d9598c57d1cd251e5105282e244ac50 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 23 Oct 2021 23:57:52 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 697 B	85ms 34ms	Stylesheet text/css	142.250.181.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f10.1e100.net Software ESF / Resource Hash 5a96cd9dfe9d017cd6994b9387d6489407d81bba04fc4e88062c41806a927a53 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 23 Oct 2021 23:58:45 GMT server ESF date Sun, 24 Oct 2021 01:40:18 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Sun, 24 Oct 2021 01:40:18 GMT
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	59ms 32ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://fatorrrh.com.br/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 617 access-control-allow-origin * cdn-cachedat 2021-07-24 08:09:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 8b58bca36a65c9e6fdee18b84df09211 cf-ray 6a2f7f0d1a48717a-DUS cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	style.css fatorrrh.com.br/wp-content/themes/blogs/	19 KB 19 KB	450ms 226ms	Stylesheet text/css	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Full URL http://fatorrrh.com.br/wp-content/themes/blogs/style.css Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 057094746243bf96e4e388b9040c6010746ef1acbc5fba827322a55cc982c402 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://fatorrrh.com.br/ Cookie PHPSESSID=c9c19858137f6901f6a4bc03dde48165 Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:18 GMT Via 1.1 varnish-v4 Last-Modified Wed, 14 Oct 2020 23:49:58 GMT Server Apache Age 0 X-Varnish 232619372 Cache-Control No-Cache Connection keep-alive Accept-Ranges bytes Content-Type text/css Content-Length 19638
GET		style-footer.css portalnoar.com.br/wp-content/themes/blogs/	0 0
GET		jquery-3.3.1.min.js portalnoar.com.br/wp-content/themes/wp/js/	0 0
GET H2	200	api.js Show response www.google.com/recaptcha/	910 B 964 B	116ms 34ms	Script text/javascript	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f132.1e100.net Software GSE / Resource Hash 571fdecbe49778efc7bde477cf5bc6e8bec4024574e8ad46233f08fce0bc099a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 580 x-xss-protection 1; mode=block expires Sun, 24 Oct 2021 01:40:19 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	107ms 30ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 064348537390ae344af8faea0ffed6b36e288fd8350af15bd3b883c02d8e9260 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 51104 x-xss-protection 0 server cafe etag 14667035367294643498 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 24 Oct 2021 01:40:19 GMT
GET H2	200	jquery-2.2.4.js Show response code.jquery.com/	252 KB 75 KB	49ms 18ms	Script application/javascript	69.16.175.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS tlb.hwcdn.net Software nginx / Resource Hash 893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2 Request headers Referer http://fatorrrh.com.br/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:18 GMT content-encoding gzip last-modified Fri, 20 May 2016 17:24:41 GMT server nginx etag W/"573f4859-3ee0f" vary Accept-Encoding x-hw 1635039618.dop243.am5.t,1635039618.cds268.am5.hn,1635039618.cds141.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 76245
GET H2	200	js Show response www.googletagmanager.com/gtag/	124 KB 49 KB	111ms 43ms	Script application/javascript	216.58.212.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-VS5VWXTGHR Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f8.1e100.net Software Google Tag Manager / Resource Hash 3e60e8aaa302f4ca68375013ef541ef623f9bd51f6704292de38b2ea01b97684 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 49420 x-xss-protection 0 expires Sun, 24 Oct 2021 01:40:19 GMT
GET H/1.1	200 OK	Assinatura-Pr%C3%B3-Cr%C3%A9dito-Elisa-Elsie-4.jpg fatorrrh.com.br/wp-content/uploads/2021/10/	531 KB 531 KB	900ms 225ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/Assinatura-Pr%C3%B3-Cr%C3%A9dito-Elisa-Elsie-4.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash e16fe06126ea2cc7ce664b8cec1fddf6b64ab08ad9c07e281b66d21f3d898051 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Sat, 23 Oct 2021 12:29:29 GMT Server Apache ETag "16bf4ac-84b62-5cf04477da247" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 543586
GET H/1.1	200 OK	simb_mais2.png fatorrrh.com.br/wp-content/themes/blogs/imgs/	30 KB 30 KB	240ms 239ms	Image image/png	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL http://fatorrrh.com.br/wp-content/themes/blogs/imgs/simb_mais2.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash f38236c4e51b18917652a708f7e9a4fe393a6d3dd02d481e8e2f9e1d6829e7ba Request headers Pragma no-cache Accept-Encoding gzip, deflate Host fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://fatorrrh.com.br/ Cookie PHPSESSID=c9c19858137f6901f6a4bc03dde48165 Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:19 GMT Via 1.1 varnish-v4 Last-Modified Thu, 15 Oct 2020 00:21:02 GMT Server Apache Age 0 X-Varnish 232619374 Cache-Control No-Cache Connection keep-alive Accept-Ranges bytes Content-Type image/png Content-Length 30414
GET H/1.1	200 OK	IMG_1985.jpg fatorrrh.com.br/wp-content/uploads/2021/10/	29 KB 29 KB	904ms 224ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/IMG_1985.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 525f700e452caa8153406e0f81b7350664aad978f3b2f1938e7ccf3a2736492e Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Sat, 23 Oct 2021 13:38:16 GMT Server Apache ETag "16bfc8a-7425-5cf053d79d6ae" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 29733
GET H/1.1	200 OK	felizona.jpeg fatorrrh.com.br/wp-content/uploads/2021/10/	30 KB 30 KB	905ms 224ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/felizona.jpeg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash c579624adee5f20e436fe7dc65c5e532b089b77b2336c5f412e37fa5853e8e29 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Sat, 16 Oct 2021 09:35:23 GMT Server Apache ETag "16a8067-765a-5ce7507f08852" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 30298
GET H/1.1	200 OK	mulher-mao-na-boca-ansiedade-1.jpeg fatorrrh.com.br/wp-content/uploads/2021/04/	150 KB 150 KB	915ms 228ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/04/mulher-mao-na-boca-ansiedade-1.jpeg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash de1ccc578195ed3d9a9cd8e1236f3da44c5f77e9bff1410e6926c07401150e74 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Thu, 08 Apr 2021 12:47:26 GMT Server Apache ETag "1693c82-2589e-5bf75731e31fe" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 153758
GET H/1.1	200 OK	Vacina-35656.jpeg fatorrrh.com.br/wp-content/uploads/2021/10/	140 KB 140 KB	1631ms 203ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/Vacina-35656.jpeg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash ae203abed22af367960b14de1a2494c2b48d5203d63e42165fd49e236d8cdc11 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Last-Modified Wed, 13 Oct 2021 20:23:14 GMT Server Apache ETag "16bd750-22f34-5ce41bb4c8a11" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 143156
GET H/1.1	200 OK	paulo-guedes_mcamgo_abr_220720211818-4.jpeg fatorrrh.com.br/wp-content/uploads/2021/07/	73 KB 73 KB	1802ms 223ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/07/paulo-guedes_mcamgo_abr_220720211818-4.jpeg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 4fff555b81683a0187502bf0bacecdaea404856ce44580b222d4ba68bc58416e Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Last-Modified Sat, 31 Jul 2021 12:18:28 GMT Server Apache ETag "16f5ddc-12320-5c86a55608eae" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 74528
GET H/1.1	200 OK	IMG_1984.jpg fatorrrh.com.br/wp-content/uploads/2021/10/	158 KB 159 KB	686ms 227ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/IMG_1984.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 7f3fd241db3285657adbf9790d425f1aff3f74f7064a8da52fa79c1154e2f7b2 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Last-Modified Sat, 23 Oct 2021 12:33:48 GMT Server Apache ETag "16bfc7d-27959-5cf0456e28c19" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 162137
GET H/1.1	200 OK	PHOTO-2021-10-22-23-16-24.jpg fatorrrh.com.br/wp-content/uploads/2021/10/	70 KB 70 KB	636ms 238ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/PHOTO-2021-10-22-23-16-24.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 6210ba771a2a1114db7b4004ea073a7f2a39222dfcac414f532f26491521f22a Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Last-Modified Sat, 23 Oct 2021 12:24:17 GMT Server Apache ETag "16bf143-1163d-5cf0434e37549" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 71229
GET H/1.1	200 OK	20211022182909__MG_3906.jpg fatorrrh.com.br/wp-content/uploads/2021/10/	86 KB 86 KB	668ms 230ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/20211022182909__MG_3906.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash b995970db5a82310f82eadec2151583159bdc07c1f403e34137afe2c51eae25a Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:21 GMT Last-Modified Sat, 23 Oct 2021 12:17:46 GMT Server Apache ETag "16bf140-15774-5cf041d93f137" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 87924
GET H/1.1	200 OK	Artesanato-no-Mercado-da-Seis-foto-Joana-Lima.jpeg fatorrrh.com.br/wp-content/uploads/2021/10/	162 KB 162 KB	659ms 224ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2021/10/Artesanato-no-Mercado-da-Seis-foto-Joana-Lima.jpeg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 91d6b602335e6be7230f3eef2076d9f9fc47aa27d3af83a23e765e0236265b84 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:21 GMT Last-Modified Fri, 22 Oct 2021 19:12:26 GMT Server Apache ETag "16bf13a-286ef-5cef5cab8de36" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 165615
GET H/1.1	200 OK	fator_anuncie.gif fatorrrh.com.br/wp-content/themes/blogs/imgs/	343 KB 343 KB	687ms 229ms	Image image/gif	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/themes/blogs/imgs/fator_anuncie.gif Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash 50d2c17b7f884dcd2f628f5d48a489c12b60fe2de63fd90ae3d77a5e17b8085e Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:21 GMT Last-Modified Fri, 23 Jul 2021 18:01:07 GMT Server Apache ETag "14eebcf-55aec-5c7ce300f2d30" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 350956
GET H2	200	sdk.js Show response connect.facebook.net/pt_BR/	3 KB 2 KB	50ms 9ms	Script application/x-javascript	157.240.20.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/pt_BR/sdk.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.20.19 , United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-frt3.fbcdn.net Software / Resource Hash e67982f254cc271e3b462318df15013be93fb86972a5433b056ec5086c118154 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 N2Gvthm8MuSFnoH/Ql559g== cross-origin-resource-policy cross-origin expires Sun, 24 Oct 2021 01:44:39 GMT alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1687 x-fb-rlafr 0 x-fb-debug 2Eb7fxDKZaCXlQue0OVR7w+r6owENvavQUJB87YBqq1M4STm1f4fi48NKjxhMrfsZC/tush3Tq8f544Q2BSzPw== x-fb-trip-id 686109401 x-fb-content-md5 f2b06530677ea95162234262f68c71c7 cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Sun, 24 Oct 2021 01:40:19 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "71ac1f172bb8e6f2b6bdfbec9181285e" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	73ms 21ms	Script text/javascript	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Oct 2021 16:47:48 GMT server Golfe2 age 5985 date Sun, 24 Oct 2021 00:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 19887 expires Sun, 24 Oct 2021 02:00:34 GMT
GET H2	200	kL5R0wvqGMI Show response www.youtube.com/embed/ Frame 93DB	55 KB 24 KB	180ms 115ms	Document text/html	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/kL5R0wvqGMI Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software ESF / Resource Hash 8758ae472c177396c48413f8bc8a0e82b85ff04f99005785f20c3a6c80608dff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/kL5R0wvqGMI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 24 Oct 2021 01:40:19 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA" report-to {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]} p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." content-encoding br server ESF x-xss-protection 0 set-cookie YSC=yAOcVInFQF0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=g0X-Htzr96c; Domain=.youtube.com; Expires=Fri, 22-Apr-2022 01:40:19 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+581; expires=Tue, 24-Oct-2023 01:40:19 GMT; path=/; domain=.youtube.com; Secure alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H/1.1	200 OK	FATOR-RRH-2020.jpg fatorrrh.com.br/wp-content/uploads/2016/09/	29 KB 29 KB	804ms 214ms	Image image/jpeg	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2016/09/FATOR-RRH-2020.jpg Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash f1bfa4c8deb76b79a37e2dc9fc1f5e02d225bf0708acdcdb1b88ad703cf11073 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Wed, 14 Oct 2020 16:44:04 GMT Server Apache ETag "14ee972-72d9-5b1a43d46fb4b" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 29401
GET H/1.1	200 OK	Prancheta-1-1.png fatorrrh.com.br/wp-content/uploads/2016/09/	91 KB 91 KB	867ms 224ms	Image image/png	186.202.153.141 Locaweb Servicos ...
General Check archive.org Show headers Download Go to Show image Full URL https://fatorrrh.com.br/wp-content/uploads/2016/09/Prancheta-1-1.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 186.202.153.141 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR), Reverse DNS hm8263.locaweb.com.br Software Apache / Resource Hash a05c081f0c99e0a7fd35ea26bafca79b28e48e7a8dbb0fccf316196d0ffe0386 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:19 GMT Last-Modified Wed, 14 Oct 2020 13:03:16 GMT Server Apache ETag "14ee984-16bd2-5b1a127a7089f" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 93138
GET		sim_ultimas_not.png dev.portalnoar.com.br/wp-content/themes/portalnoar/imgs/	0 0
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v26/	16 KB 17 KB	82ms 21ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 02:40:20 GMT x-content-type-options nosniff age 255599 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16736 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:15 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 02:40:20 GMT
GET H2	200	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	24ms 23ms	Font font/woff2	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: maxcdn.bootstrapcdn.com URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:18 GMT x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 718 access-control-allow-origin * cdn-cachedat 2021-08-02 20:43:32 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 77160 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5c821c217b7aa0dc68bd92efbd200541 accept-ranges bytes cf-ray 6a2f7f126ee2717a-DUS cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 fonts.gstatic.com/s/opensans/v26/	16 KB 16 KB	127ms 66ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 8316cc0bbf51111203a3845168a27b91eb9cd6c0bd4863b7211b56b65dcff32f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:10:14 GMT x-content-type-options nosniff age 459005 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16720 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:14 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 18 Oct 2022 18:10:14 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v26/	16 KB 16 KB	110ms 50ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsiH0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 68e04c3e85d8821ea39de1889483a7b6c7474ea8897bea11a4734a7b3741eefd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 03:52:49 GMT x-content-type-options nosniff age 337650 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16732 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:22 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 20 Oct 2022 03:52:49 GMT
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2 fonts.gstatic.com/s/raleway/v22/	21 KB 21 KB	101ms 40ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v22/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrE.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:600 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 4012fdcbe9804fb76be489414b5d7fa6fc0a492ac676d9105b41e1dc73208395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 17 Oct 2021 10:52:07 GMT x-content-type-options nosniff age 571692 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 21364 x-xss-protection 0 last-modified Tue, 29 Jun 2021 19:40:50 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 17 Oct 2022 10:52:07 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 fonts.gstatic.com/s/opensans/v26/	16 KB 16 KB	121ms 61ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash eb0d3e86a0d3dffd0c2d917f5b309a189f78110ee62373666161a018036da1a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 03:02:23 GMT x-content-type-options nosniff age 254276 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16324 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:11 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 03:02:23 GMT
GET H3	200	sdk.js Show response connect.facebook.net/pt_BR/	265 KB 75 KB	16ms 7ms	Script application/x-javascript	157.240.20.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/pt_BR/sdk.js?hash=07c15be65f495197f89bec688c63d267 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/pt_BR/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.20.19 , United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-frt3.fbcdn.net Software / Resource Hash 984b2eefaea2fd970580cfc76c83c0406220afb2b449a14c98ad59dc306b6c36 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://fatorrrh.com.br/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 as8O4kAF67W728r8qB874A== cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 76547 x-fb-rlafr 0 x-fb-debug qkJQNOIShl+qtKqJi9dwu73JtSvVhmF8mbkRVzutZd1eSPAInE66C2mEdEwRuyJ07t30a8fKK9GA53/ae+mj5A== x-fb-content-md5 701d49e93df7641eff8fb765a1928a34 x-frame-options DENY date Sun, 24 Oct 2021 01:40:19 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "b328516b6e60f6ccb2961edcf6c83735" timing-allow-origin * priority u=3,i expires Mon, 24 Oct 2022 01:24:42 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/	346 KB 136 KB	85ms 32ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fatorrrh.com.br/ Origin http://fatorrrh.com.br Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 16:51:47 GMT content-encoding gzip x-content-type-options nosniff age 31712 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 138388 x-xss-protection 0 last-modified Mon, 18 Oct 2021 04:02:55 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Sun, 23 Oct 2022 16:51:47 GMT
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/	271 KB 97 KB	70ms 48ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash faded22a4d79b933c41a64e0e15d3322f80c33f098a8171fd8e25d3201a8349c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 99086 x-xss-protection 0 server cafe etag 10531528936388146151 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 24 Oct 2021 01:40:19 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 4331	10 KB 5 KB	94ms 34ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211020/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sat, 23 Oct 2021 15:13:19 GMT expires Sat, 06 Nov 2021 15:13:19 GMT content-type text/html; charset=UTF-8 etag 15765991816257340444 x-content-type-options nosniff content-encoding gzip server cafe content-length 4703 x-xss-protection 0 age 37620 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	93ms 51ms	XHR text/plain	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1217393066&t=pageview&_s=1&dl=http%3A%2F%2Ffatorrrh.com.br%2F&ul=en-us&de=UTF-8&dt=Fatorrrh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=811599366&gjid=1451927388&cid=1751867124.1635039619&tid=UA-46240781-32&_gid=1978228331.1635039619&_r=1&_slc=1&z=705958798 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://fatorrrh.com.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://fatorrrh.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	88ms 51ms	XHR text/plain	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1217393066&t=pageview&_s=1&dl=http%3A%2F%2Ffatorrrh.com.br%2F&ul=en-us&de=UTF-8&dt=Fatorrrh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1580472188&gjid=2041141703&cid=1751867124.1635039619&tid=UA-91535699-7&_gid=1978228331.1635039619&_r=1&_slc=1&z=1956221522 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://fatorrrh.com.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://fatorrrh.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	65ms 62ms	Ping text/plain	142.250.185.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-VS5VWXTGHR&gtm=2oeak0&_p=1217393066&sr=1600x1200&ul=en-us&cid=1751867124.1635039619&_s=1&dl=http%3A%2F%2Ffatorrrh.com.br%2F&dt=Fatorrrh&sid=1635039619&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-VS5VWXTGHR Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://fatorrrh.com.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT server Golfe2 content-type text/plain access-control-allow-origin http://fatorrrh.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 412 B	64ms 20ms	XHR text/plain	142.251.5.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-46240781-32&cid=1751867124.1635039619&jid=811599366&gjid=1451927388&_gid=1978228331.1635039619&_u=IEBAAEAAAAAAAC~&z=600679050 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.5.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS wg-in-f154.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://fatorrrh.com.br/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 24 Oct 2021 01:40:19 GMT content-type text/plain access-control-allow-origin http://fatorrrh.com.br cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	205 B 612 B	57ms 22ms	Script text/javascript	216.58.212.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=fatorrrh.com.br&callback=_gfp_s_&client=ca-pub-1555033654987774 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s46-in-f2.1e100.net Software cafe / Resource Hash dbc4f46d0ee6731846c9d5404e1e0944c71d5d87ed6b75805f77b9166952e38d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 196 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 716 B	85ms 33ms	Script application/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=fatorrrh.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 520 B	79ms 28ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=fatorrrh.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D977	13 KB 5 KB	276ms 253ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&adk=1812271804&adf=3025194257&lmt=1635039619&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffatorrrh.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1635039619075&bpp=3&bdt=1036&idt=136&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7888693500953&frm=20&pv=2&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=148 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 5e4816aff2c8e9f6b8e6e41da75f23454051ac59d0fd427d0b16158d8160e86e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1555033654987774&output=html&adk=1812271804&adf=3025194257&lmt=1635039619&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffatorrrh.com.br%2F&ea=0&flash=0&pra=5&wgl=1&dt=1635039619075&bpp=3&bdt=1036&idt=136&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7888693500953&frm=20&pv=2&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=148 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sun, 24 Oct 2021 01:40:19 GMT server cafe content-length 4819 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Sun, 24-Oct-2021 01:55:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 expires Sun, 24 Oct 2021 01:40:19 GMT cache-control private
GET H3	200	www-player-webp.css www.youtube.com/s/player/26b082a8/ Frame 93DB	335 KB 46 KB	63ms 20ms	Stylesheet text/css	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash 31b0cffeab2ce48e9b49c9c833bf549db30ae841c4e2d5512c30823042b36bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 15:52:47 GMT content-encoding br x-content-type-options nosniff age 294452 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 46946 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Oct 2022 15:52:47 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/26b082a8/www-embed-player.vflset/ Frame 93DB	209 KB 69 KB	84ms 41ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash f3356621955604161ae6d36cb9e4b1e6f845a7e925149e1fe12727e784d8aab8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 02:36:37 GMT content-encoding br x-content-type-options nosniff age 255822 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 70164 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Oct 2022 02:36:37 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 93DB	2 MB 513 KB	94ms 51ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash c5f418acd5d1fbf61ef502361aedbf010f7ad13676e8c5e8cf1234c94aafb33a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 15:52:47 GMT content-encoding br x-content-type-options nosniff age 294452 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 525264 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Oct 2022 15:52:47 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/ Frame 93DB	8 KB 3 KB	101ms 58ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 16:31:06 GMT content-encoding br x-content-type-options nosniff age 32953 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2830 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 23 Oct 2022 16:31:06 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 93DB	15 KB 15 KB	52ms 20ms	Font font/woff2	142.250.186.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 06:41:55 GMT x-content-type-options nosniff age 241104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 21 Oct 2022 06:41:55 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	61ms 25ms	Image image/gif	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-46240781-32&cid=1751867124.1635039619&jid=811599366&_u=IEBAAEAAAAAAAC~&z=1136380013 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f132.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 472 B	81ms 33ms	Image image/gif	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-46240781-32&cid=1751867124.1635039619&jid=811599366&_u=IEBAAEAAAAAAAC~&z=1136380013 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 93DB Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	113 B 161 B	26ms 25ms	XHR application/json	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 293728b5d5d1acbcc79d8f17ead837d5d6d75de1cdd9a217c31ee3e54b5739a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 93DB	29 B 559 B	100ms 32ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:28:00 GMT x-content-type-options nosniff age 739 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 01:43:00 GMT
GET H3	200	remote.js Show response www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 93DB	93 KB 29 KB	22ms 21ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash debc0a0131c7217733fc951d268c25e41fbb95eddefb13a7f5b52a7799af4dcb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 12:53:00 GMT content-encoding br x-content-type-options nosniff age 218839 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29610 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 21 Oct 2022 12:53:00 GMT
GET H3	200	DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js Show response www.google.com/js/th/ Frame 93DB	35 KB 13 KB	19ms 18ms	Script text/javascript	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/DgMOLZGLl3aD-gmBdY0gyGhgk8t52sjlBqPju8TolM8.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f132.1e100.net Software sffe / Resource Hash 0e030e2d918b977683fa0981758d20c8686093cb79dac8e506a3e3bbc4e894cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 22:40:57 GMT content-encoding br x-content-type-options nosniff age 183562 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13332 x-xss-protection 0 last-modified Mon, 11 Oct 2021 11:00:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Fri, 21 Oct 2022 22:40:57 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/ Frame 93DB	25 KB 7 KB	27ms 27ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software sffe / Resource Hash 21894e36aff6b0414607a89e6b22688ca4e539488f2398726d7d873e2fb4f549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 15:52:49 GMT content-encoding br x-content-type-options nosniff age 294450 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 7354 x-xss-protection 0 last-modified Wed, 20 Oct 2021 00:17:38 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Oct 2022 15:52:49 GMT
GET DATA	200 OK	truncated / Frame 93DB	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AKedOLSMJE1mXf-nnDyynoM8oOepCv3fJ7K850UR66BOAaJ1X1L2FzMyU0K9hq5wN7Ai=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame 93DB	1 KB 1 KB	65ms 17ms	Image image/jpeg	172.217.23.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AKedOLSMJE1mXf-nnDyynoM8oOepCv3fJ7K850UR66BOAaJ1X1L2FzMyU0K9hq5wN7Ai=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f1.1e100.net Software fife / Resource Hash e312b4a313912bf5cbd30716f65e53cad2cdf4eb1cb17c86306940b0ebab25fe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 23:00:03 GMT x-content-type-options nosniff server fife age 9616 vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1120 x-xss-protection 0 expires Sun, 24 Oct 2021 23:00:03 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/kL5R0wvqGMI/ Frame 93DB	16 KB 17 KB	148ms 85ms	Image image/webp	142.250.184.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/kL5R0wvqGMI/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f22.1e100.net Software sffe / Resource Hash eeb8096e18ab03556d9149868e0ea6e3d97972cd58757ea0032002266e73a95b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 16376 x-xss-protection 0 server sffe etag "0" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sun, 24 Oct 2021 03:40:19 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	44ms 22ms	Script application/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=fatorrrh.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	72ms 29ms	Script application/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=fatorrrh.com.br Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0F0C	18 KB 10 KB	444ms 444ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 23e1ef0bb2c38000fe68bcfcef36771da68eca4a89a75bd95faf2c7bc6a43dd4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sun, 24 Oct 2021 01:40:20 GMT server cafe content-length 9766 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame BC9E	18 KB 9 KB	448ms 448ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 34593a1b2683711360bb08735d9e6e9f2bc1b16b4762affbf5b275c4f9376f29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sun, 24 Oct 2021 01:40:20 GMT server cafe content-length 9701 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EF76	18 KB 9 KB	449ms 449ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash dd6f2b5def7d64dc196e9428b66a3996eb390656200afea3fbc2aa7c2d73c88c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Sun, 24 Oct 2021 01:40:20 GMT server cafe content-length 9703 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 93DB	4 KB 2 KB	61ms 31ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Oct 2021 01:40:19 GMT
GET H3	204	generate_204 www.youtube.com/ Frame 93DB	0 9 B	20ms 20ms	Image text/plain	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?Y7CZLg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/kL5R0wvqGMI Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/kL5R0wvqGMI User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5407	624 B 297 B	27ms 26ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Sun, 24 Oct 2021 01:40:20 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 0768	75 KB 29 KB	63ms 62ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CP7yI3VRwy9PH4tzA2sBaxZ4lvdhEhpRADptMzLDe81vrLT3-q5UM6wrwr5e6oTxZVd_aKbQdQ0LTRT293swbWGPO6abZaW1qhGVlCgQX48Svmjilatuz2PELmNQMVcn_r_6iRbxN8YzCLfde8hhNghpALdw&dbm_d=AKAmf-A8cZNLf4IUhFvsXqHO91EDfuM3SvIZNS005HxEULTu6D60YJ8cbTXhY-u8lbXNuXP2t6S32MG_DrSx6ot92NtFiPs5KCuIbfPfT0a_7ReiHrImXqn8CrNJt8WCt68sIOsmYLkm5h20UQ3cjSfMC3qw_653h_TyBVtp--T8wlusosdCvc6upCWPrLFGoQwOwgrsXJdAuUXd7P2UAoFujiMlBD947IlT3IpePEWOXnIyQtd_scfYTCa7zhWZTKtSOmgMJJKUzM2yI6KXvL8RRVSDi03xntFymNseUBN3EX4tXbIRXQITezJZkQFDiCwtknQ0guTBvOxXKeOF07Pa4YxDP4rx5_5rOE-z0ayAjo5AMJnp2LXJg7UP2XUk5kVMuczrgEW2q0kF-8TPrbRs1n_hf96gEeq1yWfxXyQKVGxN0SLutouGI97mmnIbgjUr08pOQdoF7FYovmfcYO6AmpymSVbzpFvukK0D429PXTBSuzxBF1QpFnARz2ca6L-rvU4E-GnOw_ipYihhQsJ5XiaqoS8WsvTuzqWYpiaHvPSKrO2Qm7NdiWNWFMn5UR7-CDivpnvSq8_GVbH6cNsq0MgjGLPcyPW_9ERbyWMYj9WpPDhBAH8WB42QTjD7VURMV6uB2lv6mC6LGCrm6NvUSkwXK6c5gp_gDOVt8lPvTS3mwwsJOrLXwffzUHf93fB8tEk7ASgF_me_8S3zHBaFg2ddrad6IjRhBwPaZe4mc0dsgAnboVt-H9RQUgBfeyKzo-yvJJUkc8zWtDQb42g6cEn9E2dGC9R3oZKyFAsmDB3n51KuT1u-54ZMjfSfWNGawI8NxpJclqBvaqvVwyEkg-KjrBBkE4KITE5OC62mhVL9-EaqIewd2CIjiD6OfiKS8bFVDhFOTdo4-Geo4A3lFtRX-aEqy0ySruuK5pLAiJUSOV85YVcSDyTf7o68kPlPpZK4u30mailh8g28xnifeNNcjWnyCNclMZBE5f4BdabKGNdPIMP8TbS5vM7eqeCTD0dZso1elwQDoV7N8p_Lbx96cwGSjay-yO_Y1HohnlkVTg_LW4gwyyPCTsPlnJReQ__ZRiGTCGGkEfavQPKwXPbZMuqX2vUbKYfBrRB-mTuCtjrikBP9u-94oq9WcEk687GiF3YOdkZvu3To2AT3QsyUs8aUXCcIosBEr1iOQBjY1F9Cpxvv1anBPhXaMdXW_oCRQB3okNxidQJObEJCBxxOhnsvdmSBJlDYuB5cm60uXz75pNq5e1_NzOvWpsCsaCEcwwnW3D_eWTQf5OrsOAoD59lD57H6Mn8ORQ_nzUrLsOEdfTKwnCd4QiX2sLXkEeRdP8Jrfa1HxOQLwWBHaoFFskgjIOrfV_wQVYFHyvoJAALjY4nl8PCL8hYXDBBTJFe3m5431cy8vyBzhFWWLZ3sR6SI23Z7T-rA13Lu5_fii24fO9BmLrSbqaR4fDuQWwhzaRnj8k1KX8aP93HZWoQeswwxcsFx_qp8biSZxCIarkRFJVAXSiB1RbyaAPoZ494KKcXEOkJgoarpipAZyKpyeEmq_IyU6XGxFPSXT-FSY9BXo3Pj-UF0yG40jEXyaPsSGlrxafBg3k6HUdKOiX-RkQwFkn17LjZgFKV5dSiFK9Av5HhgEcJ8BfV2Ydwx3V_sZoHXQSwGjZggnQ3C1i5nKUuM-Th7IZ2rWcbClX0Gyk3ZtW0vxc7Vd6xKG8Pd4aRPjKpj_FFr8YBoF_vtdykaLf3pn6gYg08yb7eTpitkFGlU7O17kt5z_VUei2FljScU6ppTuSZ1IpymGr8UYiWopSVUF-pEA0qc_0CWZ_UoAaKoJ-bPlkaEPdb9Ys2Ui6bznaPIwUy95CZPSg8zY1UCiD6t99593Z3eDKaip5jyI2Wy9bK-u248PiImNT1QaeMmUtyqqA7WigpLJ4tmd-A3Dzqn7W_NgoG5kV34BNiklxlC3a-FqDQQ5l4XyPnMmmFzdHTTj6jwbtcppnKhNi2Pr-mpCV_xDQUzBhcspTM0NC31Fv4O2EQ5QXVy8l0oPZp9oKx5M3UkADY8-Ccw-21YjK1cLwiBLWJMljeNUS6xi_P1M0VmmQYkoXqKsCiOSreDEdevlB5Wt8zM7G15uSS_sObnC7byW5Rulex1O3AzvVXwOfsm5w5rdkXq0i5LPmyj4EvS1sEEKcdUZGlywAQAt9jj97QIgxdoEZCYhI5C84xRUqjCVb1Q3V-4sQbFERv5pi3F6PgWga9pgTWNoybuG36slESmh7S9RfMK6SeTi0o0Y-8qZ9xptwtVcm6i6aCHqb_8WS-cP3z5k_r14qa5z0coZkt_6Lx0tpgPz5gozXh5scWHvXf-kuUJeiZro5T7PYJGc6lNkeQ8gYa_DHUIeXCyqWw3eBWlWIZ6kN5Ju6SjjQXOxCzC27ISA53dsuBKHgsBfkUNWe3HLtoG7EfxIFNOMZXn2U0pkJnOjMDC6Rf5mTx_5mqLbmuqnOpLdPspna9j2ldNSgGXo24VWGnROOATKlZV_i8nIWKaRjWlhIapyG42z5JEHCJPy9_ImtOq-VFFGkp_zWvuPhkYNvQUqZxa9-nNBI-h0xVIR6hnc17KQfgFLEglRpEQM4D042VwcwBLUiTCK38fcLkGRkn7X0vwdp1k6Hraum2mj-TOkvtMeOMY1P7oP1GiuZVPdt98I6ciNB38FCr9PeIafsKCWZ7lsl4SEbZ37u3MT4BcpNhKjM6DYUw8pUQDF-q3D4v_MJaG8aYuNAaTM7MT14ehpug9dSIw2ANPwXk42JgaayXWwedrZWMdesS5x68dNRp-aOVQxcU1XaZGky-Ffgb8ru-5xf3N4ZPaLGcXvzdVoCWl_uHvCmxGHOnFagrR4P2w0SadVTWZbDqRB-pJ6R4MXMgzq_B5rIvT-fh9klMj-XrONIvndlk8-biKF-dlnHlABPq9AJUywkmXk7RRuOCim9SDebxuHgNendY19lX4bW8TX04Bk8QI0Oqt3IpET6bHQFTXmgwtP03mAmOIUIj7THoZ_AhLmwyJpkODLGQv76-sPjzSFPVYaqhOttla8cS2304Xs4XvvrMEyhL1W3yxHtbiDCkzMeDq7ER-uKw8kkTsEhM&cid=CAASEuRoZrc-7nhRTFN0vJdjzOckVA&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash a3a50c94ec23dc4f3b4ffddf4fdd93064ef31016886ddb10f324eb3bb17540db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29921 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0768	3 KB 1 KB	94ms 41ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:30:51 GMT content-encoding gzip x-content-type-options nosniff age 569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:30:51 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 0768	120 KB 37 KB	86ms 34ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1634750403498492" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Oct 2021 01:40:20 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0768	14 KB 7 KB	73ms 20ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:36:07 GMT content-encoding gzip x-content-type-options nosniff age 253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6286 x-xss-protection 0 server cafe etag 17196531676875957370 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:36:07 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0768	42 B 63 B	47ms 47ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CUzx4tCCwzRahBUsYW-oJLQAMaw7rqipQ4szRDLstyzxEBwQCdmGS3QmRMU1KkwUEyHwJ8t78hNDz2_AYFUa8gP-gDtfiwChglGMP1xJTYd1nRb54 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4A88	640 B 316 B	36ms 35ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Sun, 24 Oct 2021 01:40:20 GMT server cafe cache-control private content-length 295 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6865	74 KB 29 KB	72ms 72ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGOTV_fz5OLyJE8W387kJ-mz5RCaUUd07rEWdjhKhbtfRzO59NYYqPZcaK6y0o1B206e7MFBYx-PNBB5bpWi8ku0a-yGh1r6KbShPJkZMgpWk-xssgBbfxbYcA_Gi64SCbXR5dPnpWHNk5nXXrSSokkLLfEA&dbm_d=AKAmf-AJn6EC9OII4l5TiL-iD3H4Zp6LtqmaIp-DXR8I1Wiu6AgaQWE3dAuGM0eXHw1eMSj34_FbKGBItOXPhO7SfX5oaeFcx_GfJfT4hH0E99po3nDbIPbYy4pavMvSx55IiHth14rC5dejRZTvNAsjoak6CUJAcJd6gZRhDp59FT2PIZPXkm5mQq1WwHd3viK8Bp15za8uVxFh183c3bW85D1U6zdi8-IAqQll1_yummKINGpBehNuagNj81YG7_RC4qJd3lV1ixu8N6ob9ABK1uTHjW0a3BoRVkGRyS95o43UcmFmrqlHEs627A69cJlZRuLLUnisD5xgGTEWa8ZmbUH9RCNcInN16PRC9Dl3vnj81-7aRRc0jplgvX1SxvT07JT3uOQkec78yKos091X4tSqlmy6rkCi_AUuWPcfDqEB5w6NMa-hqv5mwvxnCSKngKWiAx83bT59c0NK8PYM7hY8ItmytvsphSPIS0IUcjywxJe-7Dd3hyMLNhToy5t7_AGwv0KtioPeXhBsLC-EJjeULsEXBWQEdscTDibaVcOEkPCxjXk9ltaszMjnK2QGugwDGa3BHErdYlg0C3QDKuM5805rW7297tkFFB7t7BlL2hVDKgcVSRbFp7KsaOwAvG2bwI1Y4T7wsWyUvoitkbndyaN7k4FMimhUGtqEutYji23wAlkTQh8TrmtVQZ-pWvGuE4vfYM5qr270AKedW3uwaeDH9GVZKVzOHPmJL7cQACszIzCMLfQ0e95mbSRfHatVv77h21x7fpyr_P5QCDHHCQQmmlWC_ffK4v7kH2csx-P9fYvSE9Bm8vaL4BwkpLNKK0v0bDkDKQ0FJVNpTspING0orbsctM1lcia0B5SjGN-g187iloGWjHdBOBu81twVmHaiO9wX4dZS9NydKCkpNZUgXEhWcNJ8B195oRjeZyseF-JLyFq2WyDfKwZsBQfokN067A18sSES0fI_KsOhjRxG7wQbpW6SrCI65yw_nZxq0LZmhiA4cZBFOxdzbm4KYqhU_GP97ttCbl89-vNpPavoqvgUXFP81QPgKeixJfZcnyD6NeJUQyFOusH1MDVbeJaNGxOeJ__1zqk_f_BR-0r6EM08F2Sw0bIv8PexnpMadW6kIo-A_O7wEefHhMyl0kx8sg-_YHb0LBA_KLHC95nBKTJ_MrPNeJFAL7HOt8udaM3tIE_MiVC8t2O_xcsmCc_aLiFx9p6XcaXZ4aeG7got3Ms8PxL82cv9UbfigkTnTYUi2YJ2WxG6ZiAOM_-LJKkychJ0PQNkT4o3jlpVpba4PgbDXDcrWqTalI33deqSbRIIfIl6y7YYU1gptsNChFqhiK_RdRdSuxDoncXyokgR1vYn1Pbs-HYq-eOdzqCy-xIJlgfFiUHnDxkkdLHKcsf6y1_vZ8WLXW54VCb_ZuMf6coDPyNLfXSNWRTmlrMV1aAn65MJ-ttQfxk6vJl7ReHoQj0QJbvPuyk0tpDAqU8w9sqQdsX1Z_zsBQFcBcZ-gac8VBUQqJiOQ8q1oQBihRwRKSPB9Ynzlf5nCelrz0ha3kL0BJebSYkowWfrg9KsXetNe24zuxnxJxJNsT2ER4b4nbg5WrSR6uwc9MfVWXAiZan00bjvoh5lrP4re9j8EBKf6e0rOLd7n1--e17y5DE0LcRXnyWJbUII-zULmqws6bbWXsgcULMBEjdhoADinzoBkJ48y9byk45FsyfU_iNEWEADgAxvvZJeXn4NsjeALBd6uewU9Woj9SFVP843qP7O3M4qrTd5a9zr_JVR2k2MkWiS8pufnwUrulIKxDR_fd9ZAk01LNx1bErwwEgSPO-6VdedFqaYLtYH05eD_jMODaZ37KsGbk7YM3vDps8p7oDOtFYOImHWEqMJps8kcj-aVUOiteFlJsuoNP12W3MF7dKLOdtCwSv_2NfmUE1efjZPXDFKEDDwI6QBjzru7s4IA6U3ae7X7_hzv9SqVviv9_aMfuEEv_Zw0CiKiwysSCE328ffd9RpWt5QQBuAUbGWrlL_WEZRERWLLhOPmeMnQWOt0o1bOVK8vNZ-nPjis-NkJgsGVElcHtAzwqdbGviuO6QGy0L9A7NuJXw1YQijV4CwkvoSbTaWhgxYWNTAMgIda9uo7n0x7S_q-MBTl-HySyNtMU6-hlEfuedSNQ2PS-LpR14doJm2wd42717lqgontyHs3zgdzCQhJ_WAxElwE3VI8K0oj6KMbXRLfLVduHDyeGxYEdEf-Ajf406RRb23ZeDedbcMBuFEG8Hq-76OoBYmozTMiVKskxf1yKltvh22fbllRpRH1pNZvquY2_K1SWQ3yfGtvFkuathSVLrjpdzBxT_42lk2pJMVzPIPOeOPaRyNpTh8bZotu3mCOMOEI7GEBDJPWvz4GfJ4Agbq7MxasHEFBKTtd-iuUMoTmc9Us0gRzRKDo5ktHanf9aVXOPOQ1M1rVG_wzdqeFlOeIGAy-2KWZaosFgRCX5F2a8lT2patpK7YXD8m0nShF5WBSj8JckFwgvDeBURH1JJEPispDINEzILIFz-5ukDMfDagsf3pqp7BinGWqGiHAhf7xKYdyEa_4ui77LdK__TNc4vGLFFDhxjAyNDuZuPkypgCnK1z-meiyJc4jM-lAeh3-EGGrqnzTnowHocHBM6IdM5g2fEkUC0F3weAaKip1d9PIhUk1NcNeI8dFdX4RfC4XfOD5ClXpqo5dLHu__iAE-Kpem9HzlvFpPG8o26uHIkMQCjOS1PCp0vyLQGc5GyPQZ6CF4d4j3uEsoDeIcqhz9Qbj-a55RUyRRgBagsokfvHLGppw863qNTSEZiHcT-rKcHZvA_V0OVc9jgudt4Uu0IR0Sw7d2nRv_qEU7-PIgnAGw4WPGoIUplZxpEUTyELBp4ZuxsjwqINNLKwvNthnnonMY7bo0NLrsBBhWIsW8R-SbBL7JGbpcP7XVA_qjKDHD5KhSFAxvd0ZLNnXzhj5zgeyBF8fW4osGAkJj3W2EZcTjhR4RLjZP2M859bTw&cid=CAASEuRotD8VG_tykkfPaoMl8RJ5ow&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 9eda5a2975126de024e517e43ea669e3a64082e24c01514ae2806d9f763f14c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 29613 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6865	3 KB 1 KB	80ms 42ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:30:51 GMT content-encoding gzip x-content-type-options nosniff age 569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:30:51 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6865	120 KB 37 KB	100ms 63ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1634750403498492" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Oct 2021 01:40:20 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 6865	14 KB 6 KB	60ms 23ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:36:07 GMT content-encoding gzip x-content-type-options nosniff age 253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6286 x-xss-protection 0 server cafe etag 17196531676875957370 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:36:07 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6865	0 0	21ms 21ms	Image text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1cDpbmh2IelfJjiBWzduydt5EUQhmNwyL3PpqALMZ3kK-XuMuklc5i8cYwL57L6pRyc1l2gVYLojq6VYNj_0M9uycmw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6865	42 B 63 B	65ms 64ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B6iI14cU7iO1MS63ai-8mGLx6yKNX2ByB623E14iSC4itR8R__pzjSvl57-aIiez8bvx8-Sc7QZxvfai-xlPgG9G7E2hlErDwLhp89-gGYAmb5dOU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame B7E8	499 B 334 B	33ms 32ms	Document text/html	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiV2d-3ATAB&v=APEucNUnt1gXg_9TXfVFuH4tBYwy687OlG--cYecdj0b_IMIvXVkA5pC_DdLrN2Q0ULFJ96rt1XZEqos3Z84xenMEva5C__AJ_bA9UkCtJrydjiYlpPKf2OGf9p96FslWbn5qxweM6Wy8E3NvhqvPqRs0quyy3pFjsYJap9enFQkUpBiPX-jIsU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPvjgQEQ_aOOARiV2d-3ATAB&v=APEucNUnt1gXg_9TXfVFuH4tBYwy687OlG--cYecdj0b_IMIvXVkA5pC_DdLrN2Q0ULFJ96rt1XZEqos3Z84xenMEva5C__AJ_bA9UkCtJrydjiYlpPKf2OGf9p96FslWbn5qxweM6Wy8E3NvhqvPqRs0quyy3pFjsYJap9enFQkUpBiPX-jIsU pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 accept-encoding gzip, deflate, br cookie IDE=AHWqTUm4dYFZeTyjuHn9cBcQgVS_RtwBKKiO6U2N_VYg1bY48n_X5JqPgTiLANj7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Sun, 24 Oct 2021 01:40:20 GMT server cafe cache-control private content-length 313 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame BAAC	83 KB 31 KB	84ms 84ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7vsbpiFDg-23zz_BBpVDvnnZEurFAWRyJ7rLjI34mnGWOIcCYAyhUwcLIPyh2gjjZVtNRCc_VNRHWCsB5GkM4GyWY8feafeucK6gyt26K1V5afWcytfxYuDNsWTLDDe3WpTACEzpq7UEZhoqSHkTpz2WsrQ&dbm_d=AKAmf-A92E0l5JRefJ7AAI0GBHX166JwTIPNfs-l29kxpJiETp6g6jxMCLZ1mnAxsNslRGEDfsgPSM6_XihHYYvPekAkV1VewODG2I9SeDOtjd9CBq7_C82MxlBeerfv2aTB4JaXYfj0MVeohuZeqbhOewqcYnZlfIOlFc7MAgtS1iJEszBt81i2UCvNX6EHTv2vxV3pB5Yy4TOATCavTYnh2l2h2yzmkWCVkLoidhwabE6s9vEj--EhuGg_C4_qDX1x2WFaByjKde3IwwfYw5HV2I8gsy-QH8ua7Em51FwuhHNqfpnYom8lXX4zSMAb27F6REewrvzAQYx8ip-PFF0iWe_J3ghPc9mVpzvrrZ-ndSIMlBCC8srtcwwZwrR4yv7xyEehPT5-eXlVOfobwRpCZgq8T9wohRsdWYo9q8Qddp4QySuVkM6U_g-nyhaqS3mV5ZzIMn3WqE18s8R3O-vjPWNdUPtdaTsQXuuWxhG3lVmxPraF-DEad3FDR9xFXaFSrZZQyE7Jm9pAsJGkYntVgErxJ2ulmiEUIW4m9pYpX7e8GTOBhzXP32Qlrb_5oPpzqBzmpNohIf1IR5YxyMJQq6ySCn924lvk3gUyUr1wsqRTFJBSq6oSykaI6vl420QKNJdmRbR1J40Sja-h-FuGsOMxg2IUqBZpa9DDXTmt_3vsLb1oCFXM36ZlUnQ78GqkEiSwP58uu8qJWWhaqV4R6bFZjTXawvB_yefPtC-UTjjEILap7_rSSxF9zP0gDpUz4bqSNz67rV80LG9-Uq4C39tsRpatrXYs2B6Em1GlBCmPNaeuSY_UD1MW0E3BZCuyczPTfa61kkMN4czrlEvBmgZWHy5Mk4OXCV_wPUHzmv377UVHPIrPxi1HfMYjYlpuV8PKepo61_SQ894eaArl_OGnjMeVJS769fsIZ0YouEqOiVoSNacL5r0mhK24AyOveWRuq6KWWu4Fob4fWcGHtPROgxG5nYMjxYku-jv9uPOy7xoNhh1fWD9LDPCJJ_Yvq_2Mz7Fg38uXyzcubIGQIZnQ40h9WxNgrPW72PaczvO1CivPOddo9jGGZQnBu-CIkEciURdi2PtC-w2rG4hIO8d6p9PvU5xm4U-cCgN4B1jF-w2Rcjqm8wWr3hjC-CWX33SvOCjWfBKX1mxaBahKUl1m4sErDwiCZ-elXbvUVU2KSBqvxK0x4YYBVgMOiiHrrlqn3K7-XCdXuV0rnhmw6V9Nu4D9SizEU5GCRKaqEIkifRG5YMapDW_kA_1rXwUAtzE-k2dBxG78JVlYmugurukauw6ZrUMUfATmiPabQAoGx4pkqBc_uar4muvOw4OKisM-Zbc1_JYradQOyhIR1fqhm9f509s4foJXafyLg11ZY1h52HA15E9Ek-s-orAwaHuhT6a2N9c00XToeM-UNo8u3c3I4XeHon1MmSDU42blsGac6n8ybQe8sXnLa1ppE9DDPBuTagrt9WktUiD3AK_pXm5IUOcztaQwtRIRERb-NM98LeGvEWdfUQsNZf0H9og3vg5M2umem6k4UYDLKM3290ofvilsTlxdRMwuo6rRYzBCpRd_ip-2W8f1E-neJm9u6f7MOysF5WK09-oxUurzqpJUiW5Cy8I8NmwXCBXzWUigPl3FeF8plzrbhA4wPiK0BnqpYyLbpTPy-UjhixJeDFyTulWU_uTrom-8ZfDllnW7Q6nV1oUNCr3J7oztfkECjj2-iWFgL8LHxEj_R3bMY-eAdUcmULISHRYZLb2eCMCj4bxaLnQQbYnHNld0LyFOWy29LWCFjRKvc4Kt_ZC5k1qEb3fpeSc0R-cQAYDxdjxjDD04sIQuPDzWIHSAslZ_6R5bBflFMvSFI6kL3ky0c21rMWKNZ3w0z33T6Yqqh1A2F25sWJNq2EsG2lDQ6a3juVxfZ1xyXWoHvq3uAaTS0GpRUTrgjiRVtLxtTOOnIiS6IlZn2d454vbGu0SBY6uza1J36k2IqFkEoAHa3sNUcG_Z4xevs00v2qwXF1HkyLPgSp9X2TsZP0rg3y4bXtskAAnWouqGehxS2tI8eNRVfyOZI9Qti_ewBJu1S-HdN22BOq0qSMXV5tK8qW95U2NIoOFcyXjDxfbqL4QhTn7rwBWoKdlwzj-q4M6PjOr0qR1dbSml9oU6p6E3ZJJ70-QbfUJbvdqj2JVImQap4ENs8Gg7NN6E_VxeiXZZLG3r0yh1y-E0vcLD17F_SKw-q6VQkjMwxzv80DJkiR-gWScZqvxjVeDCsLphDb9-K5_Zh136oHFxk6H5VEHt0CMXxJEf9DdrIV2KiD8HG47r7xaaRlWogtnO2Ic-eVPs8ogiJw0aIBNRtB9TrxM5u8NUZPlzOxUkiBw2a0IDIXS4UzSJ7X2_31v8D3oOCz6_ZdAD5Ml46Sq6dyXVOyCa4RmeJ7bYTv6VXIe4B4NDWOat3wyqWm3AGjLXqUy6AjAkb9wPf78AaHRBuUr2KI0PV5n2HMOF4Mg9rLbh29YzsipsBEjnb41o_np8cXNYsFtdRqc-jY4YF7alhUkZ_8kc7tvv3q9aWLqdnEdKMClGbB1ORxskB4Jimc-w4AwEQsNcRZDxBLn0qbCCmqbo9ZNA59YnPgoawue7dlTMY4eWIixYja5MLByf-_eoId2stXXkMlmFdT1p3LWlIi3xq3gHASNlQ5AWYb2ulWBfFDJpiXDLc3YoFwLuNbwVlPSs3UzQx0w2Q-KjROTzK9LuiQp5ixmEoYiKCxuHtmB-CPsMIq6nq5G8Gsbsm-kjTiG2CJ8I6AVb0QgwAKDaw018TfciMSXyXhzkb3L0aclCzMSD4m3z86YXMUqKwHg8VFJc6VXhiURG3kxCBpPt90h_m4pEyVrCHFCMBzsJB1-0VaXNCWs6TrxROzvmUuDODbosmAdcJStAttPNy3TFXWFblx2DNFAxVjhDIJR9sGv-zLrFJo8rJ5JSeWxh71zVVYXKwWR90N4Ui-Y6bVMv8MEDxfBqbg0R7y0QJBkfclZAKywfDceTP7_Yo-4nIg&cid=CAASEuRopBtsYiIICHIkSDP5P0ACyw&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash e7bb8394bcebd5bb117a26d0b5553628170756bf49dce60721847b781316e480 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 31852 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BAAC	3 KB 1 KB	66ms 41ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:30:51 GMT content-encoding gzip x-content-type-options nosniff age 569 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:30:51 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BAAC	120 KB 37 KB	103ms 78ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash 9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 37344 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1634750403498492" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 24 Oct 2021 01:40:20 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame BAAC	14 KB 6 KB	51ms 26ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software cafe / Resource Hash 2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:36:07 GMT content-encoding gzip x-content-type-options nosniff age 253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6286 x-xss-protection 0 server cafe etag 17196531676875957370 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:36:07 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame BAAC	42 B 63 B	67ms 67ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkpEkjw2Dmj6k2t8PkxERxQDnbrT15qvnfpp3xx9PGZQt8xGaLQM0jlsa5LPjkAJciojuD4OVADRvDTjfkPKDNA6RXtwcJ3e40OwBn7pLGvJfNau8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5407 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1	43 B 894 B	19ms 18ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sun, 24 Oct 2021 01:40:20 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 5407 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXS5hHLrXXC.zv2mU0bLngAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1&google_hm=2	43 B 894 B	38ms 27ms	Image image/gif	2.21.141.232 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.21.141.232 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-141-232.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Sun, 24 Oct 2021 01:40:20 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGRfZge5dib5zX_fnZ-JZ1o&google_cver=1&google_hm=2 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 5407 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEEFtBOALSSpZX9ulbvLvuxc&google_cver=1	0 576 B	10ms 9ms	Image text/html	37.252.173.27 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEEFtBOALSSpZX9ulbvLvuxc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US), Reverse DNS 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:20 GMT X-Proxy-Origin 216.131.111.9; 216.131.111.9; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 2b9d05c5-8918-4d3a-9b92-320515ee4b12 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEEFtBOALSSpZX9ulbvLvuxc&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 5407 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNTM0NDQ1NDg5ODE1ODAyMg%3D%3D	170 B 243 B	46ms 34ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNTM0NDQ1NDg5ODE1ODAyMg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNWJuXjZwl_d3IESmCVQT9FN17Tnvfro6Qv0MmV5OZ8alE9ALHmUibDkNLY_pWA9M_jBZFf9DPR12farwwinAOEtfabpUW1MTTFY2B0SxsLMe0ztX_qecTVhRMI1_WWLXGWp_cPv1K5ZUDKU1zM_p9aNM3kdAkZJg65LxaMYUaRvZZFlGe8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:20 GMT X-Proxy-Origin 216.131.111.9; 216.131.111.9; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 5bb5dbd2-8747-4e46-929b-15d13275b7dd Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjYyNTM0NDQ1NDg5ODE1ODAyMg%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 4A88 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq9jECOA_uxX6du1mXKmUM&google_cver=1	43 B 180 B	38ms 38ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq9jECOA_uxX6du1mXKmUM&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.217.1 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT via 1.1 google server OXGW/16.217.1 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAq9jECOA_uxX6du1mXKmUM&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 4A88 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU3YzA1MjEtNTYwNy0yMDU3LWYzYWUtMzI0NzhhMzc1ZTYz	170 B 188 B	49ms 43ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU3YzA1MjEtNTYwNy0yMDU3LWYzYWUtMzI0NzhhMzc1ZTYz Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip server OXGW/16.217.1 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWU3YzA1MjEtNTYwNy0yMDU3LWYzYWUtMzI0NzhhMzc1ZTYz content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H2	200	um sync.teads.tv/ Frame 4A88 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm https://sync.teads.tv/um?eid=3&uid=CAESEA2E5QfMrfsRcuSMrwVKMbU&google_cver=1	23 B 172 B	43ms 42ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=CAESEA2E5QfMrfsRcuSMrwVKMbU&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.6 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT cache-control max-age=0, no-cache, no-store expires Sun, 24 Oct 2021 01:40:20 GMT server akka-http/10.2.6 content-length 23 content-type image/gif Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.teads.tv/um?eid=3&uid=CAESEA2E5QfMrfsRcuSMrwVKMbU&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 281 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	um sync.teads.tv/ Frame 4A88	23 B 172 B	77ms 34ms	Image image/gif	104.111.242.245 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2fnwEQxLOfARichL23ATAB&v=APEucNVHAR2jghBNjPcr4Kg8yFVEbtVXxL3tKuk-z47t0uixSws3SkVoHnnWaHq4VkHWiKsK_CZQyXFJc98P7TNXnhpPsmnieXh48PEHOw9ZNMqUXesRIUaRb7toaTaLn7KlJuXCWEnS-46vTc96wuoucGovrjkBQz2FA_1S2K2sRabfiiwH9Hg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-242-245.deploy.static.akamaitechnologies.com Software akka-http/10.2.6 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT cache-control max-age=0, no-cache, no-store expires Sun, 24 Oct 2021 01:40:20 GMT server akka-http/10.2.6 content-length 23 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame B7E8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENmUafuTNSafVXIcShjoBvs&google_cver=1	43 B 548 B	69ms 34ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENmUafuTNSafVXIcShjoBvs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiV2d-3ATAB&v=APEucNUnt1gXg_9TXfVFuH4tBYwy687OlG--cYecdj0b_IMIvXVkA5pC_DdLrN2Q0ULFJ96rt1XZEqos3Z84xenMEva5C__AJ_bA9UkCtJrydjiYlpPKf2OGf9p96FslWbn5qxweM6Wy8E3NvhqvPqRs0quyy3pFjsYJap9enFQkUpBiPX-jIsU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 60 Connection keep-alive Content-Length 43 Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESENmUafuTNSafVXIcShjoBvs&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 306 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B7E8 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i... https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTkwZDgwNzktMzQ2Yi0xMWVjLWExZjYtMTZhZTgyZDMwMjA2	170 B 188 B	91ms 43ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTkwZDgwNzktMzQ2Yi0xMWVjLWExZjYtMTZhZTgyZDMwMjA2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiV2d-3ATAB&v=APEucNUnt1gXg_9TXfVFuH4tBYwy687OlG--cYecdj0b_IMIvXVkA5pC_DdLrN2Q0ULFJ96rt1XZEqos3Z84xenMEva5C__AJ_bA9UkCtJrydjiYlpPKf2OGf9p96FslWbn5qxweM6Wy8E3NvhqvPqRs0quyy3pFjsYJap9enFQkUpBiPX-jIsU Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Sun, 24 Oct 2021 01:40:20 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTkwZDgwNzktMzQ2Yi0xMWVjLWExZjYtMTZhZTgyZDMwMjA2 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 141 Connection keep-alive Content-Length 0
GET H2	204	v1 ads.yahoo.com/cms/ Frame B7E8	0 445 B	66ms 19ms	Image text/plain	87.248.118.23 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiV2d-3ATAB&v=APEucNUnt1gXg_9TXfVFuH4tBYwy687OlG--cYecdj0b_IMIvXVkA5pC_DdLrN2Q0ULFJ96rt1XZEqos3Z84xenMEva5C__AJ_bA9UkCtJrydjiYlpPKf2OGf9p96FslWbn5qxweM6Wy8E3NvhqvPqRs0quyy3pFjsYJap9enFQkUpBiPX-jIsU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.248.118.23 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS e2.ycpi.vip.deb.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 0768	169 KB 59 KB	87ms 26ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 11:16:35 GMT content-encoding gzip x-content-type-options nosniff age 51825 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 11:16:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 0768	8 KB 3 KB	14ms 13ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CP7yI3VRwy9PH4tzA2sBaxZ4lvdhEhpRADptMzLDe81vrLT3-q5UM6wrwr5e6oTxZVd_aKbQdQ0LTRT293swbWGPO6abZaW1qhGVlCgQX48Svmjilatuz2PELmNQMVcn_r_6iRbxN8YzCLfde8hhNghpALdw&dbm_d=AKAmf-A8cZNLf4IUhFvsXqHO91EDfuM3SvIZNS005HxEULTu6D60YJ8cbTXhY-u8lbXNuXP2t6S32MG_DrSx6ot92NtFiPs5KCuIbfPfT0a_7ReiHrImXqn8CrNJt8WCt68sIOsmYLkm5h20UQ3cjSfMC3qw_653h_TyBVtp--T8wlusosdCvc6upCWPrLFGoQwOwgrsXJdAuUXd7P2UAoFujiMlBD947IlT3IpePEWOXnIyQtd_scfYTCa7zhWZTKtSOmgMJJKUzM2yI6KXvL8RRVSDi03xntFymNseUBN3EX4tXbIRXQITezJZkQFDiCwtknQ0guTBvOxXKeOF07Pa4YxDP4rx5_5rOE-z0ayAjo5AMJnp2LXJg7UP2XUk5kVMuczrgEW2q0kF-8TPrbRs1n_hf96gEeq1yWfxXyQKVGxN0SLutouGI97mmnIbgjUr08pOQdoF7FYovmfcYO6AmpymSVbzpFvukK0D429PXTBSuzxBF1QpFnARz2ca6L-rvU4E-GnOw_ipYihhQsJ5XiaqoS8WsvTuzqWYpiaHvPSKrO2Qm7NdiWNWFMn5UR7-CDivpnvSq8_GVbH6cNsq0MgjGLPcyPW_9ERbyWMYj9WpPDhBAH8WB42QTjD7VURMV6uB2lv6mC6LGCrm6NvUSkwXK6c5gp_gDOVt8lPvTS3mwwsJOrLXwffzUHf93fB8tEk7ASgF_me_8S3zHBaFg2ddrad6IjRhBwPaZe4mc0dsgAnboVt-H9RQUgBfeyKzo-yvJJUkc8zWtDQb42g6cEn9E2dGC9R3oZKyFAsmDB3n51KuT1u-54ZMjfSfWNGawI8NxpJclqBvaqvVwyEkg-KjrBBkE4KITE5OC62mhVL9-EaqIewd2CIjiD6OfiKS8bFVDhFOTdo4-Geo4A3lFtRX-aEqy0ySruuK5pLAiJUSOV85YVcSDyTf7o68kPlPpZK4u30mailh8g28xnifeNNcjWnyCNclMZBE5f4BdabKGNdPIMP8TbS5vM7eqeCTD0dZso1elwQDoV7N8p_Lbx96cwGSjay-yO_Y1HohnlkVTg_LW4gwyyPCTsPlnJReQ__ZRiGTCGGkEfavQPKwXPbZMuqX2vUbKYfBrRB-mTuCtjrikBP9u-94oq9WcEk687GiF3YOdkZvu3To2AT3QsyUs8aUXCcIosBEr1iOQBjY1F9Cpxvv1anBPhXaMdXW_oCRQB3okNxidQJObEJCBxxOhnsvdmSBJlDYuB5cm60uXz75pNq5e1_NzOvWpsCsaCEcwwnW3D_eWTQf5OrsOAoD59lD57H6Mn8ORQ_nzUrLsOEdfTKwnCd4QiX2sLXkEeRdP8Jrfa1HxOQLwWBHaoFFskgjIOrfV_wQVYFHyvoJAALjY4nl8PCL8hYXDBBTJFe3m5431cy8vyBzhFWWLZ3sR6SI23Z7T-rA13Lu5_fii24fO9BmLrSbqaR4fDuQWwhzaRnj8k1KX8aP93HZWoQeswwxcsFx_qp8biSZxCIarkRFJVAXSiB1RbyaAPoZ494KKcXEOkJgoarpipAZyKpyeEmq_IyU6XGxFPSXT-FSY9BXo3Pj-UF0yG40jEXyaPsSGlrxafBg3k6HUdKOiX-RkQwFkn17LjZgFKV5dSiFK9Av5HhgEcJ8BfV2Ydwx3V_sZoHXQSwGjZggnQ3C1i5nKUuM-Th7IZ2rWcbClX0Gyk3ZtW0vxc7Vd6xKG8Pd4aRPjKpj_FFr8YBoF_vtdykaLf3pn6gYg08yb7eTpitkFGlU7O17kt5z_VUei2FljScU6ppTuSZ1IpymGr8UYiWopSVUF-pEA0qc_0CWZ_UoAaKoJ-bPlkaEPdb9Ys2Ui6bznaPIwUy95CZPSg8zY1UCiD6t99593Z3eDKaip5jyI2Wy9bK-u248PiImNT1QaeMmUtyqqA7WigpLJ4tmd-A3Dzqn7W_NgoG5kV34BNiklxlC3a-FqDQQ5l4XyPnMmmFzdHTTj6jwbtcppnKhNi2Pr-mpCV_xDQUzBhcspTM0NC31Fv4O2EQ5QXVy8l0oPZp9oKx5M3UkADY8-Ccw-21YjK1cLwiBLWJMljeNUS6xi_P1M0VmmQYkoXqKsCiOSreDEdevlB5Wt8zM7G15uSS_sObnC7byW5Rulex1O3AzvVXwOfsm5w5rdkXq0i5LPmyj4EvS1sEEKcdUZGlywAQAt9jj97QIgxdoEZCYhI5C84xRUqjCVb1Q3V-4sQbFERv5pi3F6PgWga9pgTWNoybuG36slESmh7S9RfMK6SeTi0o0Y-8qZ9xptwtVcm6i6aCHqb_8WS-cP3z5k_r14qa5z0coZkt_6Lx0tpgPz5gozXh5scWHvXf-kuUJeiZro5T7PYJGc6lNkeQ8gYa_DHUIeXCyqWw3eBWlWIZ6kN5Ju6SjjQXOxCzC27ISA53dsuBKHgsBfkUNWe3HLtoG7EfxIFNOMZXn2U0pkJnOjMDC6Rf5mTx_5mqLbmuqnOpLdPspna9j2ldNSgGXo24VWGnROOATKlZV_i8nIWKaRjWlhIapyG42z5JEHCJPy9_ImtOq-VFFGkp_zWvuPhkYNvQUqZxa9-nNBI-h0xVIR6hnc17KQfgFLEglRpEQM4D042VwcwBLUiTCK38fcLkGRkn7X0vwdp1k6Hraum2mj-TOkvtMeOMY1P7oP1GiuZVPdt98I6ciNB38FCr9PeIafsKCWZ7lsl4SEbZ37u3MT4BcpNhKjM6DYUw8pUQDF-q3D4v_MJaG8aYuNAaTM7MT14ehpug9dSIw2ANPwXk42JgaayXWwedrZWMdesS5x68dNRp-aOVQxcU1XaZGky-Ffgb8ru-5xf3N4ZPaLGcXvzdVoCWl_uHvCmxGHOnFagrR4P2w0SadVTWZbDqRB-pJ6R4MXMgzq_B5rIvT-fh9klMj-XrONIvndlk8-biKF-dlnHlABPq9AJUywkmXk7RRuOCim9SDebxuHgNendY19lX4bW8TX04Bk8QI0Oqt3IpET6bHQFTXmgwtP03mAmOIUIj7THoZ_AhLmwyJpkODLGQv76-sPjzSFPVYaqhOttla8cS2304Xs4XvvrMEyhL1W3yxHtbiDCkzMeDq7ER-uKw8kkTsEhM&cid=CAASEuRoZrc-7nhRTFN0vJdjzOckVA&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:07:34 GMT content-encoding gzip x-content-type-options nosniff age 1966 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3128 x-xss-protection 0 server cafe etag 3658073882064373855 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:07:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 0768	23 KB 9 KB	14ms 14ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CP7yI3VRwy9PH4tzA2sBaxZ4lvdhEhpRADptMzLDe81vrLT3-q5UM6wrwr5e6oTxZVd_aKbQdQ0LTRT293swbWGPO6abZaW1qhGVlCgQX48Svmjilatuz2PELmNQMVcn_r_6iRbxN8YzCLfde8hhNghpALdw&dbm_d=AKAmf-A8cZNLf4IUhFvsXqHO91EDfuM3SvIZNS005HxEULTu6D60YJ8cbTXhY-u8lbXNuXP2t6S32MG_DrSx6ot92NtFiPs5KCuIbfPfT0a_7ReiHrImXqn8CrNJt8WCt68sIOsmYLkm5h20UQ3cjSfMC3qw_653h_TyBVtp--T8wlusosdCvc6upCWPrLFGoQwOwgrsXJdAuUXd7P2UAoFujiMlBD947IlT3IpePEWOXnIyQtd_scfYTCa7zhWZTKtSOmgMJJKUzM2yI6KXvL8RRVSDi03xntFymNseUBN3EX4tXbIRXQITezJZkQFDiCwtknQ0guTBvOxXKeOF07Pa4YxDP4rx5_5rOE-z0ayAjo5AMJnp2LXJg7UP2XUk5kVMuczrgEW2q0kF-8TPrbRs1n_hf96gEeq1yWfxXyQKVGxN0SLutouGI97mmnIbgjUr08pOQdoF7FYovmfcYO6AmpymSVbzpFvukK0D429PXTBSuzxBF1QpFnARz2ca6L-rvU4E-GnOw_ipYihhQsJ5XiaqoS8WsvTuzqWYpiaHvPSKrO2Qm7NdiWNWFMn5UR7-CDivpnvSq8_GVbH6cNsq0MgjGLPcyPW_9ERbyWMYj9WpPDhBAH8WB42QTjD7VURMV6uB2lv6mC6LGCrm6NvUSkwXK6c5gp_gDOVt8lPvTS3mwwsJOrLXwffzUHf93fB8tEk7ASgF_me_8S3zHBaFg2ddrad6IjRhBwPaZe4mc0dsgAnboVt-H9RQUgBfeyKzo-yvJJUkc8zWtDQb42g6cEn9E2dGC9R3oZKyFAsmDB3n51KuT1u-54ZMjfSfWNGawI8NxpJclqBvaqvVwyEkg-KjrBBkE4KITE5OC62mhVL9-EaqIewd2CIjiD6OfiKS8bFVDhFOTdo4-Geo4A3lFtRX-aEqy0ySruuK5pLAiJUSOV85YVcSDyTf7o68kPlPpZK4u30mailh8g28xnifeNNcjWnyCNclMZBE5f4BdabKGNdPIMP8TbS5vM7eqeCTD0dZso1elwQDoV7N8p_Lbx96cwGSjay-yO_Y1HohnlkVTg_LW4gwyyPCTsPlnJReQ__ZRiGTCGGkEfavQPKwXPbZMuqX2vUbKYfBrRB-mTuCtjrikBP9u-94oq9WcEk687GiF3YOdkZvu3To2AT3QsyUs8aUXCcIosBEr1iOQBjY1F9Cpxvv1anBPhXaMdXW_oCRQB3okNxidQJObEJCBxxOhnsvdmSBJlDYuB5cm60uXz75pNq5e1_NzOvWpsCsaCEcwwnW3D_eWTQf5OrsOAoD59lD57H6Mn8ORQ_nzUrLsOEdfTKwnCd4QiX2sLXkEeRdP8Jrfa1HxOQLwWBHaoFFskgjIOrfV_wQVYFHyvoJAALjY4nl8PCL8hYXDBBTJFe3m5431cy8vyBzhFWWLZ3sR6SI23Z7T-rA13Lu5_fii24fO9BmLrSbqaR4fDuQWwhzaRnj8k1KX8aP93HZWoQeswwxcsFx_qp8biSZxCIarkRFJVAXSiB1RbyaAPoZ494KKcXEOkJgoarpipAZyKpyeEmq_IyU6XGxFPSXT-FSY9BXo3Pj-UF0yG40jEXyaPsSGlrxafBg3k6HUdKOiX-RkQwFkn17LjZgFKV5dSiFK9Av5HhgEcJ8BfV2Ydwx3V_sZoHXQSwGjZggnQ3C1i5nKUuM-Th7IZ2rWcbClX0Gyk3ZtW0vxc7Vd6xKG8Pd4aRPjKpj_FFr8YBoF_vtdykaLf3pn6gYg08yb7eTpitkFGlU7O17kt5z_VUei2FljScU6ppTuSZ1IpymGr8UYiWopSVUF-pEA0qc_0CWZ_UoAaKoJ-bPlkaEPdb9Ys2Ui6bznaPIwUy95CZPSg8zY1UCiD6t99593Z3eDKaip5jyI2Wy9bK-u248PiImNT1QaeMmUtyqqA7WigpLJ4tmd-A3Dzqn7W_NgoG5kV34BNiklxlC3a-FqDQQ5l4XyPnMmmFzdHTTj6jwbtcppnKhNi2Pr-mpCV_xDQUzBhcspTM0NC31Fv4O2EQ5QXVy8l0oPZp9oKx5M3UkADY8-Ccw-21YjK1cLwiBLWJMljeNUS6xi_P1M0VmmQYkoXqKsCiOSreDEdevlB5Wt8zM7G15uSS_sObnC7byW5Rulex1O3AzvVXwOfsm5w5rdkXq0i5LPmyj4EvS1sEEKcdUZGlywAQAt9jj97QIgxdoEZCYhI5C84xRUqjCVb1Q3V-4sQbFERv5pi3F6PgWga9pgTWNoybuG36slESmh7S9RfMK6SeTi0o0Y-8qZ9xptwtVcm6i6aCHqb_8WS-cP3z5k_r14qa5z0coZkt_6Lx0tpgPz5gozXh5scWHvXf-kuUJeiZro5T7PYJGc6lNkeQ8gYa_DHUIeXCyqWw3eBWlWIZ6kN5Ju6SjjQXOxCzC27ISA53dsuBKHgsBfkUNWe3HLtoG7EfxIFNOMZXn2U0pkJnOjMDC6Rf5mTx_5mqLbmuqnOpLdPspna9j2ldNSgGXo24VWGnROOATKlZV_i8nIWKaRjWlhIapyG42z5JEHCJPy9_ImtOq-VFFGkp_zWvuPhkYNvQUqZxa9-nNBI-h0xVIR6hnc17KQfgFLEglRpEQM4D042VwcwBLUiTCK38fcLkGRkn7X0vwdp1k6Hraum2mj-TOkvtMeOMY1P7oP1GiuZVPdt98I6ciNB38FCr9PeIafsKCWZ7lsl4SEbZ37u3MT4BcpNhKjM6DYUw8pUQDF-q3D4v_MJaG8aYuNAaTM7MT14ehpug9dSIw2ANPwXk42JgaayXWwedrZWMdesS5x68dNRp-aOVQxcU1XaZGky-Ffgb8ru-5xf3N4ZPaLGcXvzdVoCWl_uHvCmxGHOnFagrR4P2w0SadVTWZbDqRB-pJ6R4MXMgzq_B5rIvT-fh9klMj-XrONIvndlk8-biKF-dlnHlABPq9AJUywkmXk7RRuOCim9SDebxuHgNendY19lX4bW8TX04Bk8QI0Oqt3IpET6bHQFTXmgwtP03mAmOIUIj7THoZ_AhLmwyJpkODLGQv76-sPjzSFPVYaqhOttla8cS2304Xs4XvvrMEyhL1W3yxHtbiDCkzMeDq7ER-uKw8kkTsEhM&cid=CAASEuRoZrc-7nhRTFN0vJdjzOckVA&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:00:27 GMT content-encoding gzip x-content-type-options nosniff age 2393 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9298 x-xss-protection 0 server cafe etag 5575107075035495308 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:00:27 GMT
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 6865	169 KB 59 KB	103ms 66ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 11:16:35 GMT content-encoding gzip x-content-type-options nosniff age 51825 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 11:16:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 6865	8 KB 3 KB	14ms 14ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGOTV_fz5OLyJE8W387kJ-mz5RCaUUd07rEWdjhKhbtfRzO59NYYqPZcaK6y0o1B206e7MFBYx-PNBB5bpWi8ku0a-yGh1r6KbShPJkZMgpWk-xssgBbfxbYcA_Gi64SCbXR5dPnpWHNk5nXXrSSokkLLfEA&dbm_d=AKAmf-AJn6EC9OII4l5TiL-iD3H4Zp6LtqmaIp-DXR8I1Wiu6AgaQWE3dAuGM0eXHw1eMSj34_FbKGBItOXPhO7SfX5oaeFcx_GfJfT4hH0E99po3nDbIPbYy4pavMvSx55IiHth14rC5dejRZTvNAsjoak6CUJAcJd6gZRhDp59FT2PIZPXkm5mQq1WwHd3viK8Bp15za8uVxFh183c3bW85D1U6zdi8-IAqQll1_yummKINGpBehNuagNj81YG7_RC4qJd3lV1ixu8N6ob9ABK1uTHjW0a3BoRVkGRyS95o43UcmFmrqlHEs627A69cJlZRuLLUnisD5xgGTEWa8ZmbUH9RCNcInN16PRC9Dl3vnj81-7aRRc0jplgvX1SxvT07JT3uOQkec78yKos091X4tSqlmy6rkCi_AUuWPcfDqEB5w6NMa-hqv5mwvxnCSKngKWiAx83bT59c0NK8PYM7hY8ItmytvsphSPIS0IUcjywxJe-7Dd3hyMLNhToy5t7_AGwv0KtioPeXhBsLC-EJjeULsEXBWQEdscTDibaVcOEkPCxjXk9ltaszMjnK2QGugwDGa3BHErdYlg0C3QDKuM5805rW7297tkFFB7t7BlL2hVDKgcVSRbFp7KsaOwAvG2bwI1Y4T7wsWyUvoitkbndyaN7k4FMimhUGtqEutYji23wAlkTQh8TrmtVQZ-pWvGuE4vfYM5qr270AKedW3uwaeDH9GVZKVzOHPmJL7cQACszIzCMLfQ0e95mbSRfHatVv77h21x7fpyr_P5QCDHHCQQmmlWC_ffK4v7kH2csx-P9fYvSE9Bm8vaL4BwkpLNKK0v0bDkDKQ0FJVNpTspING0orbsctM1lcia0B5SjGN-g187iloGWjHdBOBu81twVmHaiO9wX4dZS9NydKCkpNZUgXEhWcNJ8B195oRjeZyseF-JLyFq2WyDfKwZsBQfokN067A18sSES0fI_KsOhjRxG7wQbpW6SrCI65yw_nZxq0LZmhiA4cZBFOxdzbm4KYqhU_GP97ttCbl89-vNpPavoqvgUXFP81QPgKeixJfZcnyD6NeJUQyFOusH1MDVbeJaNGxOeJ__1zqk_f_BR-0r6EM08F2Sw0bIv8PexnpMadW6kIo-A_O7wEefHhMyl0kx8sg-_YHb0LBA_KLHC95nBKTJ_MrPNeJFAL7HOt8udaM3tIE_MiVC8t2O_xcsmCc_aLiFx9p6XcaXZ4aeG7got3Ms8PxL82cv9UbfigkTnTYUi2YJ2WxG6ZiAOM_-LJKkychJ0PQNkT4o3jlpVpba4PgbDXDcrWqTalI33deqSbRIIfIl6y7YYU1gptsNChFqhiK_RdRdSuxDoncXyokgR1vYn1Pbs-HYq-eOdzqCy-xIJlgfFiUHnDxkkdLHKcsf6y1_vZ8WLXW54VCb_ZuMf6coDPyNLfXSNWRTmlrMV1aAn65MJ-ttQfxk6vJl7ReHoQj0QJbvPuyk0tpDAqU8w9sqQdsX1Z_zsBQFcBcZ-gac8VBUQqJiOQ8q1oQBihRwRKSPB9Ynzlf5nCelrz0ha3kL0BJebSYkowWfrg9KsXetNe24zuxnxJxJNsT2ER4b4nbg5WrSR6uwc9MfVWXAiZan00bjvoh5lrP4re9j8EBKf6e0rOLd7n1--e17y5DE0LcRXnyWJbUII-zULmqws6bbWXsgcULMBEjdhoADinzoBkJ48y9byk45FsyfU_iNEWEADgAxvvZJeXn4NsjeALBd6uewU9Woj9SFVP843qP7O3M4qrTd5a9zr_JVR2k2MkWiS8pufnwUrulIKxDR_fd9ZAk01LNx1bErwwEgSPO-6VdedFqaYLtYH05eD_jMODaZ37KsGbk7YM3vDps8p7oDOtFYOImHWEqMJps8kcj-aVUOiteFlJsuoNP12W3MF7dKLOdtCwSv_2NfmUE1efjZPXDFKEDDwI6QBjzru7s4IA6U3ae7X7_hzv9SqVviv9_aMfuEEv_Zw0CiKiwysSCE328ffd9RpWt5QQBuAUbGWrlL_WEZRERWLLhOPmeMnQWOt0o1bOVK8vNZ-nPjis-NkJgsGVElcHtAzwqdbGviuO6QGy0L9A7NuJXw1YQijV4CwkvoSbTaWhgxYWNTAMgIda9uo7n0x7S_q-MBTl-HySyNtMU6-hlEfuedSNQ2PS-LpR14doJm2wd42717lqgontyHs3zgdzCQhJ_WAxElwE3VI8K0oj6KMbXRLfLVduHDyeGxYEdEf-Ajf406RRb23ZeDedbcMBuFEG8Hq-76OoBYmozTMiVKskxf1yKltvh22fbllRpRH1pNZvquY2_K1SWQ3yfGtvFkuathSVLrjpdzBxT_42lk2pJMVzPIPOeOPaRyNpTh8bZotu3mCOMOEI7GEBDJPWvz4GfJ4Agbq7MxasHEFBKTtd-iuUMoTmc9Us0gRzRKDo5ktHanf9aVXOPOQ1M1rVG_wzdqeFlOeIGAy-2KWZaosFgRCX5F2a8lT2patpK7YXD8m0nShF5WBSj8JckFwgvDeBURH1JJEPispDINEzILIFz-5ukDMfDagsf3pqp7BinGWqGiHAhf7xKYdyEa_4ui77LdK__TNc4vGLFFDhxjAyNDuZuPkypgCnK1z-meiyJc4jM-lAeh3-EGGrqnzTnowHocHBM6IdM5g2fEkUC0F3weAaKip1d9PIhUk1NcNeI8dFdX4RfC4XfOD5ClXpqo5dLHu__iAE-Kpem9HzlvFpPG8o26uHIkMQCjOS1PCp0vyLQGc5GyPQZ6CF4d4j3uEsoDeIcqhz9Qbj-a55RUyRRgBagsokfvHLGppw863qNTSEZiHcT-rKcHZvA_V0OVc9jgudt4Uu0IR0Sw7d2nRv_qEU7-PIgnAGw4WPGoIUplZxpEUTyELBp4ZuxsjwqINNLKwvNthnnonMY7bo0NLrsBBhWIsW8R-SbBL7JGbpcP7XVA_qjKDHD5KhSFAxvd0ZLNnXzhj5zgeyBF8fW4osGAkJj3W2EZcTjhR4RLjZP2M859bTw&cid=CAASEuRotD8VG_tykkfPaoMl8RJ5ow&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:07:34 GMT content-encoding gzip x-content-type-options nosniff age 1966 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3128 x-xss-protection 0 server cafe etag 3658073882064373855 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:07:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 6865	23 KB 9 KB	14ms 13ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGOTV_fz5OLyJE8W387kJ-mz5RCaUUd07rEWdjhKhbtfRzO59NYYqPZcaK6y0o1B206e7MFBYx-PNBB5bpWi8ku0a-yGh1r6KbShPJkZMgpWk-xssgBbfxbYcA_Gi64SCbXR5dPnpWHNk5nXXrSSokkLLfEA&dbm_d=AKAmf-AJn6EC9OII4l5TiL-iD3H4Zp6LtqmaIp-DXR8I1Wiu6AgaQWE3dAuGM0eXHw1eMSj34_FbKGBItOXPhO7SfX5oaeFcx_GfJfT4hH0E99po3nDbIPbYy4pavMvSx55IiHth14rC5dejRZTvNAsjoak6CUJAcJd6gZRhDp59FT2PIZPXkm5mQq1WwHd3viK8Bp15za8uVxFh183c3bW85D1U6zdi8-IAqQll1_yummKINGpBehNuagNj81YG7_RC4qJd3lV1ixu8N6ob9ABK1uTHjW0a3BoRVkGRyS95o43UcmFmrqlHEs627A69cJlZRuLLUnisD5xgGTEWa8ZmbUH9RCNcInN16PRC9Dl3vnj81-7aRRc0jplgvX1SxvT07JT3uOQkec78yKos091X4tSqlmy6rkCi_AUuWPcfDqEB5w6NMa-hqv5mwvxnCSKngKWiAx83bT59c0NK8PYM7hY8ItmytvsphSPIS0IUcjywxJe-7Dd3hyMLNhToy5t7_AGwv0KtioPeXhBsLC-EJjeULsEXBWQEdscTDibaVcOEkPCxjXk9ltaszMjnK2QGugwDGa3BHErdYlg0C3QDKuM5805rW7297tkFFB7t7BlL2hVDKgcVSRbFp7KsaOwAvG2bwI1Y4T7wsWyUvoitkbndyaN7k4FMimhUGtqEutYji23wAlkTQh8TrmtVQZ-pWvGuE4vfYM5qr270AKedW3uwaeDH9GVZKVzOHPmJL7cQACszIzCMLfQ0e95mbSRfHatVv77h21x7fpyr_P5QCDHHCQQmmlWC_ffK4v7kH2csx-P9fYvSE9Bm8vaL4BwkpLNKK0v0bDkDKQ0FJVNpTspING0orbsctM1lcia0B5SjGN-g187iloGWjHdBOBu81twVmHaiO9wX4dZS9NydKCkpNZUgXEhWcNJ8B195oRjeZyseF-JLyFq2WyDfKwZsBQfokN067A18sSES0fI_KsOhjRxG7wQbpW6SrCI65yw_nZxq0LZmhiA4cZBFOxdzbm4KYqhU_GP97ttCbl89-vNpPavoqvgUXFP81QPgKeixJfZcnyD6NeJUQyFOusH1MDVbeJaNGxOeJ__1zqk_f_BR-0r6EM08F2Sw0bIv8PexnpMadW6kIo-A_O7wEefHhMyl0kx8sg-_YHb0LBA_KLHC95nBKTJ_MrPNeJFAL7HOt8udaM3tIE_MiVC8t2O_xcsmCc_aLiFx9p6XcaXZ4aeG7got3Ms8PxL82cv9UbfigkTnTYUi2YJ2WxG6ZiAOM_-LJKkychJ0PQNkT4o3jlpVpba4PgbDXDcrWqTalI33deqSbRIIfIl6y7YYU1gptsNChFqhiK_RdRdSuxDoncXyokgR1vYn1Pbs-HYq-eOdzqCy-xIJlgfFiUHnDxkkdLHKcsf6y1_vZ8WLXW54VCb_ZuMf6coDPyNLfXSNWRTmlrMV1aAn65MJ-ttQfxk6vJl7ReHoQj0QJbvPuyk0tpDAqU8w9sqQdsX1Z_zsBQFcBcZ-gac8VBUQqJiOQ8q1oQBihRwRKSPB9Ynzlf5nCelrz0ha3kL0BJebSYkowWfrg9KsXetNe24zuxnxJxJNsT2ER4b4nbg5WrSR6uwc9MfVWXAiZan00bjvoh5lrP4re9j8EBKf6e0rOLd7n1--e17y5DE0LcRXnyWJbUII-zULmqws6bbWXsgcULMBEjdhoADinzoBkJ48y9byk45FsyfU_iNEWEADgAxvvZJeXn4NsjeALBd6uewU9Woj9SFVP843qP7O3M4qrTd5a9zr_JVR2k2MkWiS8pufnwUrulIKxDR_fd9ZAk01LNx1bErwwEgSPO-6VdedFqaYLtYH05eD_jMODaZ37KsGbk7YM3vDps8p7oDOtFYOImHWEqMJps8kcj-aVUOiteFlJsuoNP12W3MF7dKLOdtCwSv_2NfmUE1efjZPXDFKEDDwI6QBjzru7s4IA6U3ae7X7_hzv9SqVviv9_aMfuEEv_Zw0CiKiwysSCE328ffd9RpWt5QQBuAUbGWrlL_WEZRERWLLhOPmeMnQWOt0o1bOVK8vNZ-nPjis-NkJgsGVElcHtAzwqdbGviuO6QGy0L9A7NuJXw1YQijV4CwkvoSbTaWhgxYWNTAMgIda9uo7n0x7S_q-MBTl-HySyNtMU6-hlEfuedSNQ2PS-LpR14doJm2wd42717lqgontyHs3zgdzCQhJ_WAxElwE3VI8K0oj6KMbXRLfLVduHDyeGxYEdEf-Ajf406RRb23ZeDedbcMBuFEG8Hq-76OoBYmozTMiVKskxf1yKltvh22fbllRpRH1pNZvquY2_K1SWQ3yfGtvFkuathSVLrjpdzBxT_42lk2pJMVzPIPOeOPaRyNpTh8bZotu3mCOMOEI7GEBDJPWvz4GfJ4Agbq7MxasHEFBKTtd-iuUMoTmc9Us0gRzRKDo5ktHanf9aVXOPOQ1M1rVG_wzdqeFlOeIGAy-2KWZaosFgRCX5F2a8lT2patpK7YXD8m0nShF5WBSj8JckFwgvDeBURH1JJEPispDINEzILIFz-5ukDMfDagsf3pqp7BinGWqGiHAhf7xKYdyEa_4ui77LdK__TNc4vGLFFDhxjAyNDuZuPkypgCnK1z-meiyJc4jM-lAeh3-EGGrqnzTnowHocHBM6IdM5g2fEkUC0F3weAaKip1d9PIhUk1NcNeI8dFdX4RfC4XfOD5ClXpqo5dLHu__iAE-Kpem9HzlvFpPG8o26uHIkMQCjOS1PCp0vyLQGc5GyPQZ6CF4d4j3uEsoDeIcqhz9Qbj-a55RUyRRgBagsokfvHLGppw863qNTSEZiHcT-rKcHZvA_V0OVc9jgudt4Uu0IR0Sw7d2nRv_qEU7-PIgnAGw4WPGoIUplZxpEUTyELBp4ZuxsjwqINNLKwvNthnnonMY7bo0NLrsBBhWIsW8R-SbBL7JGbpcP7XVA_qjKDHD5KhSFAxvd0ZLNnXzhj5zgeyBF8fW4osGAkJj3W2EZcTjhR4RLjZP2M859bTw&cid=CAASEuRotD8VG_tykkfPaoMl8RJ5ow&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:00:27 GMT content-encoding gzip x-content-type-options nosniff age 2393 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9298 x-xss-protection 0 server cafe etag 5575107075035495308 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:00:27 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 0768	41 KB 15 KB	50ms 20ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 13:42:01 GMT content-encoding gzip x-content-type-options nosniff age 215899 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 21 Oct 2022 13:42:01 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 471E	1 KB 749 B	16ms 16ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sat, 23 Oct 2021 08:58:57 GMT expires Sun, 24 Oct 2021 08:58:57 GMT content-type text/html; charset=ISO-8859-1 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60083 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET DATA	200 OK	truncated / Frame 0768	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dd46b81de39a3a49bd8795d15a4bbd0fe87542e48e61e60e855598e142b00fcf Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/769474/57793853/ Frame BAAC	46 KB 13 KB	174ms 57ms	Script application/javascript	52.30.120.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/769474/57793853/skeleton.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.120.14 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-120-14.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 102c3dade8faa6d51f89c2d0e1f7347b7c0d0c5ba8650035ca24fdbff161b1bf Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-server-name app06.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame BAAC	169 KB 59 KB	109ms 109ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 11:16:35 GMT content-encoding gzip x-content-type-options nosniff age 51825 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 60173 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 11:16:35 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame BAAC	8 KB 3 KB	19ms 18ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7vsbpiFDg-23zz_BBpVDvnnZEurFAWRyJ7rLjI34mnGWOIcCYAyhUwcLIPyh2gjjZVtNRCc_VNRHWCsB5GkM4GyWY8feafeucK6gyt26K1V5afWcytfxYuDNsWTLDDe3WpTACEzpq7UEZhoqSHkTpz2WsrQ&dbm_d=AKAmf-A92E0l5JRefJ7AAI0GBHX166JwTIPNfs-l29kxpJiETp6g6jxMCLZ1mnAxsNslRGEDfsgPSM6_XihHYYvPekAkV1VewODG2I9SeDOtjd9CBq7_C82MxlBeerfv2aTB4JaXYfj0MVeohuZeqbhOewqcYnZlfIOlFc7MAgtS1iJEszBt81i2UCvNX6EHTv2vxV3pB5Yy4TOATCavTYnh2l2h2yzmkWCVkLoidhwabE6s9vEj--EhuGg_C4_qDX1x2WFaByjKde3IwwfYw5HV2I8gsy-QH8ua7Em51FwuhHNqfpnYom8lXX4zSMAb27F6REewrvzAQYx8ip-PFF0iWe_J3ghPc9mVpzvrrZ-ndSIMlBCC8srtcwwZwrR4yv7xyEehPT5-eXlVOfobwRpCZgq8T9wohRsdWYo9q8Qddp4QySuVkM6U_g-nyhaqS3mV5ZzIMn3WqE18s8R3O-vjPWNdUPtdaTsQXuuWxhG3lVmxPraF-DEad3FDR9xFXaFSrZZQyE7Jm9pAsJGkYntVgErxJ2ulmiEUIW4m9pYpX7e8GTOBhzXP32Qlrb_5oPpzqBzmpNohIf1IR5YxyMJQq6ySCn924lvk3gUyUr1wsqRTFJBSq6oSykaI6vl420QKNJdmRbR1J40Sja-h-FuGsOMxg2IUqBZpa9DDXTmt_3vsLb1oCFXM36ZlUnQ78GqkEiSwP58uu8qJWWhaqV4R6bFZjTXawvB_yefPtC-UTjjEILap7_rSSxF9zP0gDpUz4bqSNz67rV80LG9-Uq4C39tsRpatrXYs2B6Em1GlBCmPNaeuSY_UD1MW0E3BZCuyczPTfa61kkMN4czrlEvBmgZWHy5Mk4OXCV_wPUHzmv377UVHPIrPxi1HfMYjYlpuV8PKepo61_SQ894eaArl_OGnjMeVJS769fsIZ0YouEqOiVoSNacL5r0mhK24AyOveWRuq6KWWu4Fob4fWcGHtPROgxG5nYMjxYku-jv9uPOy7xoNhh1fWD9LDPCJJ_Yvq_2Mz7Fg38uXyzcubIGQIZnQ40h9WxNgrPW72PaczvO1CivPOddo9jGGZQnBu-CIkEciURdi2PtC-w2rG4hIO8d6p9PvU5xm4U-cCgN4B1jF-w2Rcjqm8wWr3hjC-CWX33SvOCjWfBKX1mxaBahKUl1m4sErDwiCZ-elXbvUVU2KSBqvxK0x4YYBVgMOiiHrrlqn3K7-XCdXuV0rnhmw6V9Nu4D9SizEU5GCRKaqEIkifRG5YMapDW_kA_1rXwUAtzE-k2dBxG78JVlYmugurukauw6ZrUMUfATmiPabQAoGx4pkqBc_uar4muvOw4OKisM-Zbc1_JYradQOyhIR1fqhm9f509s4foJXafyLg11ZY1h52HA15E9Ek-s-orAwaHuhT6a2N9c00XToeM-UNo8u3c3I4XeHon1MmSDU42blsGac6n8ybQe8sXnLa1ppE9DDPBuTagrt9WktUiD3AK_pXm5IUOcztaQwtRIRERb-NM98LeGvEWdfUQsNZf0H9og3vg5M2umem6k4UYDLKM3290ofvilsTlxdRMwuo6rRYzBCpRd_ip-2W8f1E-neJm9u6f7MOysF5WK09-oxUurzqpJUiW5Cy8I8NmwXCBXzWUigPl3FeF8plzrbhA4wPiK0BnqpYyLbpTPy-UjhixJeDFyTulWU_uTrom-8ZfDllnW7Q6nV1oUNCr3J7oztfkECjj2-iWFgL8LHxEj_R3bMY-eAdUcmULISHRYZLb2eCMCj4bxaLnQQbYnHNld0LyFOWy29LWCFjRKvc4Kt_ZC5k1qEb3fpeSc0R-cQAYDxdjxjDD04sIQuPDzWIHSAslZ_6R5bBflFMvSFI6kL3ky0c21rMWKNZ3w0z33T6Yqqh1A2F25sWJNq2EsG2lDQ6a3juVxfZ1xyXWoHvq3uAaTS0GpRUTrgjiRVtLxtTOOnIiS6IlZn2d454vbGu0SBY6uza1J36k2IqFkEoAHa3sNUcG_Z4xevs00v2qwXF1HkyLPgSp9X2TsZP0rg3y4bXtskAAnWouqGehxS2tI8eNRVfyOZI9Qti_ewBJu1S-HdN22BOq0qSMXV5tK8qW95U2NIoOFcyXjDxfbqL4QhTn7rwBWoKdlwzj-q4M6PjOr0qR1dbSml9oU6p6E3ZJJ70-QbfUJbvdqj2JVImQap4ENs8Gg7NN6E_VxeiXZZLG3r0yh1y-E0vcLD17F_SKw-q6VQkjMwxzv80DJkiR-gWScZqvxjVeDCsLphDb9-K5_Zh136oHFxk6H5VEHt0CMXxJEf9DdrIV2KiD8HG47r7xaaRlWogtnO2Ic-eVPs8ogiJw0aIBNRtB9TrxM5u8NUZPlzOxUkiBw2a0IDIXS4UzSJ7X2_31v8D3oOCz6_ZdAD5Ml46Sq6dyXVOyCa4RmeJ7bYTv6VXIe4B4NDWOat3wyqWm3AGjLXqUy6AjAkb9wPf78AaHRBuUr2KI0PV5n2HMOF4Mg9rLbh29YzsipsBEjnb41o_np8cXNYsFtdRqc-jY4YF7alhUkZ_8kc7tvv3q9aWLqdnEdKMClGbB1ORxskB4Jimc-w4AwEQsNcRZDxBLn0qbCCmqbo9ZNA59YnPgoawue7dlTMY4eWIixYja5MLByf-_eoId2stXXkMlmFdT1p3LWlIi3xq3gHASNlQ5AWYb2ulWBfFDJpiXDLc3YoFwLuNbwVlPSs3UzQx0w2Q-KjROTzK9LuiQp5ixmEoYiKCxuHtmB-CPsMIq6nq5G8Gsbsm-kjTiG2CJ8I6AVb0QgwAKDaw018TfciMSXyXhzkb3L0aclCzMSD4m3z86YXMUqKwHg8VFJc6VXhiURG3kxCBpPt90h_m4pEyVrCHFCMBzsJB1-0VaXNCWs6TrxROzvmUuDODbosmAdcJStAttPNy3TFXWFblx2DNFAxVjhDIJR9sGv-zLrFJo8rJ5JSeWxh71zVVYXKwWR90N4Ui-Y6bVMv8MEDxfBqbg0R7y0QJBkfclZAKywfDceTP7_Yo-4nIg&cid=CAASEuRopBtsYiIICHIkSDP5P0ACyw&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:07:34 GMT content-encoding gzip x-content-type-options nosniff age 1966 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 3128 x-xss-protection 0 server cafe etag 3658073882064373855 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:07:34 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame BAAC	23 KB 9 KB	16ms 16ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7vsbpiFDg-23zz_BBpVDvnnZEurFAWRyJ7rLjI34mnGWOIcCYAyhUwcLIPyh2gjjZVtNRCc_VNRHWCsB5GkM4GyWY8feafeucK6gyt26K1V5afWcytfxYuDNsWTLDDe3WpTACEzpq7UEZhoqSHkTpz2WsrQ&dbm_d=AKAmf-A92E0l5JRefJ7AAI0GBHX166JwTIPNfs-l29kxpJiETp6g6jxMCLZ1mnAxsNslRGEDfsgPSM6_XihHYYvPekAkV1VewODG2I9SeDOtjd9CBq7_C82MxlBeerfv2aTB4JaXYfj0MVeohuZeqbhOewqcYnZlfIOlFc7MAgtS1iJEszBt81i2UCvNX6EHTv2vxV3pB5Yy4TOATCavTYnh2l2h2yzmkWCVkLoidhwabE6s9vEj--EhuGg_C4_qDX1x2WFaByjKde3IwwfYw5HV2I8gsy-QH8ua7Em51FwuhHNqfpnYom8lXX4zSMAb27F6REewrvzAQYx8ip-PFF0iWe_J3ghPc9mVpzvrrZ-ndSIMlBCC8srtcwwZwrR4yv7xyEehPT5-eXlVOfobwRpCZgq8T9wohRsdWYo9q8Qddp4QySuVkM6U_g-nyhaqS3mV5ZzIMn3WqE18s8R3O-vjPWNdUPtdaTsQXuuWxhG3lVmxPraF-DEad3FDR9xFXaFSrZZQyE7Jm9pAsJGkYntVgErxJ2ulmiEUIW4m9pYpX7e8GTOBhzXP32Qlrb_5oPpzqBzmpNohIf1IR5YxyMJQq6ySCn924lvk3gUyUr1wsqRTFJBSq6oSykaI6vl420QKNJdmRbR1J40Sja-h-FuGsOMxg2IUqBZpa9DDXTmt_3vsLb1oCFXM36ZlUnQ78GqkEiSwP58uu8qJWWhaqV4R6bFZjTXawvB_yefPtC-UTjjEILap7_rSSxF9zP0gDpUz4bqSNz67rV80LG9-Uq4C39tsRpatrXYs2B6Em1GlBCmPNaeuSY_UD1MW0E3BZCuyczPTfa61kkMN4czrlEvBmgZWHy5Mk4OXCV_wPUHzmv377UVHPIrPxi1HfMYjYlpuV8PKepo61_SQ894eaArl_OGnjMeVJS769fsIZ0YouEqOiVoSNacL5r0mhK24AyOveWRuq6KWWu4Fob4fWcGHtPROgxG5nYMjxYku-jv9uPOy7xoNhh1fWD9LDPCJJ_Yvq_2Mz7Fg38uXyzcubIGQIZnQ40h9WxNgrPW72PaczvO1CivPOddo9jGGZQnBu-CIkEciURdi2PtC-w2rG4hIO8d6p9PvU5xm4U-cCgN4B1jF-w2Rcjqm8wWr3hjC-CWX33SvOCjWfBKX1mxaBahKUl1m4sErDwiCZ-elXbvUVU2KSBqvxK0x4YYBVgMOiiHrrlqn3K7-XCdXuV0rnhmw6V9Nu4D9SizEU5GCRKaqEIkifRG5YMapDW_kA_1rXwUAtzE-k2dBxG78JVlYmugurukauw6ZrUMUfATmiPabQAoGx4pkqBc_uar4muvOw4OKisM-Zbc1_JYradQOyhIR1fqhm9f509s4foJXafyLg11ZY1h52HA15E9Ek-s-orAwaHuhT6a2N9c00XToeM-UNo8u3c3I4XeHon1MmSDU42blsGac6n8ybQe8sXnLa1ppE9DDPBuTagrt9WktUiD3AK_pXm5IUOcztaQwtRIRERb-NM98LeGvEWdfUQsNZf0H9og3vg5M2umem6k4UYDLKM3290ofvilsTlxdRMwuo6rRYzBCpRd_ip-2W8f1E-neJm9u6f7MOysF5WK09-oxUurzqpJUiW5Cy8I8NmwXCBXzWUigPl3FeF8plzrbhA4wPiK0BnqpYyLbpTPy-UjhixJeDFyTulWU_uTrom-8ZfDllnW7Q6nV1oUNCr3J7oztfkECjj2-iWFgL8LHxEj_R3bMY-eAdUcmULISHRYZLb2eCMCj4bxaLnQQbYnHNld0LyFOWy29LWCFjRKvc4Kt_ZC5k1qEb3fpeSc0R-cQAYDxdjxjDD04sIQuPDzWIHSAslZ_6R5bBflFMvSFI6kL3ky0c21rMWKNZ3w0z33T6Yqqh1A2F25sWJNq2EsG2lDQ6a3juVxfZ1xyXWoHvq3uAaTS0GpRUTrgjiRVtLxtTOOnIiS6IlZn2d454vbGu0SBY6uza1J36k2IqFkEoAHa3sNUcG_Z4xevs00v2qwXF1HkyLPgSp9X2TsZP0rg3y4bXtskAAnWouqGehxS2tI8eNRVfyOZI9Qti_ewBJu1S-HdN22BOq0qSMXV5tK8qW95U2NIoOFcyXjDxfbqL4QhTn7rwBWoKdlwzj-q4M6PjOr0qR1dbSml9oU6p6E3ZJJ70-QbfUJbvdqj2JVImQap4ENs8Gg7NN6E_VxeiXZZLG3r0yh1y-E0vcLD17F_SKw-q6VQkjMwxzv80DJkiR-gWScZqvxjVeDCsLphDb9-K5_Zh136oHFxk6H5VEHt0CMXxJEf9DdrIV2KiD8HG47r7xaaRlWogtnO2Ic-eVPs8ogiJw0aIBNRtB9TrxM5u8NUZPlzOxUkiBw2a0IDIXS4UzSJ7X2_31v8D3oOCz6_ZdAD5Ml46Sq6dyXVOyCa4RmeJ7bYTv6VXIe4B4NDWOat3wyqWm3AGjLXqUy6AjAkb9wPf78AaHRBuUr2KI0PV5n2HMOF4Mg9rLbh29YzsipsBEjnb41o_np8cXNYsFtdRqc-jY4YF7alhUkZ_8kc7tvv3q9aWLqdnEdKMClGbB1ORxskB4Jimc-w4AwEQsNcRZDxBLn0qbCCmqbo9ZNA59YnPgoawue7dlTMY4eWIixYja5MLByf-_eoId2stXXkMlmFdT1p3LWlIi3xq3gHASNlQ5AWYb2ulWBfFDJpiXDLc3YoFwLuNbwVlPSs3UzQx0w2Q-KjROTzK9LuiQp5ixmEoYiKCxuHtmB-CPsMIq6nq5G8Gsbsm-kjTiG2CJ8I6AVb0QgwAKDaw018TfciMSXyXhzkb3L0aclCzMSD4m3z86YXMUqKwHg8VFJc6VXhiURG3kxCBpPt90h_m4pEyVrCHFCMBzsJB1-0VaXNCWs6TrxROzvmUuDODbosmAdcJStAttPNy3TFXWFblx2DNFAxVjhDIJR9sGv-zLrFJo8rJ5JSeWxh71zVVYXKwWR90N4Ui-Y6bVMv8MEDxfBqbg0R7y0QJBkfclZAKywfDceTP7_Yo-4nIg&cid=CAASEuRopBtsYiIICHIkSDP5P0ACyw&rfl=2%2Chttp%253A%252F%252Ffatorrrh.com.br%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:00:27 GMT content-encoding gzip x-content-type-options nosniff age 2393 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9298 x-xss-protection 0 server cafe etag 5575107075035495308 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Nov 2021 01:00:27 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6865	41 KB 15 KB	35ms 34ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 13:42:01 GMT content-encoding gzip x-content-type-options nosniff age 215899 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 21 Oct 2022 13:42:01 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 2720	1 KB 749 B	23ms 23ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sat, 23 Oct 2021 08:58:57 GMT expires Sun, 24 Oct 2021 08:58:57 GMT content-type text/html; charset=ISO-8859-1 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60083 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET DATA	200 OK	truncated / Frame 6865	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 09c1c165d55c536b917ac0254e9690ed435627a777a5c5083830fce7a42416d9 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 3510	22 KB 8 KB	37ms 37ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Fri, 22 Oct 2021 10:57:28 GMT expires Sat, 22 Oct 2022 10:57:28 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 139372 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame BAAC	41 KB 15 KB	35ms 33ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 21 Oct 2021 13:42:01 GMT content-encoding gzip x-content-type-options nosniff age 215899 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Fri, 21 Oct 2022 13:42:01 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FEDF	1 KB 749 B	31ms 30ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Sat, 23 Oct 2021 08:58:57 GMT expires Sun, 24 Oct 2021 08:58:57 GMT content-type text/html; charset=ISO-8859-1 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 60083 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET DATA	200 OK	truncated / Frame BAAC	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5be58b97faec8009a7d44e0581ec4710b2e394aedff49c54869845ac1cb5bba3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 471E	35 B 463 B	58ms 9ms	Image image/gif	91.228.74.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELcNDDVtU3avuYSBNEEF4M&google_cver=1&google_push=AYg5qPIBWJZyD0-zlJOo8GlqQAhhE_afyCAINDNXM1Ov6kWMjQ9zxMvEbnzT9-EUahj54yzNDaNy0SnjuLVolNL0qaWWb69cYKfE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 471E Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmO... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFCYmd2NUVUSw&google_push=AYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmONHX9ie3bNoojwHzE7Zlaxyb0XO0g0Fp6Gl6S_3KvivnY_wIjZ4QZxTlkM	170 B 188 B	30ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFCYmd2NUVUSw&google_push=AYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmONHX9ie3bNoojwHzE7Zlaxyb0XO0g0Fp6Gl6S_3KvivnY_wIjZ4QZxTlkM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFCYmd2NUVUSw&google_push=AYg5qPJCPIiEiuZZvpecj0Rp5CQs0Uh8sqO7ROJoEmONHX9ie3bNoojwHzE7Zlaxyb0XO0g0Fp6Gl6S_3KvivnY_wIjZ4QZxTlkM Date Sun, 24 Oct 2021 01:40:20 GMT Server Apache Connection keep-alive Content-Length 391 Content-Type text/html; charset=iso-8859-1
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 471E	43 B 608 B	76ms 26ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPTurOpryr2AhKnoTAGjEBg&google_push=AYg5qPKoKlpsD7rQftkT5EoPF46ziCktAW6zFGusc8V9URJGBjV0z-uhJf_lnzqGj5iT9swhWfaVwarqz9Y0Y-ZwZ5gxQRkryfE-&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 , United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 471E Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2 https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2&google_hm=rUVc1zb2x90AOiRJk8yquQ==	170 B 188 B	30ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2&google_hm=rUVc1zb2x90AOiRJk8yquQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLAlJ0-HwUV11qrClgX2-fkYns6vVtv7lOo8Jfd093CSlncPoiydVfWyetuoN-snRlqemvfBiPe_pUZHk6w0rwcwsi8vmy2&google_hm=rUVc1zb2x90AOiRJk8yquQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id e3mrvi2efg1iiakcvgpr430tkv2h4luk
GET H3	200	pixel cm.g.doubleclick.net/ Frame 471E Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DUTFgojyTRiQi2tUyFnC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	32ms 31ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DUTFgojyTRiQi2tUyFnC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdAe-zd6trZU0iz0DvdcnrJ0ce8QtR6b2peCee0tIWoUQ28o8M3Rm_88HK33pxE9d-3TO3NDEbn9yQQ0KzI8jn9Gk2cMJF Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DUTFgojyTRiQi2tUyFnC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJdAe-zd6trZU0iz0DvdcnrJ0ce8QtR6b2peCee0tIWoUQ28o8M3Rm_88HK33pxE9d-3TO3NDEbn9yQQ0KzI8jn9Gk2cMJF date Sun, 24 Oct 2021 01:40:18 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 471E Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFj... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ04tMjctR0hHQw==&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFjp2TTguMxI_sG3mlWY1Y2MKTJg	170 B 188 B	31ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ04tMjctR0hHQw==&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFjp2TTguMxI_sG3mlWY1Y2MKTJg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ04tMjctR0hHQw==&google_push=AYg5qPJZH3_a-jDOuJBxC9jUPvWVr4bk713VqBlu5ZvWNWQwRyS9nmKZY79Hz7sCR1OAD3p5WFjp2TTguMxI_sG3mlWY1Y2MKTJg Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 471E Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nv...	0 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 471E	0 12 B	41ms 39ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3sPIN_PmTnrUH58ZyOnNvi9k1UKZQuufwWC_YJbYKox1ZAM3HqmlIP539goGOqlyRThEP Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5AB2	22 KB 8 KB	32ms 32ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Fri, 22 Oct 2021 10:57:28 GMT expires Sat, 22 Oct 2022 10:57:28 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 139372 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	78 KB 21 KB	63ms 32ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 5b54e07cd55fa2cc3803bdffff6b3ce04466c4805b120e7231b0e3b76973516f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 21251 date Sun, 24 Oct 2021 01:40:20 GMT expires Mon, 25 Oct 2021 01:40:20 GMT cache-control public, max-age=86400 last-modified Mon, 18 Oct 2021 09:03:28 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 0768	0 542 B	123ms 66ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstt18fYbU4IOd4oHhOEUqniGg4NyfO6sihXLGW8oS0o0LlssXOxbQzdVzvBjqZPYtJ4t3XvzRWqa7mYCdiYVrAntKhbQG2h3Cg4hLtVLqgDzgj8luGfIZ6bsgwkzznDqUEAV8F4qNU-dDySaodo2LMOb4VZYWYGlElsM5gs3s0Vzvq3rK06MYmso5ijo5-9JZQ5mP0BbR6yZ6TH-Z732ZRwMg0Joyyyb8fC-uNPHkZq9oJPLN6RwSvrnm3_eWGbMBuEwtUA5r-yetXvdkRiFfrFT3-YtSdNrBAHNj97jGZWBjt1aegwSlbWuI1M53RVXKHaNo6yIaIX1VC3v-ubNMoUg2_XGHYg0GdaCEvHghefkT6wIps2SiD_Qc3sdlRoPYLDxwz90dv3SuLaJvrt_bt18Gqw_-2ZTJwqk5XQGfgIsNGjsyeK6hTN3wRytb9DyoPOjSPSn2aRCaqwnRyMCY1hB3Mv54WJZnJYhkVeJ6xPhiHoKHw9VYdvqQ4ye8D8A2M9eLGikOpRJGykLXfYhY-3_-gJApCSTDstArKWj7QVcNtjOVfAyfc_P5WzoigYia6jvhmuFxh49III0lyHyq4x_XkAaKVDHXWh87kMuG8S9YMZtJ8xj8aDohOmMci-6edq-2uaftzEm5T8G33hyc7KxpeFQMfQkm4lKX7p2naC6DP-5Rs9ggeDDdhWBwMIeyICQCIAxO9pw2EJbfUVqrfYGEgKYroeJtp2xJ5a4ASHDL-FVLWQhlBqCLn5Rgkusl__i9u5eL7DgOA2i9JAdDKSpfAp1JJ6DTQKew2xsBTc2hld4c-9_LRykrHztKGYiObZKvAXnK_eP_viKW_6GwlCjXmIMXRq-gz0-JPVelhxiMUxLiXVlxHfmCCwr58YxhnpRCKdWh1LVPgjWCXLG6bCrkx842ckvc65IyP1WKSCkOMknNAR4z9XVzVNLvfTDX2y8SMTLMzpQKlTHwge3vrSEanRvoahHy471MgFki6gaWXhID4PYEq06LP7SSDghss4DyDfFmzg171O9yhy2I_j3OsNZm1iuLtnXtkzgFL619fAdJYVHwoJgPpm2ASIXZCMJ6azDpT8RK20oJQl7RKM7hc3tYW4TOjxsQWvFa4I8aAXmW431ykb_UieH2bmueY4oBpAQ7Dtkug2Lpf6-rQwJcHpFK3jSXEFBvFHqcPvWS_o2IkiJlW5Xf9TorAYCnuvN1pVVF2ksENwtt5Dc8DU7LkY-wvmQSEjORSW7RnfUzb03pba&sai=AMfl-YT1jE6-wZlS8mDftd8ug7yPZeRsPcVI5wel8oGoOIp1RVln-GDJFdkn-IriTTuURVoYxF4xldqKoFKBzGQLW-DmYp9S-paPc3ANE-7C9CKXjkHX1wsWyqgv9aMESc_wFyhbh0-2ghbvtp-NH8iUtUEDlWAvgA&sig=Cg0ArKJSzHM3se-faBK-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=192&cbvp=1&cstd=187&cisv=r20211020.22833&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Sun, 24 Oct 2021 01:40:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
GET H2	200	m secure-gg.imrworldwide.com/cgi-bin/ Frame 0768	0 297 B	148ms 31ms	Image text/plain	54.170.118.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn302965&cr=159718502&ce=N376801.279382DBMTP-MONCLER-INTA&pc=316874647&ci=nlsnci1777&am=1&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=3305629843&C78=G1,DCM&uoo=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1089913611&adf=2276419794&pi=t.aa~a.221074385~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=2&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0&nras=2&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=1239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=hbF4cOZH67&p=http%3A//fatorrrh.com.br&dtd=11 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.170.118.172 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-170-118-172.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server nginx access-control-allow-methods POST, OPTIONS p3p P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM" access-control-allow-origin * cache-control no-cache cross-origin-resource-policy cross-origin content-length 0 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 2720	35 B 464 B	25ms 9ms	Image image/gif	91.228.74.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELcNDDVtU3avuYSBNEEF4M&google_cver=1&google_push=AYg5qPJfcTeI9TGX6TfRwqVo9iU_e7xYhFABRmm4GBrL7zOICwvc99v0XpTbWStN_GfKGbndt93KP_LaRuZRv6lNk3_USUG07L0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwF... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBT29QRjBJbQ&google_push=AYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwFkPf5v0H3H4Jv3Yi5pFdu_WQBoHVVFnWCLkFSN7aq_7Ye4WVzZbNiKLXE	170 B 188 B	30ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBT29QRjBJbQ&google_push=AYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwFkPf5v0H3H4Jv3Yi5pFdu_WQBoHVVFnWCLkFSN7aq_7Ye4WVzZbNiKLXE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBT29QRjBJbQ&google_push=AYg5qPKfDyoswwWmmPtulv0XQFnJb7K9d4S-I7f6IwFkPf5v0H3H4Jv3Yi5pFdu_WQBoHVVFnWCLkFSN7aq_7Ye4WVzZbNiKLXE Date Sun, 24 Oct 2021 01:40:20 GMT Server Apache Connection keep-alive Content-Length 390 Content-Type text/html; charset=iso-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJABMpgTNbMVYPwpXlm5A0sEDo5OOxIrPnD-4a4dee1dRKKxfRe4cEbcFBWCLCGaHYXMJg7P07IHhjVLAWNtaZSqb18IE8W&google_gid=CAESEK-rRMHT5766ydono65fgmU&goo... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCITz0osGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKQUJNcGdUTmJNVllQd3BYbG01QTBzRURvNU9PeElyUG5ELTRhNGRlZTFkUktLeGZSZTRjRWJjRkJXQ0xDR2FIWVhNSmc3UDA3SUhoalZMQV... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwXzhMVFdtTThYWmxnWHp2OXZGQzNSbHluUjQ2eFJGMXZDMlJvM3AtZFBIUQ==&google_push	170 B 188 B	31ms 31ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwXzhMVFdtTThYWmxnWHp2OXZGQzNSbHluUjQ2eFJGMXZDMlJvM3AtZFBIUQ==&google_push Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 24 Oct 2021 01:40:20 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwXzhMVFdtTThYWmxnWHp2OXZGQzNSbHluUjQ2eFJGMXZDMlJvM3AtZFBIUQ==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM&google_hm=rUVc1zb2x90AOiRJk8yquQ==	170 B 188 B	31ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM&google_hm=rUVc1zb2x90AOiRJk8yquQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKlfharWGfjEk_xJ6ovVlgO-cQIVmEVaifjaUAsUkf90R4PzUTdK-ZFcLVuh5mfyFCxR3d10JkguBFFNlnELjn_rqj05BM&google_hm=rUVc1zb2x90AOiRJk8yquQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id kdrtepb3cmagl3uglg733qjtgjnda69s
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cStTYUQ_RhessBr-huiepw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	33ms 32ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cStTYUQ_RhessBr-huiepw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJO4bB_ZfbUIsjGX_z2rpZeAhg8vIsxxug46eU12Q85o4U11oOSR1VK8eoqfoNhLI2QSe8eunZj6FArP8R0_mF3Tue3pObr Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=cStTYUQ_RhessBr-huiepw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJO4bB_ZfbUIsjGX_z2rpZeAhg8vIsxxug46eU12Q85o4U11oOSR1VK8eoqfoNhLI2QSe8eunZj6FArP8R0_mF3Tue3pObr date Sun, 24 Oct 2021 01:40:18 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JY... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ1QtUS03QlFU&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JYDGqkZ9ra8HPZQ3qEMN9AvUWm0	170 B 188 B	31ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ1QtUS03QlFU&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JYDGqkZ9ra8HPZQ3qEMN9AvUWm0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIQ1QtUS03QlFU&google_push=AYg5qPKDMYy6a3tEFYH-UF4OBg0NQfqJlBMTvvBp7muFZcJgxO0SlmRr5y9izpIrBwIgbORd3JYDGqkZ9ra8HPZQ3qEMN9AvUWm0 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 2720 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEm...	0 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 2720	0 12 B	28ms 27ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iwze3E--SFCrr2r9sduY2-oM33h46rySmmRNxKbhwrD_Ub38bvq0NWofeIEle7pZOxF-C7 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 69A1	22 KB 8 KB	20ms 20ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Fri, 22 Oct 2021 10:57:28 GMT expires Sat, 22 Oct 2022 10:57:28 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 139372 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	78 KB 21 KB	42ms 33ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 5b54e07cd55fa2cc3803bdffff6b3ce04466c4805b120e7231b0e3b76973516f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 21251 date Sun, 24 Oct 2021 01:40:20 GMT expires Mon, 25 Oct 2021 01:40:20 GMT cache-control public, max-age=86400 last-modified Mon, 18 Oct 2021 09:03:28 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6865	0 61 B	102ms 66ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvymsVOFul0_CltUmgJ7quCMitK0kM92-Fff_nN7t1CLRQQhXpNZqr3GdIOf6IKEMPwwlhXw0WV_WMaC260XE1zbeDPFUtTw687i5zhw7KweHmgE_q26ucriYWZp2c7D2ZIh17-kw4YRpmqqX2rPrlb6mJR_4HOxQF02HLbIVmx7yHKhh_akWNiFB9mbpMqfAHSbFMNDydjDfk_8tMyG4T0yUwVVD9-RcAuDy07eIr5-2l0KjPDIMT3Tftvv3i58cPYHaMhp8ohoT0gDj5pNfzmPvlQ_AUAqzAsPtPNAx-V67NM0eFTZslnYr02j6McApqVdQhQdFKJnRKFmiMp0HDfXbvWaTzXhNx6vzGuZCLvyn7GpdCuBT0cbH3mI63A3OE66RM1yLdqLc4t8-EudHtPiQ9wKO9us4tQHseRd7KL_AZD3XtmRS2kHTfY5dKWfWbf2kBoGlt-sJY1c_gt_iip6fQQT_NKvNYzjbF288-tmbaDxYOnL7ixYrYdXSWpRTzq9eCg7Qm-wRDX5wjUsFRdgmwubMzcboxmINU-9b9PqXlSiK9EUKLlzy2BM2o0Y_t-zeSSqMjEVMju4HIcxbvX0JO3roRUZZglmNhOOSaZrM7MKMB4I47OCxNl581pLRd0rVmrISJSCaSqRC1H-4BQjfgd_EHotBLUetcDuAMUBNjn-oD-T7L_S54jH4674QRjW7GtJ81sD0EdqD3_N5TSeFDAkot32a23YF_sUAFiJQTgs70l6Y6B7264oVFE40Kvyg0wVETPOwC9sWFgG7vVzZsd18_V65uTdE-vkh6oaKOKUXcPxHaV7NdcPuFl96WTxUO2plUiZfHxyNhXAjnMprJQLg4BtozwNWKH9BmWaWiC57NGrhu2rD7kr2wdYag_ZmemNrw9khuE-5pujqrjUkZ1vnI_OJ5AdratHcETVNYY6v-sz3cEQZ2d_arSlIm2gg2HahPzduSrh6XYw_uTc1J1JfNmLOHMbrIbXs9W0Tqd3vPFhKhwr2HwgWsBfqfVwAEyNdtnL4V2W0cP2OeTypzv-a9DOahTCm1jJCsjTLSfOfdImOtQ6pgN9CmAgfWCco71rG_1VX2r1Brfv1WzmQSt446lt-Z0zT64AUClDxkCsNqB9fm5MUWpDpMv-Eiq5LMMviAD7Opr2im_fsnJ4s0awlGNHQ5jUO3FjIU349CoAgrOTO8yubfffwerfQ5X6W_b6MnY1w&sai=AMfl-YTogxzochMf8tZ1QTGnPjMV0MDxcguWcqyzg7yNRFnlMWwK77WMurGSDpHTxgKJ_XUZy8WyO0QZIMslCJ4unUh7XHZcY1saCOoj2pFLqtQ646bbdVB2caZ2-QEwsJsubUmKfezJRcwAlhp0irL6vldQj3Szlw&sig=Cg0ArKJSzEFtjvgK1lEIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&cbvp=1&cstd=184&cisv=r20211020.78072&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Sun, 24 Oct 2021 01:40:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
GET H2	200	m secure-gg.imrworldwide.com/cgi-bin/ Frame 6865	0 296 B	128ms 32ms	Image text/plain	54.170.118.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn302965&cr=159718502&ce=N376801.279382DBMTP-MONCLER-INTA&pc=316874647&ci=nlsnci1777&am=1&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=654949752&C78=G1,DCM&uoo=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=2571688654&pi=t.aa~a.1117756428~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=-M&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250&nras=3&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=2388&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=3Br12d3MY7&p=http%3A//fatorrrh.com.br&dtd=15 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.170.118.172 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-170-118-172.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server nginx access-control-allow-methods POST, OPTIONS p3p P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM" access-control-allow-origin * cache-control no-cache cross-origin-resource-policy cross-origin content-length 0 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELcNDDVtU3avuYSBNEEF4M&google_cver=1&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZK... https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZKjft4YjNUS18bXOaOeyRsek8uz38wF-L0GuY72hR9Mq&google_hm=Z6lkV2...	170 B 188 B	36ms 35ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZKjft4YjNUS18bXOaOeyRsek8uz38wF-L0GuY72hR9Mq&google_hm=Z6lkV2QxajLCXbwv5CGLhA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJDeyntaFJ6je5UJjcS87y9Nobv500BKeZNb3Ozp4HAgbrzxTPUZKjft4YjNUS18bXOaOeyRsek8uz38wF-L0GuY72hR9Mq&google_hm=Z6lkV2QxajLCXbwv5CGLhA pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT cache-control private, no-cache, no-store, proxy-revalidate content-length 0 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuD... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBQjhQR2tJbQ&google_push=AYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuDfy6cemifGRGeloSCM58w_C5FxHcToQ9rPu5dBS_U5qMKG9kkeykdY2QeK	170 B 188 B	30ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBQjhQR2tJbQ&google_push=AYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuDfy6cemifGRGeloSCM58w_C5FxHcToQ9rPu5dBS_U5qMKG9kkeykdY2QeK Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVhTNWhBQUFBQjhQR2tJbQ&google_push=AYg5qPLiv1d5CE2vvrpCddnpzXrS4D8-cbfxLvbfAuDfy6cemifGRGeloSCM58w_C5FxHcToQ9rPu5dBS_U5qMKG9kkeykdY2QeK Date Sun, 24 Oct 2021 01:40:20 GMT Server Apache Connection keep-alive Content-Length 391 Content-Type text/html; charset=iso-8859-1
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEJyy5xvUizIQd_T1zM3DPk4&google_cver=1&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE&google_hm=rUVc1zb2x90AOiRJk8yquQ==	170 B 188 B	32ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE&google_hm=rUVc1zb2x90AOiRJk8yquQ== Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:19 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKo21MgS95bJqz6Lo52YdX-52-d2yMIf2WNFoik2qqRyGmu0n5jy1HXeqzcF8E_6Ayv1xBlxwGvPmcOo-C9HrYLQLAJXfE&google_hm=rUVc1zb2x90AOiRJk8yquQ== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc clear content-length 0 x-request-id kpofjejql3f1j63llcs7etr27e913s63
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BB-diHSSQJK1pEPQ1GfOuA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	33ms 32ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BB-diHSSQJK1pEPQ1GfOuA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLK7RbJToRyA1LOP3aXQriD5EwNo2KAx6xVjLZ5SZgr0A9fiHFa8T8DR9RGzLRwR8wNgsdM_QvWL3pCaxz17M7KbGzAdTGE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BB-diHSSQJK1pEPQ1GfOuA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLK7RbJToRyA1LOP3aXQriD5EwNo2KAx6xVjLZ5SZgr0A9fiHFa8T8DR9RGzLRwR8wNgsdM_QvWL3pCaxz17M7KbGzAdTGE date Sun, 24 Oct 2021 01:40:18 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDcJb-pBvtd0wH4q6Hau_ow&google_cver=1&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zl... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIREUtMjUtNFhKRA==&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zlCTS9h4gJbHaf1AfMrNMJL8VFo	170 B 188 B	29ms 29ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIREUtMjUtNFhKRA==&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zlCTS9h4gJbHaf1AfMrNMJL8VFo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1Y0S0RIREUtMjUtNFhKRA==&google_push=AYg5qPJzDIvjNocQnstpXmM0j6Vl_iu2hUkMnnfRC87xaXTlfqOE2bz4tb0ltU97lad9Ge1f8zlCTS9h4gJbHaf1AfMrNMJL8VFo Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_cver=1&googl... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1G...	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame FEDF Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKwGj1EYzIi7kcyne7gYDE0&google_cver=1&google_push=AYg5qPK1pRpxIzCLdUVp8hqf... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK1pRpxIzCLdUVp8hqfb3qa3B18xW4OLbGdljk9O3h5FN9_1yzZ5-6mp3GELxey520tN6TCuRE2yqtM9q658gaHBefkIZQfcA&google_hm=	170 B 188 B	31ms 30ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK1pRpxIzCLdUVp8hqfb3qa3B18xW4OLbGdljk9O3h5FN9_1yzZ5-6mp3GELxey520tN6TCuRE2yqtM9q658gaHBefkIZQfcA&google_hm= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPK1pRpxIzCLdUVp8hqfb3qa3B18xW4OLbGdljk9O3h5FN9_1yzZ5-6mp3GELxey520tN6TCuRE2yqtM9q658gaHBefkIZQfcA&google_hm= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Sat, 23 Oct 2021 01:40:20 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame FEDF	0 12 B	29ms 29ms	Image text/html	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITr_cVerGxUJRoSj6xW1Awq-LFVk6egNAXvPRqGPp8bRdxxYSVaM0l9_2qW9DlvX2JvfVeJw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	300x250.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/ Frame 7EB1	41 KB 10 KB	50ms 50ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 3db51ab50308ac63d24f672051ae46a7fd355653204f3cfae4773684c66d6522 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 9907 date Sun, 24 Oct 2021 01:40:20 GMT expires Mon, 25 Oct 2021 01:40:20 GMT cache-control public, max-age=86400 last-modified Wed, 16 Jun 2021 12:46:24 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame BAAC	0 61 B	78ms 66ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvi8JatFIaoDW3D4dQIEl_iYQguYS7rJUGk58Llu9xQVgGbVWtSbDbT4I3Qy_KRWmKSjf0ZW2owPA7fmdYHopMqW8AYkCszkI5UnHbBOX8KkrJaS3W8y9lDN50_Up8_5DeRHPpaGvTgy5D71_Q2ow3k_ICcqdoc72uHr2R_aRG740EL5Q0IIm19U6ZzhLXXaSZvd30epfSWAdtI4aD9xgNpRSmsn_e_s8dYA47Q0383I32YhSo4LmqSgJe83RBFzKkToHrZ3v1G0byDVHvPDK1pcKdVTUxxhqpCiBbgVSAJ7Y56QmnwJYDD6bvEV4-u8nKWQ-X5y-05n6Mom8iRpDn-zIIOIW4zp4WTlIaC47IHMlrsJc5YXaDLsqSyTuXi6jD1e48_1rFbxYD9SOEn_E7TLeQ-WMhxM2MVJ7JLW73w_zCNI5XrTQnEz3Y3P9QpMmHMbpmC8FXboMtGSm5wNDHgvIQ6DOwrQdFc2U_2OLkgxBd_cQbS2mCg6-eZPwp75NsGBQFYjrQQEww2bpxtQK-6OzM7psIqUMh6myrYpDgnD7ieo5G2SKv_YRTFPB1yo_UAZcenrD8d2WmNhd1E9iOfyP9vbWKc9DYPRzwl7tJ1ydZCP40EwWi5Mu1nezbK67Mws1KlqmKq1jXefqMk6r2t-reA_jV9OdMAsH-vMS_Et2ec2_HUjuKGuf6lEyz6JvM-devYRmdZ8meUCH0n8gYMzoYL8JTPWtiujbm9-v7NfZn23ieOKThJQ9s51K2sizCO-RtuVY4XJK2d3Hts_HeK8-MN6geevLIYjF7mc3tah_cwWulg8Co7I3hhFcl5TLxxsJ8_o8kHmInS6jngYhBbBZLqehXzd36WlI3kdXE36BE1bAt3yhrhzyMDSaEoJs_kFyWrKMQOeeR7jfAuuBi4FdVRleM2B5K_MmipaU3tyUT-lVv1Ma1PaXkZ4KP5ylwvBzaT2E7_Y61ip9Rv6oCrsfpc5tHonXjZyfTm36-9BQAFbBHuCKiSeAbyuZRkd7UQtMYdaGUby8-UMnrdg5_4KgU3BzHsc6IW_N3sHIWSPHmU7n-QEhvUnNs5MJwukmg2Rfv9DYAXHu4pC132qgwB-ondsYRObkm9KFYh3qGapP_aR-PN-jJ-rnD7HvTrfp-6kLgYNhKYHPkOE8f5gUDIFilygHYT-hES92C13RSGiDHgW9rzSUAqS89ww6arxq3ZBaLJlP7tg&sai=AMfl-YS_qqqsx6_sv4B05MdSeNSWWp6xJcU6LLSJTeLh1H-SMrNI7v62P-lyvM40sljlYIq0Zlf_3yosc0GOYzykLhVzQr3yK6rV_98A1F6-KrPzBSIM5lUUHGyvLThnPaZVGC1J3FnpxXuMYorjjzR30a4vrLPoQA&sig=Cg0ArKJSzOAYfJjiHai2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=153&cisv=r20211020.95522&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Sun, 24 Oct 2021 01:40:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 3510	35 KB 13 KB	14ms 13ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 5AB2	35 KB 13 KB	14ms 13ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H2	200	main.gr.19.8.252.js Show response static.adsafeprotected.com/ Frame BAAC	187 KB 60 KB	130ms 31ms	Script application/javascript	52.51.68.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.252.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rjss/st/769474/57793853/skeleton.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.68.144 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-68-144.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 4abf6f75e7d4553131da804e9d208211948bc90a03766315df9598a5e41335e1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip last-modified Mon, 18 Oct 2021 20:06:38 GMT server nginx/1.16.1 age 345887 etag W/"27951f563af0f426b58dde52f941e460" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 69A1	35 KB 13 KB	15ms 14ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 3908	118 KB 40 KB	24ms 24ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 16:40:59 GMT content-encoding gzip x-content-type-options nosniff age 32361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 16:40:59 GMT
GET H3	200	Enabler_01_247.js Show response s0.2mdn.net/879366/ Frame 8B52	118 KB 40 KB	31ms 30ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_247.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 16:40:59 GMT content-encoding gzip x-content-type-options nosniff age 32361 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 41099 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 16:40:59 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 0768	0 23 B	88ms 60ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstt18fYbU4IOd4oHhOEUqniGg4NyfO6sihXLGW8oS0o0LlssXOxbQzdVzvBjqZPYtJ4t3XvzRWqa7mYCdiYVrAntKhbQG2h3Cg4hLtVLqgDzgj8luGfIZ6bsgwkzznDqUEAV8F4qNU-dDySaodo2LMOb4VZYWYGlElsM5gs3s0Vzvq3rK06MYmso5ijo5-9JZQ5mP0BbR6yZ6TH-Z732ZRwMg0Joyyyb8fC-uNPHkZq9oJPLN6RwSvrnm3_eWGbMBuEwtUA5r-yetXvdkRiFfrFT3-YtSdNrBAHNj97jGZWBjt1aegwSlbWuI1M53RVXKHaNo6yIaIX1VC3v-ubNMoUg2_XGHYg0GdaCEvHghefkT6wIps2SiD_Qc3sdlRoPYLDxwz90dv3SuLaJvrt_bt18Gqw_-2ZTJwqk5XQGfgIsNGjsyeK6hTN3wRytb9DyoPOjSPSn2aRCaqwnRyMCY1hB3Mv54WJZnJYhkVeJ6xPhiHoKHw9VYdvqQ4ye8D8A2M9eLGikOpRJGykLXfYhY-3_-gJApCSTDstArKWj7QVcNtjOVfAyfc_P5WzoigYia6jvhmuFxh49III0lyHyq4x_XkAaKVDHXWh87kMuG8S9YMZtJ8xj8aDohOmMci-6edq-2uaftzEm5T8G33hyc7KxpeFQMfQkm4lKX7p2naC6DP-5Rs9ggeDDdhWBwMIeyICQCIAxO9pw2EJbfUVqrfYGEgKYroeJtp2xJ5a4ASHDL-FVLWQhlBqCLn5Rgkusl__i9u5eL7DgOA2i9JAdDKSpfAp1JJ6DTQKew2xsBTc2hld4c-9_LRykrHztKGYiObZKvAXnK_eP_viKW_6GwlCjXmIMXRq-gz0-JPVelhxiMUxLiXVlxHfmCCwr58YxhnpRCKdWh1LVPgjWCXLG6bCrkx842ckvc65IyP1WKSCkOMknNAR4z9XVzVNLvfTDX2y8SMTLMzpQKlTHwge3vrSEanRvoahHy471MgFki6gaWXhID4PYEq06LP7SSDghss4DyDfFmzg171O9yhy2I_j3OsNZm1iuLtnXtkzgFL619fAdJYVHwoJgPpm2ASIXZCMJ6azDpT8RK20oJQl7RKM7hc3tYW4TOjxsQWvFa4I8aAXmW431ykb_UieH2bmueY4oBpAQ7Dtkug2Lpf6-rQwJcHpFK3jSXEFBvFHqcPvWS_o2IkiJlW5Xf9TorAYCnuvN1pVVF2ksENwtt5Dc8DU7LkY-wvmQSEjORSW7RnfUzb03pba&sai=AMfl-YT1jE6-wZlS8mDftd8ug7yPZeRsPcVI5wel8oGoOIp1RVln-GDJFdkn-IriTTuURVoYxF4xldqKoFKBzGQLW-DmYp9S-paPc3ANE-7C9CKXjkHX1wsWyqgv9aMESc_wFyhbh0-2ghbvtp-NH8iUtUEDlWAvgA&sig=Cg0ArKJSzHM3se-faBK-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&vt=11&dtpt=166&dett=3&cstd=187&cisv=r20211020.22833&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 6865	0 23 B	81ms 61ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvymsVOFul0_CltUmgJ7quCMitK0kM92-Fff_nN7t1CLRQQhXpNZqr3GdIOf6IKEMPwwlhXw0WV_WMaC260XE1zbeDPFUtTw687i5zhw7KweHmgE_q26ucriYWZp2c7D2ZIh17-kw4YRpmqqX2rPrlb6mJR_4HOxQF02HLbIVmx7yHKhh_akWNiFB9mbpMqfAHSbFMNDydjDfk_8tMyG4T0yUwVVD9-RcAuDy07eIr5-2l0KjPDIMT3Tftvv3i58cPYHaMhp8ohoT0gDj5pNfzmPvlQ_AUAqzAsPtPNAx-V67NM0eFTZslnYr02j6McApqVdQhQdFKJnRKFmiMp0HDfXbvWaTzXhNx6vzGuZCLvyn7GpdCuBT0cbH3mI63A3OE66RM1yLdqLc4t8-EudHtPiQ9wKO9us4tQHseRd7KL_AZD3XtmRS2kHTfY5dKWfWbf2kBoGlt-sJY1c_gt_iip6fQQT_NKvNYzjbF288-tmbaDxYOnL7ixYrYdXSWpRTzq9eCg7Qm-wRDX5wjUsFRdgmwubMzcboxmINU-9b9PqXlSiK9EUKLlzy2BM2o0Y_t-zeSSqMjEVMju4HIcxbvX0JO3roRUZZglmNhOOSaZrM7MKMB4I47OCxNl581pLRd0rVmrISJSCaSqRC1H-4BQjfgd_EHotBLUetcDuAMUBNjn-oD-T7L_S54jH4674QRjW7GtJ81sD0EdqD3_N5TSeFDAkot32a23YF_sUAFiJQTgs70l6Y6B7264oVFE40Kvyg0wVETPOwC9sWFgG7vVzZsd18_V65uTdE-vkh6oaKOKUXcPxHaV7NdcPuFl96WTxUO2plUiZfHxyNhXAjnMprJQLg4BtozwNWKH9BmWaWiC57NGrhu2rD7kr2wdYag_ZmemNrw9khuE-5pujqrjUkZ1vnI_OJ5AdratHcETVNYY6v-sz3cEQZ2d_arSlIm2gg2HahPzduSrh6XYw_uTc1J1JfNmLOHMbrIbXs9W0Tqd3vPFhKhwr2HwgWsBfqfVwAEyNdtnL4V2W0cP2OeTypzv-a9DOahTCm1jJCsjTLSfOfdImOtQ6pgN9CmAgfWCco71rG_1VX2r1Brfv1WzmQSt446lt-Z0zT64AUClDxkCsNqB9fm5MUWpDpMv-Eiq5LMMviAD7Opr2im_fsnJ4s0awlGNHQ5jUO3FjIU349CoAgrOTO8yubfffwerfQ5X6W_b6MnY1w&sai=AMfl-YTogxzochMf8tZ1QTGnPjMV0MDxcguWcqyzg7yNRFnlMWwK77WMurGSDpHTxgKJ_XUZy8WyO0QZIMslCJ4unUh7XHZcY1saCOoj2pFLqtQ646bbdVB2caZ2-QEwsJsubUmKfezJRcwAlhp0irL6vldQj3Szlw&sig=Cg0ArKJSzEFtjvgK1lEIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=341&vt=11&dtpt=154&dett=3&cstd=184&cisv=r20211020.78072&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enabler_01_245.js Show response s0.2mdn.net/879366/ Frame 7EB1	110 KB 38 KB	25ms 25ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_245.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 04:53:09 GMT content-encoding gzip x-content-type-options nosniff age 74831 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 38568 x-xss-protection 0 last-modified Wed, 14 Oct 2020 19:32:54 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 04:53:09 GMT
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 7EB1	60 KB 24 KB	32ms 32ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 01:40:20 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 8B52	6 KB 4 KB	47ms 24ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e34e295f4f83668c8bdbe657e08a8d181e492c7fb6f6f6921b65fdb27aef8e64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4537 x-xss-protection 0
GET H3	200	pausa.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	4 KB 4 KB	26ms 26ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/pausa.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 385a356efa4114b719beed902aba094c8a9ca1a9381d262b598857c23fdd635a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4095 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
GET H3	200	repeat.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	4 KB 4 KB	27ms 26ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/repeat.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 60ff47dd82f8534f9648d87f9a2a19c4bdc9982319e00fafc2c350a5ec6a53c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 03:39:24 GMT x-content-type-options nosniff age 79256 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4229 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 03:39:24 GMT
GET H3	200	soundon.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	4 KB 4 KB	29ms 29ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/soundon.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash fefbef456d0bbdd2d5b8bb6afd9b048b4e992256f0929d14f555309508494e4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 14:38:19 GMT x-content-type-options nosniff age 39721 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4315 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 14:38:19 GMT
GET H3	200	play.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	4 KB 4 KB	28ms 28ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/play.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 936047e29bc4ae82f5dd26383d9039abddb5569d5fa4b9f85762628446ba14b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4144 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
GET H3	200	soundoff.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 8B52	4 KB 4 KB	29ms 28ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/soundoff.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash a96d4f0941ee39c51a38bb5c6215fb390139d6dda4d21bd4a70d44302d7dea8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4244 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame BAAC	0 23 B	60ms 60ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvi8JatFIaoDW3D4dQIEl_iYQguYS7rJUGk58Llu9xQVgGbVWtSbDbT4I3Qy_KRWmKSjf0ZW2owPA7fmdYHopMqW8AYkCszkI5UnHbBOX8KkrJaS3W8y9lDN50_Up8_5DeRHPpaGvTgy5D71_Q2ow3k_ICcqdoc72uHr2R_aRG740EL5Q0IIm19U6ZzhLXXaSZvd30epfSWAdtI4aD9xgNpRSmsn_e_s8dYA47Q0383I32YhSo4LmqSgJe83RBFzKkToHrZ3v1G0byDVHvPDK1pcKdVTUxxhqpCiBbgVSAJ7Y56QmnwJYDD6bvEV4-u8nKWQ-X5y-05n6Mom8iRpDn-zIIOIW4zp4WTlIaC47IHMlrsJc5YXaDLsqSyTuXi6jD1e48_1rFbxYD9SOEn_E7TLeQ-WMhxM2MVJ7JLW73w_zCNI5XrTQnEz3Y3P9QpMmHMbpmC8FXboMtGSm5wNDHgvIQ6DOwrQdFc2U_2OLkgxBd_cQbS2mCg6-eZPwp75NsGBQFYjrQQEww2bpxtQK-6OzM7psIqUMh6myrYpDgnD7ieo5G2SKv_YRTFPB1yo_UAZcenrD8d2WmNhd1E9iOfyP9vbWKc9DYPRzwl7tJ1ydZCP40EwWi5Mu1nezbK67Mws1KlqmKq1jXefqMk6r2t-reA_jV9OdMAsH-vMS_Et2ec2_HUjuKGuf6lEyz6JvM-devYRmdZ8meUCH0n8gYMzoYL8JTPWtiujbm9-v7NfZn23ieOKThJQ9s51K2sizCO-RtuVY4XJK2d3Hts_HeK8-MN6geevLIYjF7mc3tah_cwWulg8Co7I3hhFcl5TLxxsJ8_o8kHmInS6jngYhBbBZLqehXzd36WlI3kdXE36BE1bAt3yhrhzyMDSaEoJs_kFyWrKMQOeeR7jfAuuBi4FdVRleM2B5K_MmipaU3tyUT-lVv1Ma1PaXkZ4KP5ylwvBzaT2E7_Y61ip9Rv6oCrsfpc5tHonXjZyfTm36-9BQAFbBHuCKiSeAbyuZRkd7UQtMYdaGUby8-UMnrdg5_4KgU3BzHsc6IW_N3sHIWSPHmU7n-QEhvUnNs5MJwukmg2Rfv9DYAXHu4pC132qgwB-ondsYRObkm9KFYh3qGapP_aR-PN-jJ-rnD7HvTrfp-6kLgYNhKYHPkOE8f5gUDIFilygHYT-hES92C13RSGiDHgW9rzSUAqS89ww6arxq3ZBaLJlP7tg&sai=AMfl-YS_qqqsx6_sv4B05MdSeNSWWp6xJcU6LLSJTeLh1H-SMrNI7v62P-lyvM40sljlYIq0Zlf_3yosc0GOYzykLhVzQr3yK6rV_98A1F6-KrPzBSIM5lUUHGyvLThnPaZVGC1J3FnpxXuMYorjjzR30a4vrLPoQA&sig=Cg0ArKJSzOAYfJjiHai2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=385&vt=11&dtpt=229&dett=3&cstd=153&cisv=r20211020.95522&adurl= Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 server cafe
GET H/1.1	206 Partial Content	file.mp4 r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipb... Frame 8B52 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/id,itag,source,ratebypass,m... https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,i...	859 KB 859 KB	151ms 38ms	Media video/mp4	173.194.150.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DDD7DC1B45DF03554F94DFAFCB3B49A37FEE588.2209804D6057F2A6767CA2F46031F4F0A4172811/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.194.150.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS prg03s03-in-f10.1e100.net Software gvs 1.0 / Resource Hash f8c250368fe43eadddcef1351e8ddbf5b0f45f4e20669b04437975fa8eb7c852 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT X-Content-Type-Options nosniff Last-Modified Fri, 15 Oct 2021 14:00:36 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Content-Range bytes 0-879273/879274 Cache-Control private, max-age=86400 Connection close Accept-Ranges bytes Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 879274 Expires Sun, 24 Oct 2021 01:40:20 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DDD7DC1B45DF03554F94DFAFCB3B49A37FEE588.2209804D6057F2A6767CA2F46031F4F0A4172811/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 674 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 3908	6 KB 4 KB	24ms 23ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 2c0569c31716621d37c1c0ba84ad77ab58e9b8cd95f75c938b04ed6ee1fece98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4461 x-xss-protection 0
GET H3	200	pausa.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	4 KB 4 KB	24ms 23ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/pausa.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 385a356efa4114b719beed902aba094c8a9ca1a9381d262b598857c23fdd635a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4095 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
GET H3	200	repeat.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	4 KB 4 KB	24ms 23ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/repeat.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 60ff47dd82f8534f9648d87f9a2a19c4bdc9982319e00fafc2c350a5ec6a53c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 03:39:24 GMT x-content-type-options nosniff age 79256 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4229 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 03:39:24 GMT
GET H3	200	soundon.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	4 KB 4 KB	25ms 24ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/soundon.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash fefbef456d0bbdd2d5b8bb6afd9b048b4e992256f0929d14f555309508494e4e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 14:38:19 GMT x-content-type-options nosniff age 39721 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4315 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 14:38:19 GMT
GET H3	200	play.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	4 KB 4 KB	26ms 25ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/play.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 936047e29bc4ae82f5dd26383d9039abddb5569d5fa4b9f85762628446ba14b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4144 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
GET H3	200	soundoff.png s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/ Frame 3908	4 KB 4 KB	25ms 25ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/soundoff.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash a96d4f0941ee39c51a38bb5c6215fb390139d6dda4d21bd4a70d44302d7dea8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 17:07:28 GMT x-content-type-options nosniff age 30772 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4244 x-xss-protection 0 last-modified Mon, 18 Oct 2021 09:03:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 17:07:28 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 8B52	17 KB 6 KB	28ms 28ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sun, 24 Oct 2021 01:40:20 GMT
GET H3	200	prod_studio_01_247_videomodule.js Show response s0.2mdn.net/879366/ Frame 8B52	13 KB 5 KB	24ms 23ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=sXaYNJ6iIc&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 13:56:42 GMT content-encoding gzip x-content-type-options nosniff age 42218 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5003 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 13:56:42 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 3908	17 KB 6 KB	35ms 35ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sun, 24 Oct 2021 01:40:20 GMT
GET H/1.1	206 Partial Content	file.mp4 r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipb... Frame 3908 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/id,itag,source,ratebypass,m... https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,i...	859 KB 859 KB	153ms 40ms	Media video/mp4	173.194.150.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/1929EE6E458FC83BABD25715F6A1BB1A24BA226C.2F3840D4FF8C49004FCF38EDF63B6CA2AD160D93/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.194.150.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS prg03s03-in-f10.1e100.net Software gvs 1.0 / Resource Hash f8c250368fe43eadddcef1351e8ddbf5b0f45f4e20669b04437975fa8eb7c852 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT X-Content-Type-Options nosniff Last-Modified Fri, 15 Oct 2021 14:00:36 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Content-Range bytes 0-879273/879274 Cache-Control private, max-age=86400 Connection close Accept-Ranges bytes Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 879274 Expires Sun, 24 Oct 2021 01:40:20 GMT Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r4---sn-2gb7sn7s.c.2mdn.net/videoplayback/id/25307fc9a81d2e4f/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3778996502/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/1929EE6E458FC83BABD25715F6A1BB1A24BA226C.2F3840D4FF8C49004FCF38EDF63B6CA2AD160D93/key/cms1/cms_redirect/yes/mh/fR/mip/216.131.111.9/mm/42/mn/sn-2gb7sn7s/ms/onc/mt/1635038962/mv/u/mvi/4/pl/24/file/file.mp4 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 674 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame BAAC Redirect Chain https://fw.adsafeprotected.com/rfw/st/769474/57793853/skeleton.js?adsafe_url=http%3A%2F%2Ffatorrrh.com.br&adsafe_type=g&adsafe_url=http%3A%2F%2Ffatorrrh.com.br%2F&adsafe_type=c&adsafe_url=https%3A%... https://static.adsafeprotected.com/skeleton.js	17 B 240 B	34ms 33ms	Script application/javascript	52.51.68.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.68.144 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-68-144.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT last-modified Mon, 17 Aug 2020 23:54:35 GMT server nginx/1.16.1 age 6171844 etag "53fab767ecbd3bf07990b10246befbd4" x-cache-status HIT content-type application/javascript cache-control max-age=315360000 accept-ranges bytes content-length 17 Redirect headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-server-name app07.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame 4401	80 KB 21 KB	47ms 47ms	Script application/javascript	52.51.68.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1555033654987774&output=html&h=250&adk=1877004613&adf=3419440085&pi=t.aa~a.1117774011~rp.4&w=317&fwrn=4&fwrnh=100&lmt=1635039619&rafmt=1&to=qs&pwprc=7555190131&psa=0&format=317x250&url=http%3A%2F%2Ffatorrrh.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1635039619574&bpp=1&bdt=1535&idt=1&shv=r20211020&mjsv=m202110180101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2d2bab08453b394f-22c16d8cfdca0079%3AT%3D1635039619%3ART%3D1635039619%3AS%3DALNI_MaUKzJddROHLIvPKddzXB5lBkhekg&prev_fmts=0x0%2C317x250%2C317x250&nras=4&correlator=7888693500953&frm=20&pv=1&ga_vid=1751867124.1635039619&ga_sid=1635039619&ga_hid=1217393066&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=973&ady=3215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063218%2C31062526%2C31063139&oid=2&pvsid=930812183286448&pem=227&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=TnHiluwGlj&p=http%3A//fatorrrh.com.br&dtd=18 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.51.68.144 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-51-68-144.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip last-modified Thu, 19 Aug 2021 16:31:24 GMT server nginx/1.16.1 age 5536729 etag W/"9304f57298c3834ff107ea7ccb547996" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H3	200	OnAir-Bold.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame 7EB1	47 KB 47 KB	37ms 36ms	Font font/woff2	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:32:29 GMT x-content-type-options nosniff age 471 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 47676 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:39 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 01:47:29 GMT
GET H3	200	OnAir-Regular.woff2 s0.2mdn.net/creatives/assets/4140742/ Frame 7EB1	47 KB 47 KB	48ms 47ms	Font font/woff2	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:28:04 GMT x-content-type-options nosniff age 736 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 47848 x-xss-protection 0 last-modified Thu, 06 May 2021 11:38:29 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 01:43:04 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7EB1	6 KB 5 KB	43ms 43ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 2c8bea279398beaa569eb7821e1aa11193464329937cd8fc99867c9fb4543943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4609 x-xss-protection 0
GET H3	200	60005582_20211014235342828_APP_iPhone-13-Pro-Max_Asset.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 7EB1	26 KB 26 KB	42ms 41ms	Image image/png	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211014235342828_APP_iPhone-13-Pro-Max_Asset.png Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 94c861b3e4bc918650205113892b86d7768e0fbc75fdfcd8e103e87988eea6aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61551629/20210616054624412/300x250.html?e=69&leftOffset=0&topOffset=0&c=1D1gagA0rn&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 02:50:34 GMT x-content-type-options nosniff age 82186 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 26950 x-xss-protection 0 last-modified Fri, 15 Oct 2021 06:53:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 02:50:34 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame 7EB1	43 B 609 B	65ms 17ms	Image image/gif	82.113.101.132 TDDE-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_316931993_137415464_-0&ref=25124645_4307561_316931993_137415464_-0 Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 82.113.101.132 Ingelheim am Rhein, Germany, ASN6805 (TDDE-ASN1, DE), Reverse DNS portal.o2online.de Software Apache / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Sun, 24 Oct 2021 01:40:20 GMT Last-Modified Wed, 26 Aug 2020 10:11:24 GMT Server Apache ETag "2b-5adc50abeeb00" P3P policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection close Accept-Ranges bytes Content-Type image/gif Content-Length 43
GET H/1.1	200 OK	dt dt.adsafeprotected.com/ Frame BAAC	43 B 301 B	295ms 117ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=a4f95f76-8905-5d80-c6a9-d89f9f8f528e&tv=%7Bc:rVaQ0d,pingTime:-3,time:391,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:322%7D,%7Bpiv:0,vs:o,r:l,t:390%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:391,n:390,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:o,t:390,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sMIzCsK+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1511%7C1512%7C15131%7C1514%7C161*.769474-57793853%7C1611%7C1612%7C16131%7C1614,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:21 GMT X-Server-Name dt55.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/ Frame BAAC	43 B 301 B	293ms 118ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=a4f95f76-8905-5d80-c6a9-d89f9f8f528e&tv=%7Bc:rVaQ0e,pingTime:-6,time:392,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:392,n:390,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:o,t:390,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sMIzCsK+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1511%7C1512%7C15131%7C1514%7C161*.769474-57793853%7C1611%7C1612%7C16131%7C1614,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&tpiLookup=ao:fatorrrh.com.br%2Cgoogleads.g.doubleclick.net*&br=c Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:21 GMT X-Server-Name dt57.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H3	200	prod_studio_01_247_videomodule.js Show response s0.2mdn.net/879366/ Frame 3908	13 KB 5 KB	29ms 28ms	Script text/javascript	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_247.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software sffe / Resource Hash 78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61937826/20211018020328837/index.html?e=69&leftOffset=0&topOffset=0&c=Mp1221YEQB&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 13:56:42 GMT content-encoding gzip x-content-type-options nosniff age 42218 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 5003 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:45:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 24 Oct 2021 13:56:42 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7EB1	17 KB 6 KB	42ms 42ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sun, 24 Oct 2021 01:40:20 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/ Frame BAAC	43 B 301 B	295ms 120ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=a4f95f76-8905-5d80-c6a9-d89f9f8f528e&tv=%7Bc:rVaQ0H,pingTime:-2,time:421,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:139,bdZ:314,beA:326,beZ:327,mfA:636,cmA:637,inA:637,inZ:640,prA:640,prZ:644,si:649,poA:649,poZ:661,cmZ:661,mfZ:661,loA:717,loZ:720,ltA:747,ltZ:747%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:322%7D,%7Bpiv:0,vs:o,r:l,t:390%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:421,n:390,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:o,t:390,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sMIzCsK+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1511%7C1512%7C15131%7C1514%7C161*.769474-57793853%7C1611%7C1612%7C16131%7C1614,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,sinceFw:97,readyFired:true%7D&br=c Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:21 GMT X-Server-Name dt53.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame AA98	35 KB 13 KB	21ms 21ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 24C9	35 KB 13 KB	34ms 34ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3510	0 20 B	53ms 53ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhGz4hLl0YdHPBN-GjuwPpIeooAcAAAAAOAHgBAI&bg=!cnGlcTXNAAbUs_yW1LM7ACkAdvg8WiVaKkfZ210CaR1qfmjw4Vwrg-9TEf-2rRK4hVr3lX3w4lCUBwIAAAFeUgAAAEdoAQcKAGxM4uenu9-oBX6_SXTASGQthLrOnDeD384AsA3JYIdpGyhAPDxu4_MG9QS1pB0ECWC95Nse-rlJsTUvNX1V8fIIbN-a046J8KIsdYpn5iwUaBrP35wpCmrXKejpjYu2iPuB0QQAxEZYqzkxVJKZAwOpZu2W_GZalorLKZ-3b9-Jd_ilFfQZ__b39AMo4-yuo689d4w4GWXAXT-19WahafdYeVpIJTkXQ8sMZx-Fx1bzpnWTplNi_poNM0hxdir5P3UZN87b7gtW6_O2t2Az309EmPpxy9Js25_Y4msiZhPoS7FWaMjRH2fDEyKmYneRCzHdcWFJS_dYn2nRzBZghLj-U3dHSHRca4ZKSQoFsV5m8BD-1vh2JrgHSlSqVH5GTlwu3LwlMhptYxmzv9ROAsk5gC8i9QuAogHnZ8LOrWUvdVzm_RdH46k5_tCRJfCNa3KWdtRFwym3O-4I71Z3_tpbLdXIeQ43NvPXRI3ZzT0M81TSMqgZh20L49C9E4Y87H4zTiNHu8WuFAgYIIBm1RmWTMUu6S01b1-pWT6mqJRFGWorzTvK2SxYfTab4_w5d6Plqfa0upkMyp84HPWSq2D5SUDJUPq6wnsZZMZ8Zvu5CDXq4v364LEqCU1AXW681sX2dHnJ1Ud4Qjb474m09vNmliQLNOKv1ohjY10kEB5bxE4il09G71aUGIB3cieN_n4TlC01M8DIPiZMQCl-836l5fmYPvfrU12I73SQGZyK4kgSgxKh1vH9jfJVaAK_n-2TISSWU6D_RZX7OCx8RhiPWHGdD8K69WSJ1S3z_4uOxIUqNpzdvo-QGfpJWy1pFH9A-jrw73VYX3eQPslpDv_9KNAUaILkuprpwEFA6iMu5uaqRIz9ezK572MD-nTQ66O21PNwBimm5ZlLasR2glELf_QyQkLONfGZTQIUOvQ7bGG9kmThP6bfUEFNNiIHVkLj0qeYlWeSLJBt1TdAEp3AxlOFjGS2agtOtHDehVAhVgI70jrFPe_87Jkx1p8zGn0NgTW-64nXkYi1yQ5t1too2O3EXGjncUFsQvrSQHoFGhey4q0gzgtmJcVCV4E81KimU5hBohBi9DT9kNUv1KkYfXy6vqfzFxJwM4-QRvazi3OgtzJVjlGTaWOZWD9rJ1bBhOodD7BoKgNXxmWAh_KVTBY Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 738B	35 KB 13 KB	21ms 20ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96104 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5AB2	0 20 B	62ms 62ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNEh0hLl0Yf7kBt6r3gOrwZdoAAAAADgB4AQC&bg=!BgWlBUHNAAbUs_yW1LM7ACkAdvg8WunMR-kbzm_ilODVm9Fiu5qjfK5uKjQHOt-GDiNDmR6LO9dGjwIAAAFpUgAAACxoAQeZAwtKV0xtqBKKYB594gPEH-5vYnl2DNhzMmyLGW4PrIOv318N0awLZtgvvxC8OEm_Mm1tjRYt5YYy3ZjGgigAl_OboIBGGSXzsnJZkCmAp1fCOh0FOZtD_W5ujlJRJpreHafuPBsKXs9dS6L8IC3lWLBh0fUkzG8eLfhbDbrISgZY4-aXDnKl1DkusmL_84Wyfiu5U4ml-yD-cdLuccCNMl3Gp8gWR4vr4mB66GOvIIYyD7-d_5-moainhyf0Y_tExpCF3Doim1fgaCqdEc6tQ-Qg4AroKYLw6xGmXmFphQwSCvipXsLWZp6JAfE9VpV2N3FII5sLkfvL9lhMDLROTOdiyES1SvUXgGKIsh1O8n3qHWr0N7RZr2JCLEJPoxYXns9XkMySYfiCgdPMFdX_kbgswfJ3PsQ33rSZgU8l_HEcMWAHU6XG4BWbmHhU1kmVCVoA3gCkh_tSuPMXtaTj4xhsV0WrCK-qWFUg1t0C7Z6trabtcMYKP04VfMbhxifwtm30XdvS--pCHCscZKaYoFYyfx6vgNsRNlvAa1qoi1qmr1WuMdUdLAY8bFqUjZBcRn00MNGbZUyxlXvZfRQfK7pMozw0HeYygMkjJTgk5NzIxSgPcJCCsVsQ1nwBieYJDovv42CKacyYZ_z3aw4_uDd0rPvFq5JWXeAUsgkuTDfceGJrZdpbPosnNREyU3iXedPxZRjYzIsNdwiQ9JlUzYhCQcDiy0Yv5y1IVfpIviWYTEIgzTjvwmQxjvi43UjL4K_dFsb4O_4OsUMhFyzPqOYuo1pjVBpwzcp-b1g1D79z9I13DntCc6WvfuREtJQJFb9CgewH0IWMx6zZ55L729GQReLQ1dkexUS1xLlwi3muY79XwSJr1PB-4bIXu6HVJb6DcgA33F_0IEck94E4m1UphTkSNDcJM2zJVxzscdykBG2-e1nihlDUXmFWUG7jAKKPvdxmX-IzzFkhbT8Xp-dzdrgAra1wrBBlmcQ3hHf3PnTEftPaFd0Ioqs8YIPQl5TIEFcNkA2Bsx0iIw Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 69A1	0 20 B	82ms 81ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiMgHhLl0YefrB4mk3wPMrYNAAAAAADgB4AQC&bg=!SkmlSQ3NAAbUs_yW1LM7ACkAdvg8WrJ6KqCVkvxgTblNkvkG1QvLveD57gbpawlbrj4bxtRlCEAkqAIAAAFvUgAAADdoAQeZAxgB6ZMa5WoQaC1DwIA1rFnQ9cHMTJmC88os2JO1UOtXp4vDmtvJoviqZ5Ohmfcwy3OCCCMsQUHLj9jVvwcYlTNrpP9yklgWHFxFThgMP3nhxG3VSbA_K5jPw9fL333QOy0XsukC5JBsxuTCz-eNMRIOT_p1cxRF3OYzBOc7eg_r68Fp-VnO59exn5Mr8g5BTi6DgY2lPkeQ5NDCK6ykkca9ooLBBP2YTV74hJ9KzKqBuy1BXfhUJ2R-aisVeJTDJek3RTRqFMF3YEQ5HlWyHlSSKXEh8SA3ueUXFYMjGhrd9DefIP6gOR8FwMPw_VxWSuBczI4C3E9a2BDAjM1F_1iqGiHxHpg69RoRwnx2OejfNZhgVfggPc1pqeS3SwIoZTUxS5G6U5_PyTs_KbLQTWQiXEbyd0lxhUa95xmha4SbCY1h_Ts9NwnwSWBMBwbDmcR6-wRXLqDPax0iF0r3L58hqf8vcHTMQd6MFiP-YLXrDeu35iqvSS3GIv0q8TLMs6qtLmp0iMsH33ReZPe47leInctFhA_CPT9dLt84toBio2EjquNgV-JfGLYpQ3Wuz7TLvD7557djK0PvylInpKe8lwVbV0424NkzEQ4eWa2Pxj2iHZZLNheG-ZWC3vPPiVxUUJqt0XKt2mkFDDy3rSrH7P7_r13VKcTDaILVe-TO_m3_0uvDEqBhAm5YfOLXqQkkGCng-5BWoM4XIdmXw4xhGoQJ9Bm8VNy0jf8_5qziuVaca8Xpe5SHtIm3TAmJvI3U4TGD8rrEU2S8E4FlwJI3KYAaiSv2tIb0fArwjwZ2x-p8u-9d423CXgAjQlKOU_Fa3GABR3HYxgPtgSOaTdP5xmEdtb0uxx4aycBeBN8gVAzM9hA0VB-xw1ZRiOiV7ezomXd_rPn9n4DNk-pnGEI9IVXQB_o8LEGN2Mr8zUIkjQYYBThz41nom8T9MWL_Gow7vG2P0sc1o9kwr1SDH0R7NYY0MzwLHN12vD6YpEyWrg3b6Ga62lZ6h0UeZpJxeMKCvX5NSeyw1G-Bs7pc4EMmPhyWxAEhegY Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMI0aH-nfXh8wIVX4ODBx2kAwp0EAAYACDmuJRMQhMIzabhnfXh8wIV1-O7CB3VQAKg;met=1;&timestamp=1635039621084;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0; ade.googlesyndication.com/ddm/activity/ Frame 0768	42 B 254 B	73ms 72ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI0aH-nfXh8wIVX4ODBx2kAwp0EAAYACDmuJRMQhMIzabhnfXh8wIV1-O7CB3VQAKg;met=1;&timestamp=1635039621084;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0; Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMI_raAnvXh8wIV3pV3Ch2r4AUNEAAYACDmuJRMQhMIleThnfXh8wIVq0TlCh1-YgmY;met=1;&timestamp=1635039621091;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0; ade.googlesyndication.com/ddm/activity/ Frame 6865	42 B 107 B	66ms 66ms	Image image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_raAnvXh8wIV3pV3Ch2r4AUNEAAYACDmuJRMQhMIleThnfXh8wIVq0TlCh1-YgmY;met=1;&timestamp=1635039621091;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0; Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dt dt.adsafeprotected.com/ Frame BAAC	43 B 301 B	88ms 88ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=a4f95f76-8905-5d80-c6a9-d89f9f8f528e&tv=%7Bc:rVaQ52,time:690,type:e,im:%7Bimprf:%7Bttecl:675,ecd:34,tsecr:56%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:690,n:390,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:322,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B77~1,0~0%5D,as:%5B77~300.250%5D%7D%7D,%7Bsl:o,t:390,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B300~0%5D,as:%5B300~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sMIzCsK+11%7C12%7C13%7C1411%7C1412%7C14131%7C1414%7C1511%7C1512%7C15131%7C1514%7C161*.769474-57793853%7C1611%7C1612%7C16131%7C1614,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:21 GMT X-Server-Name dt57.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/ Frame BAAC	43 B 301 B	85ms 84ms	Image image/gif	104.244.36.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=a4f95f76-8905-5d80-c6a9-d89f9f8f528e&tv=%7Bc:rVaQ63,pingTime:-10,time:753,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1635039621158%7C%7Cb5b2fde39bab3c2d7f1e95523a009c27%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7Cbcc4c8dd610ceacd3171a25ef1032e68%7C%7Cc478218572051c3e6ed42093089d21ca%7C%7Ca80125eca5b007331f034105601fcddc%7C%7C1f0f031fd50b89ce6f81e182df19e450%7C%7C6c2e8ee0c3773daa335836d4e29d5a4c%7C%7C1629390669%7D Requested by Host: fatorrrh.com.br URL: http://fatorrrh.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS nyidt.adsafeprotected.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 Oct 2021 01:40:21 GMT X-Server-Name dt53.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 93DB	28 B 54 B	37ms 36ms	XHR application/json	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/26b082a8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/kL5R0wvqGMI X-YouTube-Client-Version 1.20211019.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtnMFgtSHR6cjk2YyiD89KLBg%3D%3D X-YouTube-Ad-Signals dt=1635039619431&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C315%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKqxqFFv_7_FLZ3V68GTsfsflEQjFNNroKsfxjtMP4DIUdRIZTZcvNenVBuGDsriTfDINSEXNtNZsHH6aSvTg1IZLJ8yZA Response headers date Sun, 24 Oct 2021 01:40:21 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Sun, 24 Oct 2021 01:40:21 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	26ms 25ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 812b73d07b967ee4cec6fa139f71f10821a900f63a7e9b96cf4fc1ff919c0073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 Oct 2021 01:40:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8508 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	35ms 35ms	Script text/javascript	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110180101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1555033654987774&plah=fatorrrh.com.br&bust=31063218 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 01:40:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Sun, 24 Oct 2021 01:40:22 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6B92	12 KB 5 KB	27ms 27ms	Document text/html	142.250.185.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Sat, 23 Oct 2021 19:33:26 GMT expires Sun, 23 Oct 2022 19:33:26 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 22016 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6ACF	783 B 535 B	40ms 39ms	Document text/html	216.58.212.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f132.1e100.net Software GSE / Resource Hash 6744c7214942bc7f8ebaacb0d97eab23821d008ce1794abb34df03a61fc7b54a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aImg088k6KBkT2DC0EseMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://fatorrrh.com.br/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Sun, 24 Oct 2021 01:40:22 GMT date Sun, 24 Oct 2021 01:40:22 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-aImg088k6KBkT2DC0EseMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H3	200	DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response pagead2.googlesyndication.com/bg/ Frame 6B92	35 KB 13 KB	14ms 13ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 22:58:36 GMT content-encoding br x-content-type-options nosniff age 96106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 13408 x-xss-protection 0 last-modified Tue, 19 Oct 2021 13:08:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Sat, 22 Oct 2022 22:58:36 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6ACF	0 0	26ms 26ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=930812183286448&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	51ms 50ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=930812183286448&bg=!-vml-b3NAAbUs_yW1LM7ACkAdvg8WlBErxgS5HpCuxbZ1gQCoV6zOM6VButVz9mBslVoEmOMPSH4OQIAAABiUgAAAA1oAQcKADH1DV5e5cerAtoVq9HowYchHM-_RncWBdEnOIdByysex7w4k5ODyM8tG6pqM0Z2NZbRmQLfiYVMAnR6x2X6tFw_-NbmTsDNBhtro2cl3ut9YzMBlqfx26X7OA27LIOOM1tizZKJ8Jy3Qa81fuwqRUpVUEpoTyxt92lUkjtNTFEOMXTzYfq_B7ceoSATluAJLAgFmVMItR-G-tSwRUsZHGYOYRnZGvumiOQIf0iz2bKwzKRvi7jU1HFWTCk4VLi3vXZJZVybm75si2iTY9HiI78bd1YhAy8WxmFLgYVCs70laj6ag_OVcKMTaVQ7s9aoxlxzStDLiQDF6QlLcclOraeudUVDDxubLTR1OzQ0Vf2qNSQS15_GwgHtxzV4vQvKnaBFDdJGcYVjL9gWNsEFf2EEoi9l5MU2I-j3haCPEqFiB3JuuWnTuWZ3x2WmTRAPDaBPImvZuw7ydE7djlkX2LZOMAM9PXlKIGrL8aHIcRbmd7yWyjh3bLrfbk_0vKpnVUGzKgel_se3V8qzvHJHsSTGOzE9Hluuyh2Hr5Zt8-HrlZoz9wm0Wr0hZJjMIzsLHRbhKTLS24cEYI2eKxdwok2lUU_mKARhQ2st5OWc3-EH_dVpHNgTQdbvs2Ucz86pAuQSX-_8I536MCEIfd7KLFBG0yNT4Jy8RmE_la6l5Q2q9s3fKLF7deRB7VM3AqXVSyJvnkYWIdON9mviBQBBKYCcA5Gyiz6NK9dVVciI31ypM09rw2_0QTnQIZTR_oD2VgBdeGPKpVEZgjW-qG7YPWcmSs4lsK80VIvv0vywx7fC9Pd0pF1TPSRb0eTfTaoJmnrMk6MXCxrRt4iKgj2uy4PTCht31OKrPDT-ljL2XC7O3cq2dNRjmfNzrqI0We5b-UnnrO-1PpBmBY0NrCLr1HQHdYSJ7iib-Kmh-xUKSVORHgUQRrwLRoO9sXg7ADQ23zruZ88pkV2U_28batpV6iquwIUwsbi8QmMeG3eJ3TGe13mQfcgp_PciPHPuZLCN4sVD0MOEr7YK1yMXZaauwvD7nc1F Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer http://fatorrrh.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Sun, 24 Oct 2021 01:40:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

portalnoar.com.br

URL

https://portalnoar.com.br/wp-content/themes/blogs/style-footer.css

Domain

portalnoar.com.br

URL

https://portalnoar.com.br/wp-content/themes/wp/js/jquery-3.3.1.min.js

Domain

dev.portalnoar.com.br

URL

https://dev.portalnoar.com.br/wp-content/themes/portalnoar/imgs/sim_ultimas_not.png

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPL2trvpus3WRBm3LaJ1zNmwkcvEsO6nvYA5XwFRhAf0rp3SlfUe1TMojY3bvq9l9mOT0Bdwqk0qiU-9baK4aev4Kg1PCekD

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_cver=1&google_push=AYg5qPLr9Z9ujU7QdDJfAZuFocQxUkKE_tTDGA2tm4b06yyVbtNq1KTPnGOi73pAdmELiJ-DtcEmZg1lsCYk2QbhjP3se1Vtr_Bw&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXS5hHLrXXC-zv2mU0bLngAABMIAAAAB&google_gid=CAESEGE8iCFHYfldIeJlqBIl0lk&google_push=AYg5qPIaiRioLvqLLPSKUPB7sv7gUxwk2re2J5AiDiA-RF5qn1GeYz91NKzXsliSBjN9QNngY9y-3f9DRfRyVSk2GiltRO9jp2zL&google_cver=1