fimdejogo.com.br Open in urlscan Pro
167.172.26.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.fimdejogo.com.br/
Effective URL:
https://fimdejogo.com.br/
Submission Tags: falconsandbox
Submission: On March 21 via api (March 21st 2022, 2:29:30 pm UTC) from US — Scanned from DE

Summary HTTP 171 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 24 domains to perform 171 HTTP transactions. The main IP is 167.172.26.75, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fimdejogo.com.br.
TLS certificate: Issued by R3 on January 24th 2022. Valid for: 3 months.

This is the only time fimdejogo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	167.172.26.75 167.172.26.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.21 143.204.98.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:7400:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
7	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
3	198.58.120.109 198.58.120.109	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2600:9000:215... 2600:9000:2156:9800:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
15	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:7ee2:97c:ab4c:6c70:be36	15133 (EDGECAST) (EDGECAST)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4001... 2800:3f0:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.184.156 64.233.184.156	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:a311:1b15:c341:2fec	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:68::7	15169 (GOOGLE) (GOOGLE)
171	37

51 167.172.26.75 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.fimdejogo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fimdejogo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-21.fra50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:7400:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.58.120.109 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 198-58-120-109.ip.linodeusercontent.com

analytics.hostwp.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9800:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)

ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4001:813::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:a311:1b15:c341:2fec (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:68::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edns7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	fimdejogo.com.br 1 redirects www.fimdejogo.com.br fimdejogo.com.br	700 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	353 KB
18	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236 pbs.twimg.com — Cisco Umbrella Rank: 615 ton.twimg.com — Cisco Umbrella Rank: 5352	372 KB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 static.doubleclick.net — Cisco Umbrella Rank: 310 bid.g.doubleclick.net — Cisco Umbrella Rank: 468 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	88 KB
11	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	743 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	195 KB
9	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	214 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	15 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	127 KB
4	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4644 ws.sharethis.com — Cisco Umbrella Rank: 7239 buttons-config.sharethis.com — Cisco Umbrella Rank: 5510 l.sharethis.com — Cisco Umbrella Rank: 4230	50 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 924 r2---sn-4g5edns7.c.2mdn.net	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
3	hostwp.club analytics.hostwp.club	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 571	1 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	34 KB
2	google-analytics.com google-analytics.com — Cisco Umbrella Rank: 24 www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1391	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 289	456 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1359	351 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2828	376 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	464 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	36 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 214	4 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	648 B
171	24

	Domain	Requested by
50	fimdejogo.com.br	fimdejogo.com.br
15	pbs.twimg.com	fimdejogo.com.br
14	pagead2.googlesyndication.com	fimdejogo.com.br pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
11	www.youtube.com	fimdejogo.com.br www.youtube.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com fimdejogo.com.br googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	platform.twitter.com	fimdejogo.com.br platform.twitter.com
4	cm.g.doubleclick.net	fimdejogo.com.br googleads.g.doubleclick.net
3	www.google.com	www.youtube.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	analytics.hostwp.club	fimdejogo.com.br analytics.hostwp.club
3	fonts.googleapis.com	fimdejogo.com.br googleads.g.doubleclick.net
2	r2---sn-4g5edns7.c.2mdn.net	fimdejogo.com.br
2	image6.pubmatic.com	2 redirects
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	ton.twimg.com	platform.twitter.com
2	i.ytimg.com	www.youtube.com
2	syndication.twitter.com	1 redirects platform.twitter.com
1	gcdn.2mdn.net	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	cdn.syndication.twimg.com	platform.twitter.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	google-analytics.com
1	www.google-analytics.com	google-analytics.com
1	google-analytics.com	fimdejogo.com.br
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	ws.sharethis.com	fimdejogo.com.br
1	platform-api.sharethis.com	fimdejogo.com.br
1	www.fimdejogo.com.br	1 redirects
171	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
dcpress.com.br

Subject Issuer	Validity	Valid
fimdejogo.com.br R3	`2022-01-24` - `2022-04-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
analytics.hostwp.club R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-03-08` - `2022-05-17`	2 months	crt.sh

This page contains 14 frames:

Primary Page: https://fimdejogo.com.br/
Frame ID: D7DD964B574F337FC3DAEA44D490F27E
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 0AE1C254754108BCB09BB27D0046AEDF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Ffimdejogo.com.br
Frame ID: 3197A02758CB0CCC8450A5FF25D5352D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&adk=1812271804&adf=3025194257&lmt=1647856216&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffimdejogo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872962685&bpp=3&bdt=639&idt=106&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8703383479584&frm=20&pv=2&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129
Frame ID: 28CD333E91C361011B390FA0F3FC7D39
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Frame ID: 074A487E6E96353C80ABEF94AF3DF822
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29
Frame ID: 89ACDC24268EBD6C2C917038B2590339
Requests: 19 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1505687296770813958/ZVT57L2W?format=jpg&name=600x314
Frame ID: FDC25E601D189CDC8441C5B58AF284F8
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: F1020AE9E064E8CDC209C944D9EC310B
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js
Frame ID: 4FE7B8818A36E2701CBEFED72A742EF5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: CAF63D330AD999449B7E2401738EFE48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A874588F1005CCD428F5C4CBEC31F7C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 00EB03492B21829C5F5BBA9B6E76C69A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7523FD1FFF379D48D078F3A1BCEDD2B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8474ACB4C563E87F84ACB1C0EED877D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Um olhar diferente do esporte - Fim de Jogo

Page URL History Show full URLs

http://www.fimdejogo.com.br/ HTTP 301
https://fimdejogo.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

171
Requests

96 %
HTTPS

70 %
IPv6

24
Domains

42
Subdomains

37
IPs

7
Countries

2955 kB
Transfer

8942 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fimdejogo/
Title: <img alt="Facebook" title="Siga-nos no Facebook" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" data-src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png" class="synved-share-image synved-social-image synved-social-image-follow lazyload" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" /><noscript><img alt="Facebook" title="Siga-nos no Facebook" class="synved-share-image synved-social-image synved-social-image-follow" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png" />

Search URL Search Domain Scan URL

URL: https://twitter.com/fimdejogo
Title: <img alt="twitter" title="Siga-nos no Twitter" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" data-src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png" class="synved-share-image synved-social-image synved-social-image-follow lazyload" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" /><noscript><img alt="twitter" title="Siga-nos no Twitter" class="synved-share-image synved-social-image synved-social-image-follow" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/blogfimdejogo
Title: <img alt="youtube" title="Acompanhe nossos vídeos" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" data-src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/youtube.png" class="synved-share-image synved-social-image synved-social-image-follow lazyload" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" /><noscript><img alt="youtube" title="Acompanhe nossos vídeos" class="synved-share-image synved-social-image synved-social-image-follow" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/youtube.png" />

Search URL Search Domain Scan URL

URL: https://www.instagram.com/blogfimdejogo/
Title: <img alt="instagram" title="Siga-nos no Instagram" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" data-src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/instagram.png" class="synved-share-image synved-social-image synved-social-image-follow lazyload" src="data:image/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==" /><noscript><img alt="instagram" title="Siga-nos no Instagram" class="synved-share-image synved-social-image synved-social-image-follow" width="32" height="32" style="display: inline;width:32px;height:32px;margin: 0;padding: 0;border: none" src="https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/instagram.png" />

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=V-HOoqhBtDI
Title: https://www.youtube.com/watch?v=V-HOoqhBtDI

Search URL Search Domain Scan URL

URL: http://dcpress.com.br/
Title: DC Press

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.fimdejogo.com.br/ HTTP 301
https://fimdejogo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 155

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 166

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLeptBr_bJmivPD7z70TPKJsP_aZPQWxPQmCxc-cCmpG3I858nnI2JuMn0Pv&google_gid=CAESEM_e314fxkFzwQnUoxqgzOc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppTHhBQUFBVkQxcEYwNw&google_push=AYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLeptBr_bJmivPD7z70TPKJsP_aZPQWxPQmCxc-cCmpG3I858nnI2JuMn0Pv

Request Chain 168

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA6dTPfO4jmrITwDXka2eXI&google_cver=1&google_push=AYg5qPIs0vLJl5iRN4rFYaHevKby1Hb-joh0DllVlfRnTecPU1OflITXrDRQvo--GPKuusAeRcZeJHZvOIJC7rM50LkjO4z7UlSj HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA6dTPfO4jmrITwDXka2eXI&google_cver=1&google_push=AYg5qPIs0vLJl5iRN4rFYaHevKby1Hb-joh0DllVlfRnTecPU1OflITXrDRQvo--GPKuusAeRcZeJHZvOIJC7rM50LkjO4z7UlSj&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wA96jobbRR6ms5cUN1Kgqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIs0vLJl5iRN4rFYaHevKby1Hb-joh0DllVlfRnTecPU1OflITXrDRQvo--GPKuusAeRcZeJHZvOIJC7rM50LkjO4z7UlSj

Request Chain 169

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXh2qj-MAOlEjum_jmt03E&google_cver=1&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwpHSYmq2v8kAuUX_2_gWb8czpc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVDBMMTYtRC1HQlhS&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwpHSYmq2v8kAuUX_2_gWb8czpc

Request Chain 170

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy

Request Chain 174

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2F52A4F56BEEE0402E27197F93117961BC80AAAA.7243EDE9A241D74E58DEBB2A4954B8947FB141EC/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79AE5656F258A2FF1045EF617F388919D4E4A8F8.504502F3BE9637F1ACC89DE75C82BBF9D6193128/key/cms1/cms_redirect/yes/mh/Vv/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5edns7/ms/onc/mt/1647872677/mv/m/mvi/2/pl/54/file/file.mp4

171 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fimdejogo.com.br/
Redirect Chain

http://www.fimdejogo.com.br/
https://fimdejogo.com.br/

127 KB
17 KB

482ms
188ms

Document
text/html

167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

a8db0c3ffa957c5358f947902ff58c5e58d2a3b09492cbbebdc2eff5b44d9bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx-rc
date: Mon, 21 Mar 2022 14:29:21 GMT
content-type: text/html; charset=UTF-8
content-length: 17314
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Mon, 21 Mar 2022 09:50:16 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Mon, 21 Mar 2022 14:29:21 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

Redirect headers

Server: nginx-rc
Date: Mon, 21 Mar 2022 14:29:21 GMT
Content-Type: text/html
Content-Length: 174
Connection: keep-alive
Location: https://fimdejogo.com.br/

GET
H2 200 style.min.css
fimdejogo.com.br/wp-includes/css/dist/block-library/ 81 KB
11 KB 98ms
97ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 19:16:34 GMT
server: nginx-rc
etag: W/"6217d992-145a9"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 content_elements.crush.css
fimdejogo.com.br/wp-content/plugins/bold-page-builder/css/front_end/ 1 MB
49 KB 98ms
97ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.2.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

65c9b5b6949b47a975c677f7ef5fd187e6f2737684cc65388a6a2c0d4720e634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 18:28:13 GMT
server: nginx-rc
etag: W/"6228f1bd-143461"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 slick.css
fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/ 2 KB
757 B 98ms
97ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.2.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 18:28:13 GMT
server: nginx-rc
etag: W/"6228f1bd-6f0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 style.min.css
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 31 KB
5 KB 98ms
98ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/style.min.css?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

37106cb7f5b3d70297ca032b38d4645d828500a3f86c181a9f9992bc9be07162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:14 GMT
server: nginx-rc
etag: W/"6199261a-7d2d"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 styles.css
fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 99ms
98ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 19:22:13 GMT
server: nginx-rc
etag: W/"6217dae5-aab"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 bootstrap.min.css
fimdejogo.com.br/wp-content/themes/islemag/css/ 120 KB
18 KB 99ms
98ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/css/bootstrap.min.css?ver=3.3.5

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-1deb0"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 style.css
fimdejogo.com.br/wp-content/themes/islemag/ 110 KB
18 KB 99ms
98ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/style.css?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

8f1b4f982ba63c394201dc76f4cb9de87d22bf21973c17595b6b1f140c7a1f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-1b6b6"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 font-awesome.min.css
fimdejogo.com.br/wp-content/themes/islemag/css/ 28 KB
6 KB 99ms
99ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-718b"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

717c9554069f56045165bcce3d790e2ae5b8eb4dfa894d8c1023e8e61095e541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 14:28:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:29:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:29:22 GMT

GET
H2 200 tmm_style.css
fimdejogo.com.br/wp-content/plugins/team-members/inc/css/ 6 KB
2 KB 105ms
102ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:23 GMT
server: nginx-rc
etag: W/"61992623-17a9"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 jquery.min.js Show response
fimdejogo.com.br/wp-includes/js/jquery/ 87 KB
30 KB 195ms
192ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-15db1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 jquery-migrate.min.js Show response
fimdejogo.com.br/wp-includes/js/jquery/ 11 KB
4 KB 195ms
192ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-2bd8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 slick.min.js Show response
fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/ 42 KB
10 KB 195ms
193ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.2.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 18:28:13 GMT
server: nginx-rc
etag: W/"6228f1bd-a76f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/ 20 KB
7 KB 196ms
193ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.2.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 18:28:13 GMT
server: nginx-rc
etag: W/"6228f1bd-4ef8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 content_elements.js Show response
fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/ 26 KB
6 KB 196ms
193ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.2.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

262887ef66bfdd2b900f3b991f5b48e15e9094c81c08374a2c525b1eac4ac9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 09 Mar 2022 18:28:13 GMT
server: nginx-rc
etag: W/"6228f1bd-6724"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 jquery.dd.js Show response
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 52 KB
11 KB 196ms
193ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

2c92c34625d4600a4de6afaadd1de8d30b91082e0d54425dcfe61970515e65e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:14 GMT
server: nginx-rc
etag: W/"6199261a-cf7c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 cc.main.js Show response
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 27 KB
5 KB 196ms
194ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

20b7f01651c2024da3d22705dcf5400577e0d161d12652d6ffa4738e9217f59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:14 GMT
server: nginx-rc
etag: W/"6199261a-6c4c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 27ms
7ms Script
text/javascript 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-21.fra50.r.cloudfront.net

Software

Resource Hash

414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:26:58 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 144
etag: W/"2e0e3-tEY0wJEY/wwExgi0NrFi684gQTw"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: VVjEwcOoh1WjbZ_KzN7xnFIyEP6gcjPQyYtd1d5Dyih4GFNg_rpZvw==

GET
H2 200 st_insights.js Show response
ws.sharethis.com/button/ 26 KB
8 KB 44ms
10ms Script
application/javascript 2600:9000:224a:7400:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather&ver=1646166278

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:7400:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

149bccf7e467541fc83e870e967ac322b26065e5d6797169c8a677a67db07e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 03:18:04 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 213079
x-cache: Hit from cloudfront
content-length: 7654
server: nginx/1.20.1
etag: W/"61e1c3a9-6746"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: cT_A0zgxKSL5icAs0VCJfENy1m2lbOF9Lh9F5Ul-_RX1GKsPRinPmg==
expires: Tue, 22 Mar 2022 03:18:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 51ms
29ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e46dadd61ce1431d7fcc5b0980e706f3e8275586d6d01f1565ffbddb5016690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54742
x-xss-protection: 0
server: cafe
etag: 10097719965994088681
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:29:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 155ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:22 GMT
Content-Encoding: gzip
Age: 1459
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CEC)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 script.js Show response
analytics.hostwp.club/js/ 746 B
658 B 736ms
128ms Script
application/javascript 198.58.120.109
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.hostwp.club/js/script.js

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

198-58-120-109.ip.linodeusercontent.com

Software

nginx-rc /

Resource Hash

b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 08 Jan 2022 12:52:24 GMT
server: nginx-rc
etag: W/"61d98908-2ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:23 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
fimdejogo.com.br/wp-includes/js/mediaelement/ 11 KB
3 KB 196ms
194ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-2bf8"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 wp-mediaelement.min.css
fimdejogo.com.br/wp-includes/js/mediaelement/ 4 KB
1 KB 196ms
194ms Stylesheet
text/css 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-105a"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 islemag-wigdet.js Show response
fimdejogo.com.br/wp-content/themes/islemag/js/ 2 KB
603 B 196ms
194ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/js/islemag-wigdet.js?ver=1.0.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

d940cacfc0e42a2a8042b5127fdff6410119e4b9edf2450ecc993614dfafee9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-61d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 regenerator-runtime.min.js Show response
fimdejogo.com.br/wp-includes/js/dist/vendor/ 6 KB
3 KB 197ms
195ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 19:16:34 GMT
server: nginx-rc
etag: W/"6217d992-195e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 wp-polyfill.min.js Show response
fimdejogo.com.br/wp-includes/js/dist/vendor/ 19 KB
7 KB 197ms
195ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 19:16:34 GMT
server: nginx-rc
etag: W/"6217d992-4b3d"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 index.js Show response
fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/js/ 9 KB
3 KB 197ms
195ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 19:22:13 GMT
server: nginx-rc
etag: W/"6217dae5-25f8"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 script.index.js Show response
fimdejogo.com.br/wp-content/themes/islemag/js/ 2 KB
632 B 197ms
195ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/js/script.index.js?ver=1.0.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

6f33d75dffd628cdf7ac8e2505ea514d22e6394078d5ec5d16d935ba0995107d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-72e"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 script.all.js Show response
fimdejogo.com.br/wp-content/themes/islemag/js/ 7 KB
2 KB 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/js/script.all.js?ver=1.0.1

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

a8545e41a271b2c693fac9a459bc37c068eae50d717b3f4faa67b1023b9d538a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-1a5c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 owl.carousel.min.js Show response
fimdejogo.com.br/wp-content/themes/islemag/js/ 42 KB
11 KB 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/js/owl.carousel.min.js?ver=2.0.0

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-a76c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 smush-lazy-load.min.js Show response
fimdejogo.com.br/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.5

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 26 Jan 2022 18:29:22 GMT
server: nginx-rc
etag: W/"61f19302-1ef2"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
fimdejogo.com.br/wp-includes/js/mediaelement/ 154 KB
35 KB 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-267aa"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
fimdejogo.com.br/wp-includes/js/mediaelement/ 1 KB
764 B 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-4a9"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 wp-mediaelement.min.js Show response
fimdejogo.com.br/wp-includes/js/mediaelement/ 906 B
676 B 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.9.2

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-38a"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 vimeo.min.js Show response
fimdejogo.com.br/wp-includes/js/mediaelement/renderers/ 6 KB
2 KB 197ms
196ms Script
application/javascript 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-1940"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 5b898832f365de0011fdf3f2.js Show response
buttons-config.sharethis.com/js/ 30 B
425 B 412ms
394ms Script
text/javascript 2600:9000:2156:9800:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5b898832f365de0011fdf3f2.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:9800:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
last-modified: Fri, 31 Aug 2018 18:25:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "e6e1643313740711175f51662a65b42f"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: GM2wq1x9Rk0l5UU42yrxFuVNIeOjPUrbnvbOiaCr47d8BCSywPDqEA==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
403 B 34ms
10ms XHR
text/plain 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=fimdejogo.com.br&location=%2F&product=ga&url=https%3A%2F%2Ffimdejogo.com.br%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20-%20Um%20olhar%20diferente%20do%20esporte%20-%20Fim%20de%20Jogo&cms=unknown&publisher=5b898832f365de0011fdf3f2&sop=true&version=st_sop.js&lang=en&description=Um%20olhar%20diferente%20do%20esporte%2C%20com%20a%20vis%C3%A3o%20focada%20na%20prefer%C3%AAncia%20do%20torcedor%2C%20do%20que%20ele%20precisa%20e%20tem%20curiosidade%20de%20entender.%20Al%C3%A9m%20da%20cobertura%20no%20Maracan%C3%A3%2C%20Nilton%20Santos%2C%20S%C3%A3o%20Janu%C3%A1rio%2C%20Volta%20Redonda%2C%20Ilha%2C%20cobertura%20em%20outros%20esportes%2C%20como%20basquete%2C%20t%C3%AAnis%2C%20volei.

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://fimdejogo.com.br
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 analytics.js Show response
google-analytics.com/ 49 KB
20 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/analytics.js

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5519
date: Mon, 21 Mar 2022 12:57:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 21 Mar 2022 14:57:23 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 hero_home_02.jpg
fimdejogo.com.br/wp-content/uploads/2017/12/ 100 KB
88 KB 97ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2017/12/hero_home_02.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

99a62f93024e0662926aa4c55cab9e5da3a0578900bd69a4581a33ea53cb01d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:39 GMT
server: nginx-rc
etag: W/"61992633-18fe1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 WhatsApp-Image-2018-08-28-at-20.08.05.jpeg
fimdejogo.com.br/wp-content/uploads/2018/08/ 36 KB
35 KB 97ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2018/08/WhatsApp-Image-2018-08-28-at-20.08.05.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

4875df18359ae0da0d35b4c10f82c07e15932414913a04c7509ee742236564eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:44 GMT
server: nginx-rc
etag: W/"61992638-905d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 fontawesome-webfont.woff2
fimdejogo.com.br/wp-content/themes/islemag/fonts/ 70 KB
71 KB 96ms
96ms Font
font/woff2 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fimdejogo.com.br/wp-content/themes/islemag/fonts/fontawesome-webfont.woff2?v=4.6.3

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0
Origin: https://fimdejogo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:45:34 GMT
server: nginx-rc
etag: W/"6199262e-118d8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fimdejogo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:07 GMT
x-content-type-options: nosniff
age: 488655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:07 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v26/ 46 KB
46 KB 40ms
16ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fimdejogo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 06:13:05 GMT
x-content-type-options: nosniff
age: 548177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 06:13:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fimdejogo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 413932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:30 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fimdejogo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 413931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:31 GMT

GET
H2 200 facebook.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 584 B
863 B 96ms
95ms Image
image/png 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Mar 2022 20:24:38 GMT
server: nginx-rc
etag: W/"621e8106-248"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 twitter.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 2 KB
2 KB 97ms
96ms Image
image/png 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Mar 2022 20:24:38 GMT
server: nginx-rc
etag: W/"621e8106-6e2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 youtube.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 2 KB
3 KB 97ms
96ms Image
image/png 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/youtube.png

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

4ae9ddae3a7d2fcaa1dad375bdda6496f34adea77e4646118e090a80ba752856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Mar 2022 20:24:38 GMT
server: nginx-rc
etag: W/"621e8106-96c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 instagram.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 1 KB
1 KB 97ms
96ms Image
image/png 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/instagram.png

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

db8c71654a10f884bff18344cc548c8302dbb9c4b64d4d7bcf308a6200d2e7f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Mar 2022 20:24:38 GMT
server: nginx-rc
etag: W/"621e8106-42c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 20200203_cpupo_flaxcea_2020-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2020/02/ 4 KB
5 KB 98ms
95ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2020/02/20200203_cpupo_flaxcea_2020-110x110.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

42269c258d4e383fec2a898675c7a4ca5ee58ad3216871a99bb55c4058977521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:48:16 GMT
server: nginx-rc
etag: W/"619926d0-11df"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 WhatsApp-Image-2021-05-24-at-23.05.08-110x110.jpeg
fimdejogo.com.br/wp-content/uploads/2021/05/ 4 KB
5 KB 99ms
96ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-24-at-23.05.08-110x110.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

3636de76205aab18eb531d8c3af3b9d550972b60f1200c8ab3fbaf11ba470919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:51:27 GMT
server: nginx-rc
etag: W/"6199278f-11fa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 WhatsApp-Image-2021-09-14-at-16.42.37-110x110.jpeg
fimdejogo.com.br/wp-content/uploads/2021/09/ 4 KB
4 KB 99ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2021/09/WhatsApp-Image-2021-09-14-at-16.42.37-110x110.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

e0e5ba0e1838d8bf5f1a01546084f82964c857e7bf5cee2cb0d9178dd5195d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:53:42 GMT
server: nginx-rc
etag: W/"61992816-f66"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 WhatsApp-Image-2022-03-16-at-16.41.32-110x110.jpeg
fimdejogo.com.br/wp-content/uploads/2022/03/ 6 KB
6 KB 99ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/03/WhatsApp-Image-2022-03-16-at-16.41.32-110x110.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

44d82d364ee3801a99dae402638440c27d584cff04f65ebe44beed9c3b0f891d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 16 Mar 2022 19:43:14 GMT
server: nginx-rc
etag: W/"62323dd2-161d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 maracana-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/03/ 4 KB
4 KB 99ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/03/maracana-110x110.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

d48b84dbad35cdffcfe8a21f0633a757af7e0844e7f9bb511baf0450ed12bced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 15 Mar 2022 22:22:44 GMT
server: nginx-rc
etag: W/"623111b4-f71"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 20220220_rioopen_cpupo_3995-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/02/ 4 KB
5 KB 99ms
97ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/02/20220220_rioopen_cpupo_3995-110x110.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

94c70406aa0c3e261cb6636c0a565f0a23a6597c774afce9ed472b435a9b07df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 21 Feb 2022 03:14:21 GMT
server: nginx-rc
etag: W/"6213038d-11ab"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 20220320_flaxvas_cpupo_11686-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/03/ 28 KB
28 KB 99ms
98ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/03/20220320_flaxvas_cpupo_11686-420x420.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

dffadbf147983987335df1ce9da3b183b5d86c1284fe8d46315b32fc90f80f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sun, 20 Mar 2022 22:16:44 GMT
server: nginx-rc
etag: W/"6237a7cc-6ecc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 tour-maracana-12-420x420.jpeg
fimdejogo.com.br/wp-content/uploads/2022/01/ 52 KB
52 KB 99ms
98ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/01/tour-maracana-12-420x420.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

30c7de3267ee505cf34f482f6ace7a59e2df634a7c63c1b2ec2d60991955e83d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:29:39 GMT
server: nginx-rc
etag: W/"61e82e63-cff9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 Flu-Libertadores-420x420.jpeg
fimdejogo.com.br/wp-content/uploads/2022/03/ 45 KB
45 KB 99ms
98ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2022/03/Flu-Libertadores-420x420.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

513cf32ceee28c34904e1f9f2f8ba382ef09d72dbaa6753ab4877cd8c562f6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 18:42:13 GMT
server: nginx-rc
etag: W/"62338105-b208"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 20200203_cpupo_flaxcea_2020-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2020/02/ 33 KB
33 KB 99ms
98ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2020/02/20200203_cpupo_flaxcea_2020-420x420.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

3f88164ab95992bbf6c96870f86e8fc024890f11e309d5e0688a5d1ee316b634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:48:16 GMT
server: nginx-rc
etag: W/"619926d0-84b9"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 WhatsApp-Image-2021-05-24-at-23.05.08-420x420.jpeg
fimdejogo.com.br/wp-content/uploads/2021/05/ 37 KB
38 KB 99ms
98ms Image
image/jpeg 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-content/uploads/2021/05/WhatsApp-Image-2021-05-24-at-23.05.08-420x420.jpeg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

91e48fbf064b5abf1f1ddb81119158a3f2eed6aca62cf5fc7baae0ac50875dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:51:23 GMT
server: nginx-rc
etag: W/"6199278b-9596"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 59ms
29ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3221651103697de1efb29b38ac3a8611476981904f54a123a5ff44a2da5b905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Mon, 21 Mar 2022 14:29:22 GMT

GET
H2 200 mejs-controls.svg
fimdejogo.com.br/wp-includes/js/mediaelement/ 4 KB
2 KB 95ms
94ms Image
image/svg+xml 167.172.26.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fimdejogo.com.br/wp-includes/js/mediaelement/mejs-controls.svg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.172.26.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 20 Nov 2021 16:23:58 GMT
server: nginx-rc
etag: W/"6199211e-11f6"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Wed, 20 Apr 2022 14:29:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
409 B 38ms
16ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=361113184&t=pageview&_s=1&dl=https%3A%2F%2Ffimdejogo.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Um%20olhar%20diferente%20do%20esporte%20-%20Fim%20de%20Jogo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=960662479&gjid=798192902&cid=1853582092.1647872963&tid=UA-123684775-1&_gid=1270926907.1647872963&_r=1&_slc=1&z=678830452

Requested by

Host: google-analytics.com
URL: https://google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fimdejogo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fimdejogo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 56ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108579
x-xss-protection: 0
server: cafe
etag: 4861168965344539476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:29:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 0AE1 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 20 Mar 2022 20:47:02 GMT
expires: Sun, 03 Apr 2022 20:47:02 GMT
cache-control: public, max-age=1209600
age: 63740
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 watch
www.youtube.com/ 0
0 108ms
90ms Media
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youtube.com/watch?v=V-HOoqhBtDI&_=1
Requested by: Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fimdejogo.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 3197 319 KB
104 KB 40ms
38ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Ffimdejogo.com.br
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 489230
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Mar 2022 14:29:22 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123684775-1&cid=1853582092.1647872963&jid=960662479&gjid=798192902&_gid=1270926907.1647872963&_u=IEBAAEAAAAAAAC~&z=1537917338

Requested by

Host: google-analytics.com
URL: https://google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fimdejogo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Mar 2022 14:29:22 GMT
content-type: text/plain
access-control-allow-origin: https://fimdejogo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/577098c0/www-widgetapi.vflset/ 152 KB
49 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abae6e19ed0784a432e61a5f9915cbff9a587062c7a1f2c9b4bc7ab2ea06d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50182
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 21 Mar 2023 14:16:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
648 B 76ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fimdejogo.com.br&callback=_gfp_s_&client=ca-pub-2596403114691989

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bab555606324a699dae6549dbab9a4638c08b667de0eed996665962579d662b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28CD 127 KB
37 KB 669ms
654ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&adk=1812271804&adf=3025194257&lmt=1647856216&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffimdejogo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872962685&bpp=3&bdt=639&idt=106&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8703383479584&frm=20&pv=2&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db90f430d966448bfdbd72f8e1a6fccc9a11333b32ac4760d061fe45cfe9c11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:29:23 GMT
server: cafe
content-length: 37581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:29:23 GMT
cache-control: private

GET
H3 200 V-HOoqhBtDI Show response
www.youtube.com/embed/ Frame 074A 60 KB
25 KB 80ms
79ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

145bdcf13567621166cc0d57f3dd7b77fe27b35f80633ad6cda3ddb2b16c3ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 21 Mar 2022 14:29:22 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3197 293 B
467 B 136ms
117ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1845527deda56769c6fddf8e263d8fb9a3929960

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Ffimdejogo.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 109
date: Mon, 21 Mar 2022 14:29:22 GMT
content-encoding: gzip
last-modified: Mon, 21 Mar 2022 14:29:22 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 8b16b160516a2360ce864f7696daa12a5e5096ef503bea52c3cca55a0427dffb
content-length: 186

GET
H3 200 www-player.css
www.youtube.com/s/player/577098c0/ Frame 074A 338 KB
46 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47168
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/577098c0/www-embed-player.vflset/ Frame 074A 280 KB
86 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88175
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame 074A 2 MB
524 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6117cce9a5c9be508a185bf3a3d87b342defac6f4847e589290d6cc26095582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536820
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:53 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/ Frame 074A 9 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:25:07 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 074A 15 KB
15 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 508961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Mar 2023 17:06:41 GMT

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 39ms
38ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:23 GMT
Content-Encoding: gzip
Age: 489232
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE7)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 76ms
37ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:23 GMT
Content-Encoding: gzip
Age: 489228
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CEC)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 074A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

17ms
15ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d51dd8697304b6dab1fc52044874b36a5d11c5cc33b9ba60aa917bacf342dd83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 074A 29 B
588 B 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:14:42 GMT
x-content-type-options: nosniff
age: 881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Mar 2022 14:29:42 GMT

GET
H2 200 lIPGkH8n_LcZYImy_O0HTm-_n1ywMDGHACZIRMMCL6I.js Show response
www.google.com/js/th/ Frame 074A 35 KB
14 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/lIPGkH8n_LcZYImy_O0HTm-_n1ywMDGHACZIRMMCL6I.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9483c6907f27fcb7196089b2fced074e6fbf9f5cb030318700264844c3022fa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13799
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 12:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 11:12:42 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/ Frame 074A 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6088be74a556ff4b78944a782ec9ca019491945dc9b64d38a6122fea50acf335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 16:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 338602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8122
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:17:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Mar 2023 16:26:01 GMT

GET
DATA 200
OK truncated
/ Frame 074A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQZNku6A42EVzAIxQDrC4uXYggm4a0vzxBR2OzXqw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 074A 3 KB
4 KB 50ms
21ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQZNku6A42EVzAIxQDrC4uXYggm4a0vzxBR2OzXqw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

333147ef6f75a758f699800d4970402c617a3c0d1214cd528f9720f7b76339d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3295
x-xss-protection: 0
server: fife
etag: "v105"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 16 Mar 2022 23:27:13 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/V-HOoqhBtDI/ Frame 074A 3 KB
4 KB 53ms
25ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/V-HOoqhBtDI/default.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d70312535fbd2b2f1a1c18f5985c53f227088c70960a79950b5a45c1127ac892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3185
x-xss-protection: 0
server: sffe
etag: "1646776876"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Mar 2022 16:29:23 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 120 KB
8 KB 392ms
272ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_fimdejogo_old&dnt=false&domain=fimdejogo.com.br&lang=pt&screen_name=fimdejogo&suppress_response_codes=true&t=1830969&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

5429e131e3e1183da24c317a94b32caf436991c41da64132e50fa0f4f3f1f252

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=233
content-length: 8062
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 207
last-modified: Mon, 21 Mar 2022 14:29:23 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 35b3b2a12b89b8f4f9dc689933ca2333e601bf995e47e27fc097e34d8c1be6bc
timing-allow-origin: *
x-transaction: 08612e3ddd11c12c
expires: Mon, 21 Mar 2022 14:34:23 GMT

POST
H2 200 event Show response
analytics.hostwp.club/api/ 3 B
381 B 281ms
281ms XHR
text/html 198.58.120.109
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.hostwp.club/api/event

Requested by

Host: analytics.hostwp.club
URL: https://analytics.hostwp.club/js/script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

198-58-120-109.ip.linodeusercontent.com

Software

nginx-rc /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fimdejogo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json, text/javascript; charset=UTF-8

Response headers

date: Mon, 21 Mar 2022 14:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx-rc
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 59
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fimdejogo.com.br
cache-control: private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-limit: 60
expires: -1

OPTIONS
H2 204 event
analytics.hostwp.club/api/ Frame 0
0 818ms
429ms Preflight 198.58.120.109
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.hostwp.club/api/event

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

198-58-120-109.ip.linodeusercontent.com

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fimdejogo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx-rc
date: Mon, 21 Mar 2022 14:29:23 GMT
cache-control: no-cache, private
access-control-allow-origin: https://fimdejogo.com.br
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/V-HOoqhBtDI/ Frame 074A 30 KB
30 KB 40ms
16ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/V-HOoqhBtDI/hqdefault.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0380ee1d5c7c67078ed5ae469ef6ebc923ed2b6a43a00b93297496d26b9bc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31005
x-xss-protection: 0
server: sffe
etag: "1646776876"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 21 Mar 2022 16:29:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 074A 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?oywk-A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 151 KB
54 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0766e37797ed71aa16735a33a049c8e38950de648892e3fa64cb38e65af64e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54936
x-xss-protection: 0
server: cafe
etag: 9347305360392122244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Mar 2022 14:29:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89AC 73 KB
24 KB 652ms
651ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad485bd58e6fe39a768b5c7f8cfb02c5adee5744d1e306f7c387446337bb71e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Mar 2022 14:29:24 GMT
server: cafe
content-length: 24448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Mar 2022 14:29:24 GMT
cache-control: private

GET
H2 200 ZVT57L2W
pbs.twimg.com/card_img/1505687296770813958/ Frame FDC2 35 KB
35 KB 142ms
20ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1505687296770813958/ZVT57L2W?format=jpg&name=600x314

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

7e11527c64e7ef627227a12c9063413e5eef860a05bd70c9a8aa0981f5fc52af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 54134
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=15
content-length: 35936
x-response-time: 338
surrogate-key: card_img card_img/bucket/5 card_img/1505687296770813958
last-modified: Sun, 20 Mar 2022 23:24:40 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 911579c741784fcda6ded0019e09ce1efab9ff04a5f2224743f3bbe7a2afe2b4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ Frame FDC2 53 KB
12 KB 43ms
41ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEE) /
Resource Hash: 32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:23 GMT
Content-Encoding: gzip
Age: 489231
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CEE)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 41ms
39ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.dark.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEE) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:23 GMT
Content-Encoding: gzip
Age: 489231
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 12179
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CEE)
Etag: "436682de2fd3039cb30ca50d238371c0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 20ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 21ms
21ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fimdejogo.com.br

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame F102 10 KB
4 KB 12ms
11ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 20 Mar 2022 22:52:58 GMT
expires: Sun, 03 Apr 2022 22:52:58 GMT
cache-control: public, max-age=1209600
age: 56185
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 XvPdq3Zd_normal.jpg
pbs.twimg.com/profile_images/1503173941514293250/ Frame FDC2 2 KB
2 KB 31ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1503173941514293250/XvPdq3Zd_normal.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

7d430451dd6218e60bcf3ca6e84d1f7e90ea3e5f8e0416514ccea28f063512e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 46930
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2111
x-response-time: 113
surrogate-key: profile_images profile_images/bucket/9 profile_images/1503173941514293250
last-modified: Mon, 14 Mar 2022 00:57:29 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5043fd712b631c52607168aa473a7914268f5fa2d4cff7ee9a3ad526c9358745
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 qiXHKXNn_normal.jpg
pbs.twimg.com/profile_images/1505732213551292419/ Frame FDC2 2 KB
3 KB 30ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1505732213551292419/qiXHKXNn_normal.jpg

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

c22a1a45c8f0ceb0c5fc6e9b0b440c78272c41bccb878d2665d83c7f66dcc0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 43431
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 2111
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/1 profile_images/1505732213551292419
last-modified: Mon, 21 Mar 2022 02:23:09 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a36be87607cfc0cd6152bf89b13b8a771e8636e446534646bc3c7ecc342cebad
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOVRicGXIAIKvy1
pbs.twimg.com/media/ Frame FDC2 32 KB
32 KB 39ms
16ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOVRicGXIAIKvy1?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

162330daa0b027ec12acf0dfbfdbf19224849ca0090a038d696b8e282013bd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 49515
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=10
content-length: 33000
x-response-time: 258
surrogate-key: media media/bucket/1 media/1505699302525575170
last-modified: Mon, 21 Mar 2022 00:12:22 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11c40f57b8be05ad59fa1fc526c232959a2aab0293ef1aa5dd27102a8af24a91
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3n8k3bsbxP3NL-R8
pbs.twimg.com/ext_tw_video_thumb/1505692828969705476/pu/img/ Frame FDC2 19 KB
20 KB 31ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505692828969705476/pu/img/3n8k3bsbxP3NL-R8?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

89bcb21c46257b4aa437c57358d2bee052368acce05e2974a80f530aed5a0c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 52692
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 19906
x-response-time: 315
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1505692828969705476
last-modified: Sun, 20 Mar 2022 23:46:39 GMT
server: ECS (frb/6713)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 64c30f16d13313ae4344fc66e1bd638d4ff6b4a6ea5ae5487e9b6045dbf45817
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1y0kxv6UpYxLdgnF
pbs.twimg.com/ext_tw_video_thumb/1505672959125565443/pu/img/ Frame FDC2 20 KB
21 KB 33ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505672959125565443/pu/img/1y0kxv6UpYxLdgnF?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/669E) /

Resource Hash

b8aca29145b6992f815d0db022dc483714a682b6e09625167cf199f688526ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 57362
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 20976
x-response-time: 325
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/4 ext_tw_video_thumb/1505672959125565443
last-modified: Sun, 20 Mar 2022 22:27:42 GMT
server: ECS (frb/669E)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0bbe7763da9de19d44b71c6c97bde290ae1866476b15fba7688492f8d3e453f6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 sCEbOIstbvOre2f3
pbs.twimg.com/ext_tw_video_thumb/1505661269138980864/pu/img/ Frame FDC2 12 KB
12 KB 12ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505661269138980864/pu/img/sCEbOIstbvOre2f3?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6795) /

Resource Hash

769a140d14493f4bb0d32475613445ef691c56cd616ed79ae4fa46bad5d156ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 60342
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
content-length: 12430
x-response-time: 224
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/2 ext_tw_video_thumb/1505661269138980864
last-modified: Sun, 20 Mar 2022 21:41:15 GMT
server: ECS (frb/6795)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cd4b14e85a9f117611c8e702eab83f2e1380ec6dd96998e3d077ab60bf9b078e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOUujSkXoAM2v21
pbs.twimg.com/media/ Frame FDC2 39 KB
40 KB 31ms
26ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOUujSkXoAM2v21?format=jpg&name=small

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67AA) /

Resource Hash

38529dac65b645f12664da3b8d53a066fc3cee379907f41981674e426cec7c22

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 60398
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=15
content-length: 40292
x-response-time: 226
surrogate-key: media media/bucket/9 media/1505660834239979523
last-modified: Sun, 20 Mar 2022 21:39:31 GMT
server: ECS (frb/67AA)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bc05191b7cb796023a0feef4e04a17262d05f95bf9c833f2697f86c1daf4f2c4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOUqcPXXwAkDW3p
pbs.twimg.com/media/ Frame FDC2 18 KB
18 KB 22ms
17ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOUqcPXXwAkDW3p?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

e93377c902d3df46a89eed7cff2a1810d6f5ef29c05b97f5e67b3f5fbad52e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 5998
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=11
content-length: 18434
x-response-time: 265
surrogate-key: media media/bucket/4 media/1505656315074560009
last-modified: Sun, 20 Mar 2022 21:21:33 GMT
server: ECS (frb/67F3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d48c5fc17f058ca86ff636367eceaa7cc2a642273f31687a42ca585c20c80a9b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 XJ35trQRQ1FWTWbu
pbs.twimg.com/ext_tw_video_thumb/1505655537026879489/pu/img/ Frame FDC2 18 KB
18 KB 14ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505655537026879489/pu/img/XJ35trQRQ1FWTWbu?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6724) /

Resource Hash

b5c2c5d3c5a2cedf4dacc156a80c3ec5168f18ff77d05baa769e3119a2696b41

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 61658
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=4
content-length: 18414
x-response-time: 379
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/3 ext_tw_video_thumb/1505655537026879489
last-modified: Sun, 20 Mar 2022 21:18:28 GMT
server: ECS (frb/6724)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f050d19f191ce8aefe2196a01bec85965ab39150489793d0a2ecdd74b6cb77bb
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOUo18PWYAE3jxk
pbs.twimg.com/media/ Frame FDC2 15 KB
15 KB 35ms
30ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOUo18PWYAE3jxk?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

af1c61dcdd7264f26b5b0736f83da4b38d3e4db307d0c089090e42dde20b2d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 61636
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=16
content-length: 14955
x-response-time: 269
surrogate-key: media media/bucket/7 media/1505654557593985025
last-modified: Sun, 20 Mar 2022 21:14:34 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b0a762c6aa936bcfb1be3cb30b7bfc6af6769981d85a1efeca6aeadc2c1f0b77
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FOUnwVtWYAQPl8G
pbs.twimg.com/media/ Frame FDC2 18 KB
19 KB 30ms
25ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FOUnwVtWYAQPl8G?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6738) /

Resource Hash

9688be9ce9fe8bb4d51863d8794b04e4011129096c3bed5a49c9ba2fe18e806a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 5998
x-cache: MISS
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=14
content-length: 18776
x-response-time: 301
surrogate-key: media media/bucket/9 media/1505653361839857668
last-modified: Sun, 20 Mar 2022 21:09:49 GMT
server: ECS (frb/6738)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7ad132209f7fa483594fdd9e854a9e11da40eb9454e51df799102e4a900086ca
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 X25Ecz8HdOwJouG_
pbs.twimg.com/ext_tw_video_thumb/1505651228885368843/pu/img/ Frame FDC2 24 KB
24 KB 12ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505651228885368843/pu/img/X25Ecz8HdOwJouG_?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) /

Resource Hash

686ec5bbcb480c901884aa89f3ad5ebabd11844503cec9d7d7b7c358f41c1436

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 62665
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length: 24639
x-response-time: 333
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/0 ext_tw_video_thumb/1505651228885368843
last-modified: Sun, 20 Mar 2022 21:01:21 GMT
server: ECS (frb/67BC)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 150ded0c9f872dbe8806c4bdca2698605cadeea5264debd2ba86a37cd7063b94
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 PL8QqnXGDOC9QhhI
pbs.twimg.com/ext_tw_video_thumb/1505650740974563331/pu/img/ Frame FDC2 18 KB
18 KB 15ms
10ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1505650740974563331/pu/img/PL8QqnXGDOC9QhhI?format=jpg&name=360x360

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668B) /

Resource Hash

a90d0e756aa25e20a637e1f37d472c28dfcd56f39fe2430dd4f8c3b35ed0468f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 62760
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=4
content-length: 18639
x-response-time: 334
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/6 ext_tw_video_thumb/1505650740974563331
last-modified: Sun, 20 Mar 2022 20:59:24 GMT
server: ECS (frb/668B)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4206201600e593b7bdb050d4eff93ce0e9a4ee2820b8f93dce219afb6fe0912c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame FDC2 44 KB
7 KB 49ms
9ms Stylesheet
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356471
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: f2d71a88dc5e2516ed6eb8b6e7ac7b5ce3a09eb5474e23db12934ea2374fa4cf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 28 Mar 2022 14:29:23 GMT

GET
H2 200 syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 44 KB
44 KB 51ms
12ms Image
text/css 2606:2800:233:7ee2:97c:ab4c:6c70:be36
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356471
x-ton-expected-size: 45170
x-cache: HIT
vary: Accept-Encoding
content-length: 6839
x-response-time: 6
surrogate-key: tfw
last-modified: Tue, 14 May 2019 18:53:54 GMT
server: ECAcc (frc/8FC6)
etag: "4mhImCFS9rptiUICNnLD1g=="
strict-transport-security: max-age=631138519
content-type: text/css
access-control-allow-origin: *
x-connection-hash: f2d71a88dc5e2516ed6eb8b6e7ac7b5ce3a09eb5474e23db12934ea2374fa4cf
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Mon, 28 Mar 2022 14:29:23 GMT

GET
DATA 200
OK truncated
/ Frame FDC2 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame FDC2 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 css
fonts.googleapis.com/ Frame F102 8 KB
892 B 39ms
20ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 13:20:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:29:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:29:23 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame F102 2 KB
983 B 43ms
12ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:25:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F102 0
0 57ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmt2owos4Yp-ENJyY3gP4vZroBP-g7Ipps8XogcgPChABINKL8QhgleKQgqAHoAHHmoT5A8gBCakCuqeCYi6Msj6oAwHIA8sEqgTNAU_QkrObusta0z7daEyxEDBOwoaG_uwStXGbqelZm85Fp-qUTWAcXASWs-3NM0KCVkSnpLD15bsbwpdV-Z6BoksLF-dJNJqPCjHpRMmtuOPDzJgN342HD4qO7vX1-RPhj7bxROyTxv_hRdYSJhgdvmz7l2SNsHhqcghq1KXOQsI2yoBgTpR-DVPk6F-zqZ11EBoIOP0ohGfSE_XdQXAwaKxRoyDe-CtS0p5zor2sKst66pJzMWu70KFIsMfsA0z6SQjf08A9hO_tb7s3gkTABNSajO_3A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeF2Z7GAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKXYB9IICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwLQFQGAFwGyFxwKGggAEhRwdWItMjU5NjQwMzExNDY5MTk4ORgA&sigh=sKDmG855M20&uach_m=[UACH]&template_id=5000

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Mar 2022 14:29:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:29:23 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame F102 19 KB
8 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:23:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame F102 2 KB
1 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:25:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F102 117 KB
36 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:29:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame F102 15 KB
6 KB 40ms
11ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:24:42 GMT

GET
H2 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame F102 28 KB
12 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 415265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:55:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 19:08:18 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16223338051954444976/ Frame F102 21 KB
21 KB 23ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16223338051954444976/downsize_200k_v1?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

446582440b05ecec9020614cebc519b04d30f8c65f8e37b5be652542baccbe11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 15:38:38 GMT
x-content-type-options: nosniff
age: 255045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21631
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 15:12:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Mar 2023 15:38:38 GMT

GET
DATA 200
OK truncated
/ Frame F102 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3beba212b5067dcd13915e24790a1feed1932ab3895f4b42372387ec98a2dfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F102 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ZVT57L2W
pbs.twimg.com/card_img/1505687296770813958/ Frame FDC2 35 KB
35 KB 9ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1505687296770813958/ZVT57L2W?format=jpg&name=600x314

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67C2) /

Resource Hash

7e11527c64e7ef627227a12c9063413e5eef860a05bd70c9a8aa0981f5fc52af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:23 GMT
x-content-type-options: nosniff
age: 54134
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length: 35936
x-response-time: 338
surrogate-key: card_img card_img/bucket/5 card_img/1505687296770813958
last-modified: Sun, 20 Mar 2022 23:24:40 GMT
server: ECS (frb/67C2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ, VZ"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 911579c741784fcda6ded0019e09ce1efab9ff04a5f2224743f3bbe7a2afe2b4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame F102 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a34f2d0410e7673e3ff6ffb21364f610f547a058486bbabf4caf337d74ce021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FE7 35 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 21:13:03 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 89AC 19 KB
8 KB 29ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:23:06 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 89AC 8 KB
714 B 21ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 14:28:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 21 Mar 2022 14:29:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Mar 2022 14:29:24 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/ Frame 89AC 14 KB
3 KB 52ms
7ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 14:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 11:39:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:33:15 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/ Frame 89AC 350 KB
121 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e605563c0e14e3b421d248ea108748fe1d715b7170517bc5951c7c781aceba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 14:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 431769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123264
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 11:39:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Mar 2023 14:33:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 89AC 15 KB
6 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Apr 2022 14:24:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 89AC 0
0 43ms
22ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCtUqXcIzaM1DYEfjzZvLb43va04G7ptpKGdz2HtVKiQC88Dw9r7WUyBn0RaXJaDGj3C1chHhL19uN4ydsDqMDOmS7kA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame CAF6
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
633 B

44ms
38ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF3) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://fimdejogo.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 489229
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Mar 2022 14:29:24 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF3)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 21 Mar 2022 14:29:24 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 21 Mar 2022 14:29:24 GMT
x-transaction: 8ef244ceeb6cec84
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 129
x-connection-hash: 8b16b160516a2360ce864f7696daa12a5e5096ef503bea52c3cca55a0427dffb

POST
H2 204 csi
csi.gstatic.com/ Frame 89AC 0
327 B 733ms
254ms Ping
image/gif 2800:3f0:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l10t0kxl&c=602478997990&slotId=301239498995&qqid=CK_BhJW11_YCFQsAiwodF90O9A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:813::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 89AC 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 419585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 89AC 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 276081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:48:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89AC 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8tryw4s4Yu_TI4uArASXurugD8r9oo1phJqEq9oPkunS4LIBEAEg0ovxCGCV4pCCoAegAdPM988ByAEFqQI7spjHtIyyPqgDAcgDmwSqBPEBT9BTvQMlr7NFqTKUZh0QypgKIqHgCboCA0RGcbKma2aE7gYSliiqn05Vvg9qH69hv-volk8ZfIZ-KZ46g-x0ui1HntujFIaDac3jpDCeulQifUuoGb7ZMZ9XtJoMlH_FLd-9103VhGcQ9V92rRw-TgyvhodG6Q9SIJ7Ve-0Q0kDjAYjMBs0_k2yHw108Ec_8E6gDMfRwblllXYcGp8dQjhqXVX5IElBon2QVtogdmjT07v620fhapG1LJ1vUIVXglRfQAc0dX6ChfxYN9w87LyNYI99jssKWJ9PxAi7CAvUWHBjlVUxiObLzFf34we5vXMAE7eP1vuMD4AQDkAYBoAZ2gAeVs4iwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbATxNCvDtATANgTDYgUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1647872964354&ai=C8tryw4s4Yu_TI4uArASXurugD8r9oo1phJqEq9oPkunS4LIBEAEg0ovxCGCV4pCCoAegAdPM988ByAEFqQI7spjHtIyyPqgDAcgDmwSqBPEBT9BTvQMlr7NFqTKUZh0QypgKIqHgCboCA0RGcbKma2aE7gYSliiqn05Vvg9qH69hv-volk8ZfIZ-KZ46g-x0ui1HntujFIaDac3jpDCeulQifUuoGb7ZMZ9XtJoMlH_FLd-9103VhGcQ9V92rRw-TgyvhodG6Q9SIJ7Ve-0Q0kDjAYjMBs0_k2yHw108Ec_8E6gDMfRwblllXYcGp8dQjhqXVX5IElBon2QVtogdmjT07v620fhapG1LJ1vUIVXglRfQAc0dX6ChfxYN9w87LyNYI99jssKWJ9PxAi7CAvUWHBjlVUxiObLzFf34we5vXMAE7eP1vuMD4AQDkAYBoAZ2gAeVs4iwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbATxNCvDtATANgTDYgUBNgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89AC 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&eventType=canary_version_20220216_RC00&clientTime=1647872964357&ai=C8tryw4s4Yu_TI4uArASXurugD8r9oo1phJqEq9oPkunS4LIBEAEg0ovxCGCV4pCCoAegAdPM988ByAEFqQI7spjHtIyyPqgDAcgDmwSqBPEBT9BTvQMlr7NFqTKUZh0QypgKIqHgCboCA0RGcbKma2aE7gYSliiqn05Vvg9qH69hv-volk8ZfIZ-KZ46g-x0ui1HntujFIaDac3jpDCeulQifUuoGb7ZMZ9XtJoMlH_FLd-9103VhGcQ9V92rRw-TgyvhodG6Q9SIJ7Ve-0Q0kDjAYjMBs0_k2yHw108Ec_8E6gDMfRwblllXYcGp8dQjhqXVX5IElBon2QVtogdmjT07v620fhapG1LJ1vUIVXglRfQAc0dX6ChfxYN9w87LyNYI99jssKWJ9PxAi7CAvUWHBjlVUxiObLzFf34we5vXMAE7eP1vuMD4AQDkAYBoAZ2gAeVs4iwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbATxNCvDtATANgTDYgUBNgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 89AC 29 KB
16 KB 129ms
56ms XHR
text/xml 64.233.184.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CcwGygao9JX-H9C2o3yL_FXcGdQrL-e6-nDUc0dPJnQ_prQUHXiyMp7rcirspU9TfwbHmWMdOAFg5rtoL6kuekEmMdeQ&cry=1&dbm_d=AKAmf-DBsQpMkpoL47hzViUbKlNSNNIpycXQQ-5l6GDuypcB_apStVwjSHlJfRnaN8u_47eOFgYauHBHp94ZcKyrz8cyp4A6QbYVzMaY_XOjiHaOMDrat5l_xfglKfjjKD8N87gi1re0_0x-ISULaP7szGHNjdGojCdyaQ7h74_2HZCG_CZWsc2GZu12eQUwMIIJjWZS7NXC7Dbt03yEqSQqg2hqz3drA8mFf9Z3GZk2sqKARSW9lN9UpUQADG51Ixtq_vf4RUyoPxx5k0uHAtSnMdJsN89JIrTnvYSMMl0gslOsSD-YGwyeWztS115oEdxZiy8MjLs5AYSGaEjZb_GxA0H6bAi897w8LuYHrm_QjLdXuiWyAeF2wQF1Iq2nTU4hQdBlpzUj0BawBwTy1ySv3JzPH4ycAtF4BUgKbmKMjNCiJpaeIz-QShFzV1UmmjEnXASOy4g2Jv1pq-p-LEPX42QIkR0OQzfCfcy9n5TqsLSD3hOcVXIgFRCavyjGL96E8MEDEteR4keogSHlyHq6I9fMTcDxItFx6sUTMp454fkJyq3OgLa8nGLXNbEadzxm7jkGUuPVS8s3In3ETRhRsDjSc9yg6Q7BYAz2oV6lTPlcOXV-PFjoN0R9_tWD6vJx7VJ6Rbm9PgPOrhpIWkvromqZBAZ7xrsIeFVSC0g_VxknX77DxH5QEXGsW6Iq8gZ32eMw0sBwMy2H9qpOB8k6no7qcGvJGSnIPnYHbdfiDzR0prj69tGGWqG4XugdSvT_z_T7rtFvmK6kA7UgatWCcH0U7x9GrmJvjCJ6YS1ztbOgPpu5c43MAyFYKsD5NuKQNBWPIJSURcUPhjoVXYBf-HxXrdKp5nLlDeeyYhWEtK71haEvnFBYS6YCHsaYgwyewV9pM94g9UZTGmvCxBEFJ_uQMF-5_Q2ZztT2-rHMwVm1etNyJ6CjiAfrEbOOrY_6M5PKxjNT2r2O8HszW0YkcD4K6EYf5Is2QGyvqGehmJ2KT5P68wLOvNBBZgdFe8PSClkkUFvkJf6hpyjUNLtnYcId6ia8NgLI3Fe_I33zq2yblEPg9qpzxv8Ay2l6px64O13pjS3EajLQZ5QAX2208T8XEGWpBHyxQiPHyQNs8PZb7p_i4QFxIacTB0S5y0jxvZ-voQREP9nExzwGvAV91BIZiS20e63XL35h0tkx_NTOV_fl4Mb1AUjG0cIHbwij0QQ8NdOh5lKVKFyQEydoe-N8zdJcvdSYLzAdDH6MNeRpXEQ5SyTipMTEc4egDfwMe3ATPt--c6gu4_Zq0xWXuvNjV1IsP1waiFPr3CuCWOsaSVa03I0eGraFf_S-uZu6nOw3AUyDBSnHUFnZpr56pVijg6YZVqPd0Z5LLNryDnMIB4gRAcWPE5k74ro5qlDEhIiV2pwpRzzPes3ihYP1LID8v2aILEOWx17zpPxkEJclupAhKTICYZv4olez19EPoJXK2pqkhQxxpDXyuVdQ7YcEiyOtz0WQjQBkEN7GM5ZiXeCh-G0quRTwtIDArgB0aD2JlgRR28iSDrMeOMJBUWw3YDrZu8dvKt6NQpNQYLAsIwb25Ax4M0TjUtZWTNgyFFrkG4D_ftbPm2geKVx1PxfABtt9j8HBO90wq8nI2s0yZF9zcLwCKhc0yaDYecRL63flqQIhcuQBVpbD8urGnLwGUQjXPTnkNhrogGYccbbvQM0sygmn-wnTXIiOQPWbdjjKKWydEBBJo3BFdhmt6Ao-uyXXBeFZGG_qBbI8w7hEq1QT4LJrk_jIRmouo1tAOvjFyBSEeykcRPjJMokVH1ZnTTNQa2Z3ux91dBEyZs9VFWWPfGH5vyF7FedHhbubJp81PgHJyvv3DUWDcuVJ9dnO6DAOR6uvql8Cvnld1SdsDej89fMegsU9C-LgtxbkPIz0LVa_t_JOS1R5yeA72-9ZQM49vydP_yNkA2eVS1HE7LhcI1eQwQ6GsOdXExJhAJhmNwsxmW8sz4-S80gkre_LFaIQ1SC294WpBc0VDD2YeoJM1PP_wCj11bjDjR_-e93u9yDy_rDfF96YTAXXmXo1dUkdKruZF1aA-yoTkCGUyEUgSjZZvYslTIw-GoR9spJREIY0MmYt3KD68wqTSjuR5QdkRxMgRQnFklC6ccG-gpJ7XUTqfKxaYu2oiDkEqZRktiqxJWTtTLuietGvJzjyRf9iHaUVa1bf3SeflDiLCyO-o8DjCaGW1y55Zc5v9ci4Cr3c_g_u3gIMmiN_W7wjAuZmZyXRIzf5Z4E4RjgBc-CX0IZv_-ieWlM_LpZ-s772C4IhVJR29jDQfeiAFe_GgO9HlSn3ver6q6_Y2TIfr4mSmntU6S9OeqBU5TDdzAWLWd8f4LBLJ4Igb2XX0rMP1aNugyWksm3NPfd1KmfEqZsnoIB5BzW5b6OG9WMcBIQL7ee9pnpIrXxu4BSL9M8FD9KXtkTyydDSK1xlv4Ifv3DxQbwmlBUV7pL9_XX-WCl2uKATu3skOpUy3vyzJrL9jtK6UwXO3glDKVTLqT_YQABJgwo5ItaQq3AxOGORkyK3BIk2l2PAxVGL2H_-SrJcJ0qOJ4bs32hW5deEvQUxda83U2eVprowEmngyD3kFpo0tshGMerMUBWI9_T8EBrbQ-TVy4RzIDCGZ_F-kciXkxaMTkvSRJzXG6HJpyjzWf-fCPmKaAdJJtBkvtPT8tQAS-uueH4Zid5PobtBknFvydiUYQdWqnE46xw-a50MzaGFemxPqCpN32_zcRP47mtnOnmtb7WKzyYvCD5I9WHC2h8hlVwAYT_tUKXYz01sReuwBwzI0Zvb8NWuhoeF9IM5G4Ida9X7HiWWAaO3DB3FpbxjFS_8n-IGlwEUglBrob3wB6rt_xhszhwNTmqvrR0arXDWT75lH5mbC-7hILiB5YAIB8todaMF-1XHJQCaRYjz6wrIyF4Q7EmG4PKjlwT39CQnZCweYdHaV0mm48HljWwT85-39YPYAq4ppVgKzGhjvow2bt9fHUqnCcaBqWJ8S61FYWFy1-S1M7XfVJMNTgn6R2d4jDfL62YNcJmd34wfLosgS5O1gSXsQHe9Dx3TtVsEeO12FJzFtyEoVvaCA5Ch7FMOKVfvf5FkSshkqWuDZwvCcWFhAM-Zk4iDeqvkrYH8bbbQNW6szLIrJJCBcnI7lQLpmapq0R5u8whplHJipZBLXpRe_RYH_rCbVSh_l20JkvDHm9Pmi11k80_J5AMGGYEMmuyMlUzDPiT7o2Ou_mwh4axRL2Q-466V1mkCQYiyQ0bvy0XFES4SF0lj5m0ocT-mOtfFME3dhjtG0iUFssJwcUy9yZZPAPOUD014LAc6PyghQ8qIJxChQo6wsG12Zmq32pJZcqYn5mnsZGe5UZqcNXctKpORptL0E0COAq9f-Eq6g-gv3K1bi_9clRJokAuNQz5eGm0xlF80PK5S8AcXmthA9yczyRQZ3xp_phDD5IFBf7oI_qzbUf6mFfRCs4eZFGEfTd1eb2kSWKbCOATx&cid=CAASJeRo3RqkxdJoklZGDptGJQJomGD8gw_ITl9aSk62dJx-IvEIjSY&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f156.1e100.net

Software

cafe /

Resource Hash

50c7f9f9fa9a713998e0b35b436ea9bd5c006d8102c746d25816fa463a1682b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15713
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 89AC 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJf9Fw4s4Yu_TI4uArASXurugD8r9oo1phJqEq9oPkunS4LIBEAEg0ovxCGCV4pCCoAegAdPM988ByAEFqQI7spjHtIyyPqgDAaoE7gFP0FO9AyWvs0WpMpRmHRDKmAoioeAJugIDREZxsqZrZoTuBhKWKKqfTlW-D2ofr2G_6-iWTxl8hn4pnjqD7HS6LUee26MUhoNpzeOkMJ66VCJ9S6gZvtkxn1e0mgyUf8Ut373XTdWEZxD1X3atHD5ODK-Gh0bpD1IgntV77RDSQOMBiMwGzT-TbIfDXTwRz_wTqAMx9HBuWWVdhwanx1COGpdVfkgSUGifZBW2iB2aNPTu_u7QSjCsR6sVyXS_qu8h6KrJfj-TE5y5228y6i0zKeQp9ntlED0FH2D3O-waPcnJeiC65nQVqlG-Gvd1wATt4_W-4wPgBAOIBaC-ufU7kgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeVs4iwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEOHrPxjJivfBAdIICQiA4YAQEAEYH4AKAcgLAbATxNCvDsgTjZWn3gPQEwDYEw2IFATYFAHQFQGAFwGyFxwKGggAEhRwdWItMjU5NjQwMzExNDY5MTk4ORgA&sigh=IyalD81I4Z0&uach_m=[UACH]&cid=CAQSPACNIrLMtfrmG14h4z59LBydXHlWmSMXvf1NfmA7wCGn_xiDzsO4YUvoaqNE91x9AvBHXQKmnimn2Znncw&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 21 Mar 2022 14:29:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3A87 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 21 Mar 2022 05:53:44 GMT
expires: Tue, 22 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 30940
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 89AC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fb9e6aae5dae7bfdca1cd2c2d3097fd8cacc3c8265822ce215da486b4d59e87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3A87 35 B
464 B 46ms
11ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO7OVlroFqKJcWY0ePg_XFM&google_cver=1&google_push=AYg5qPK9vXIAOlBniiARJ1dQgXcz1pbU0q8-hI1EUjejB4yuna6k1gIOJH3tGeS_n8SI236iSwz--XTLBAPdZarfusRLUlZ6oKRi

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A87
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLe...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppTHhBQUFBVkQxcEYwNw&google_push=AYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLeptBr_bJmivPD7z70TPKJsP_aZPQWxPQmCxc-cCmpG3I858nnI2JuMn0Pv

170 B
188 B

36ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppTHhBQUFBVkQxcEYwNw&google_push=AYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLeptBr_bJmivPD7z70TPKJsP_aZPQWxPQmCxc-cCmpG3I858nnI2JuMn0Pv

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWppTHhBQUFBVkQxcEYwNw&google_push=AYg5qPI4zxkQ9wPTB6gfJMcTV_nretawYq2DcDjzDLeptBr_bJmivPD7z70TPKJsP_aZPQWxPQmCxc-cCmpG3I858nnI2JuMn0Pv
Date: Mon, 21 Mar 2022 14:29:24 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3A87 43 B
351 B 270ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMH5019GNAJumQQp1_a5KuQ&google_cver=1&google_push=AYg5qPIGho2ACzXmgqG67mOaW5aW__0tuq0LIpHxpKz8aB31dG9zTuwKDGzoE44xcnh0OT7LgIoFQaBG1qru5J7_82j7jJN8tqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b7rof208k6v3kpqs81vmteb1b4uf14k5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A87
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wA96jobbRR6ms5cUN1Kgqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wA96jobbRR6ms5cUN1Kgqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIs0vLJl5iRN4rFYaHevKby1Hb-joh0DllVlfRnTecPU1OflITXrDRQvo--GPKuusAeRcZeJHZvOIJC7rM50LkjO4z7UlSj

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wA96jobbRR6ms5cUN1Kgqw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIs0vLJl5iRN4rFYaHevKby1Hb-joh0DllVlfRnTecPU1OflITXrDRQvo--GPKuusAeRcZeJHZvOIJC7rM50LkjO4z7UlSj
date: Mon, 21 Mar 2022 14:29:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A87
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXh2qj-MAOlEjum_jmt03E&google_cver=1&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwp...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVDBMMTYtRC1HQlhS&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwpHSYmq2v8kAuUX_2_gWb8czpc

170 B
329 B

222ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVDBMMTYtRC1HQlhS&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwpHSYmq2v8kAuUX_2_gWb8czpc

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEwVDBMMTYtRC1HQlhS&google_push=AYg5qPJKaorDUbb3D2ytsOxdSg-sE2hoIJrK18lt4x6KvnkXvLqNlBRmyr1_0n4ZrbTss0xwFwpHSYmq2v8kAuUX_2_gWb8czpc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3A87
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 3A87 43 B
296 B 275ms
20ms Image
image/gif 2a05:d01c:1d8:8101:a311:1b15:c341:2fec
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEO9sgE2BNcW5PswSgRLqmUw&google_cver=1&google_push=AYg5qPKPBogPfDKx-YRK-56Y6cevVulkc_1Zg2MHQJFvkUmHda3RuZmDYe6bxn48Wnsr-VQuWBH_BxuJc6hz9F5cyfOCMNdqeoE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=2500912565&adf=1537806128&pi=t.aa~a.3804978191~rp.4&w=870&fwrn=4&fwrnh=100&lmt=1647856216&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=870x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647872963521&bpp=3&bdt=1475&idt=4&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da9874ebb94a193c5-2282886262cd00b9%3AT%3D1647872962%3ART%3D1647872962%3AS%3DALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg&prev_fmts=0x0&nras=2&correlator=8703383479584&frm=20&pv=1&ga_vid=1853582092.1647872963&ga_sid=1647872963&ga_hid=361113184&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31062931&oid=2&pvsid=830368716257256&pem=624&tmod=1049318792&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=weSZA46VOu&p=https%3A//fimdejogo.com.br&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:a311:1b15:c341:2fec London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3A87 0
223 B 274ms
16ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvQdTT-WtV7sKR7iej2wr1Hs6QhD5GIV4fWquMMFwssmrkKxLSgj85XETLWElrwzEa_ECC

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 89AC 41 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 18:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:05:46 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 89AC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

54ms
9ms

Fetch
video/mp4

2a00:1450:4001:68::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79AE5656F258A2FF1045EF617F388919D4E4A8F8.504502F3BE9637F1ACC89DE75C82BBF9D6193128/key/cms1/cms_redirect/yes/mh/Vv/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5edns7/ms/onc/mt/1647872677/mv/m/mvi/2/pl/54/file/file.mp4

Requested by

Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/

Protocol

HTTP/1.1

Server

2a00:1450:4001:68::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 14:29:24 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
Last-Modified: Fri, 11 Feb 2022 11:46:46 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 21 Mar 2022 14:29:24 GMT

Redirect headers

date: Mon, 21 Mar 2022 14:29:24 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/79AE5656F258A2FF1045EF617F388919D4E4A8F8.504502F3BE9637F1ACC89DE75C82BBF9D6193128/key/cms1/cms_redirect/yes/mh/Vv/mip/2001:ac8:20:302::202e/mm/42/mn/sn-4g5edns7/ms/onc/mt/1647872677/mv/m/mvi/2/pl/54/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 00EB 23 KB
9 KB 9ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Mar 2022 23:00:35 GMT
expires: Mon, 20 Mar 2023 23:00:35 GMT
cache-control: public, max-age=31536000
age: 55729
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js Show response
pagead2.googlesyndication.com/bg/ Frame 00EB 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 11:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 11:33:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 38ms
23ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220316&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b643c72d45e4fec735a3314a38c4ff74e53aa040fd44e040c64913592dc15b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Mar 2022 14:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10562
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-4g5edns7.c.2mdn.net/videoplayback/id/1010c898234a80bf/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1679408964/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 89AC 160 KB
0 17ms
7ms Media
video/mp4 2a00:1450:4001:68::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:68::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 21 Mar 2022 14:29:24 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4483752/4483753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4483753
expires: Mon, 21 Mar 2022 14:29:24 GMT
last-modified: Fri, 11 Feb 2022 11:46:46 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1674ms
1674ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 21 Mar 2022 14:29:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00EB 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BCxT9xIs4YtKqHJSK9fgP6IyHuA4AAAAAOAHgBAI&bg=!ZWalZiLNAAba2mK92to7ACkAdvg8Wj8zM1Y5ooIhEytbIAHzt2DNZ1vZwMIvPYcAS2K1myNtSbKtWwIAAABwUgAAAAFoAQeZAxmDDNkjJ9ecMnImtbVyDFgk5K8b6vG8MKXxwehLCc4mSBeAHZZtk8uqa1SPBWLUDyeitcrsqRQQ-gjOxfjiH_InpeGSw3NxXn9aMrJfAMQPh71t05-7Ty9q6fEwfpMS6G3RQXrCrOkkjcXDIlrtmnjwx3H0-7dLFL3LilsA1Y4INpzOyLpKnyWuRoaNJMX4pTmUjWL-C0c2slSH58VjJwQhv7lPkDxwxFZntUkDQFHuPEqUnOxfrjbru4GMftd90jozxJPp8GO0EX9W-fMw6tOgxkicMIHc9gQsyfHumJ3qHAMgQqMQvZxkp_ZZd_7j76UCH6Kw4VjGJY6IFZZN1x5Ehlqypm_3FLJzjBGhsGrPTe-25oglr7brC_--L8OJzH0pvu1xEmS0p4KSRWA_zDnzWPR8U1CgCFUAoDeYKB9gYWGvGtcPAu-M2Qu-OmpT4QjIbwG6pNG7w_HRKZt-Y_R2tTHl0AVVmH5eQHpPBpY-kz873vVZdc0jrGIwXIgl_TBOvozgN1nYlo1H1_UxTFlq9SoiHZo3spcxTl1r0m_sFQDSo5V8wCmQHYo7QMJ8L2VFZBWeB6I24KWKE3FSRlhNfKtEbm8bLtfaGC1OAT9-6JUJaWbG5J4oeblwp94y9xngPEi5TafUD8yZVkQISO4_mHDXZG9FV9aEcrNChq226uXs08pxF-UzEUv2kIgHaWI_bhBCFBF6KXHLYy0zm-JYDaaqvXV5CBIEKCVnfoPLMdI9OGbm1EuhEMvI2j2MKpfG2K-iEf1x0sT3Io3nxgB7OMLex0TmIH7nH2gpORq_lqQamQ95q5t6hx0IdtAz0svjCemx2DhutwRNhIg72BBEQO5qfTKZMmo1O2agY-wLQKVUm67aYdLlLSOFI0nb73s8fBjGl4XdIoLzX0EwptXJMr1HLZVqHE2oGKHzkSxnMOfkET98rjESznw4nEYZ9N41NcW9Rck2LNmu1tIEdlQmpxnUZ4dH1apDFfcZoKVqFUhxVutsLPCfRPYOuwShgNgcwqMBHBxKUUbqjGkbDU17vjJKCbTyJArQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F102 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuepvx7aCiyPvsmQjzg5UPiJTdRZk4VHTTxvTeGQZRylcJ6nLGhehZDwIGoUBJVnH5ZY3pKU6rELP0PHzgVgd4v0E6lQAWDWd_RkQR6pHguODdHzaBy-A&sai=AMfl-YQdjGt6vICZQMcHYbYZXdZnem1T2aF9lAQV6n7RfV1az_n0OW6zrrlB6qcWeF_Elllr_WNBXn67PbLC&sig=Cg0ArKJSzHBNRtiNPI21EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=122,753,1000,1146,1146&tos=122,631,247,146,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647872963703&rpt=287&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 074A 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/577098c0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/V-HOoqhBtDI?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
X-YouTube-Client-Version: 1.20220316.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtuTGpoVGV2M3cxNCjCl-KRBg%3D%3D
X-YouTube-Ad-Signals: dt=1647872962986&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C870%2C489&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 21 Mar 2022 14:29:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 21 Mar 2022 14:29:25 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 89AC 0
17 B 509ms
253ms Ping
image/gif 2800:3f0:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l10t0kxx&c=602478997990&slotId=301239498995&qqid=CK_BhJW11_YCFQsAiwodF90O9A&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=16&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220216_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2800:3f0:4001:813::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D752 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Mar 2022 13:17:04 GMT
expires: Tue, 21 Mar 2023 13:17:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8474 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5060eae6f839e4c8755890318de5e2f83388ff77a40084588083cfff8833153

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-riQlFMqQlBmna8Ha4HTdfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 21 Mar 2022 14:29:26 GMT
date: Mon, 21 Mar 2022 14:29:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-riQlFMqQlBmna8Ha4HTdfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D752 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c9SOW3fm-cIOlp3tvRsibzkEuEO1MqMyQpfRRVluBWQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 20 Mar 2022 21:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13819
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Mar 2023 21:13:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8474 0
0 114ms
114ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220316&jk=830368716257256&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D752 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VBPZmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 14:29:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220316&jk=830368716257256&bg=!29il2JzNAAba2mK92to7ACkAdvg8Wty9azD4oM8zomjgixCzUMO3n5IY7qJQPu1sNbJnnSXe9k8CVAIAAABrUgAAAAJoAQcKAE-Gjqq2O88T2vYvEWyAZ2Nfv1mtV6gqRJZ21hWYoW4gLWb4GtRPyy_PqWq9OWux0nySDPQlVdIq_cYQ8vqkb0-WPtOFRDP1Rha6X_nemXOzmQLuBM0y7xa4uuAbop2VHegq9e1WpHkyOP-Ci1UbSNw9Gc_AO7aYPVvYIlTlwoi96wP2cUCOuizQYsiXqS7JCsqCZLN9hw__GgdKo5yJTOFIcWBRh18jtk9_bQMjoHzmJO3MhUujIFNz0L1OGPeO334E7jqwqORxWN2_EklEyiRWcXKW2W2juG3dvmxqTyogXwf9e-U1Qb_WTpFe5mh-BLevPCF8GVQMBzv2_aLCUIf-gA4pfgCfSf9O8cd2UAhkEHcF52VJfnI80WahMu4iZ_aZzaIV2KO9UvfQ10TWPxSDcj92IYnclBX98BE_9y7yKzhsw-OJRfqy15_vuVoIMMTVAkvHwurxuGR0cih11AyZO2-Kg1FA8fjTQZOJ9UklO5Ki2I5MbvITb_iUSVIcz1W9RiFcLgQGTyca3d_j5bRAmt5jAYJfMEvz65Ogy9CQj0O1-VxG_2bb9Oz5aG_tRxyg57KwyH-xRu5nXS1WyJR-vnfTsx5KLXKCAcb0V-SMnsK5PkJimsEd6RCraWc2RdgiPzPJkHJB3HWRn6OeOoh2OzU8hFVToa9IFX6P4j66zER5z85GQS8z0ELBXBAZadO5g5amB_afhJ7rd8GhVC10LMbKT91ZKsldRj7CW8XMRtuYhrgq6fCWZre1T8WLeFbzJrZc7I8hso3rFVexEN0fbHx5i8IOlFAEOiADawJHKmrAwVPeK9x9c04Jbu6GpMVm-JZOYG7sTAGueEZHTvPmKpfWMSq28oej3tsPj0qTSw73ZqnqXm7CaAoc7WsPa6nbrx1cpWvuvcXXAHW0GANuuiqGtNvUU6irw3XdK3YiNxUEvZ3q9NzfedxR5YfaFdyixwdkpOhlwS3M3hEtyllMsEfWRw8pjTLlqOMoGw6PVxOI5PtMvurrEI3jkgd9fSfR1XPTho7z-BTOT9SEu6q15IdLczMgYwkIOUSFJYqkDT8WqbFzhhhHw8EWqo6Oedv75Z5zGJ02_2_yq7o_PS3v

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fimdejogo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 14:29:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fimdejogo.com.br/	1970-01-20 19:15:44	Name: _ga Value: GA1.3.1853582092.1647872963
.fimdejogo.com.br/	1970-01-20 01:45:59	Name: _gid Value: GA1.3.1270926907.1647872963
.fimdejogo.com.br/	1970-01-20 01:44:33	Name: _gat Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: K3p9wGhzNkc
.fimdejogo.com.br/	1970-01-20 11:06:08	Name: __gads Value: ID=a9874ebb94a193c5-2282886262cd00b9:T=1647872962:RT=1647872962:S=ALNI_MbY7Jo0Lrv5QlSEJi2gvtQIqjQzBg
.youtube.com/	1970-01-20 06:03:44	Name: VISITOR_INFO1_LIVE Value: nLjhTev3w14
.doubleclick.net/	1970-01-20 11:06:08	Name: IDE Value: AHWqTUmJXCRqdPT4xeIGWDDVqCgwCO2GHA09DTkjVAY_Jaa_9I8QIkFvj6aKYW-FCl4
.quantserve.com/	1970-01-20 03:54:08	Name: d Value: EGYBCQHbJYEA
.quantserve.com/	1970-01-20 11:14:47	Name: mc Value: 62388bc4-72128-1aaa5-6d141
.pubmatic.com/	1970-01-20 01:45:59	Name: KTPCACOOKIE Value: YES
.innovid.com/	1970-01-20 03:54:08	Name: uuid Value: 0b048d1c-efe1-41af-b0c8-0b99905396cf-20220321 10:29:24
.pubmatic.com/	1970-01-20 03:54:08	Name: KADUSERCOOKIE Value: C00F7A8E-86DB-451E-A6B3-97143752A0AB
.casalemedia.com/	1970-01-20 10:30:08	Name: CMID Value: YjiLxJHDspf5pBmTD7RYZwAA
.casalemedia.com/	1970-01-20 03:54:08	Name: CMPS Value: 3227
.casalemedia.com/	1970-01-20 03:54:08	Name: CMPRO Value: 1190
.casalemedia.com/	1970-01-20 01:45:59	Name: CMST Value: YjiLxGI4i8QA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjiLxJHDspf5pBmTD7RYZwAABKYAAAIB&google_gid=CAESEH5ImbZJDou70Cb11LHrrbs&google_cver=1&google_push=AYg5qPLNMBH1eOqoGD00W3P8IyfYLPOb1UeM5ZbGMWE6PP_xi7ZSkwhlywXKwrowCbjF-F5Qk3y5jQ1hEf7Owy0fqCzKRMtbRIKy Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-2596403114691989&fa=1&ifi=3&uci=a!3&btvi=2&xpc=ypSelY2N5o&p=https%3A//fimdejogo.com.br Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
analytics.hostwp.club
bid.g.doubleclick.net
buttons-config.sharethis.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
fimdejogo.com.br
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-analytics.com
googleads.g.doubleclick.net
i.ytimg.com
image6.pubmatic.com
imasdk.googleapis.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
platform-api.sharethis.com
platform.twitter.com
r2---sn-4g5edns7.c.2mdn.net
rtb.openx.net
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
tpc.googlesyndication.com
ws.sharethis.com
www.fimdejogo.com.br
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
104.244.42.72
108.128.215.255
142.250.181.226
142.250.186.162
143.204.98.21
167.172.26.75
18.198.109.212
198.47.127.19
198.58.120.109
2600:9000:2156:9800:c:abe:f440:93a1
2600:9000:224a:7400:3:c04e:c780:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:5a23:9c4e:e774:96c1
2800:3f0:4001:813::2003
2a00:1450:4001:68::7
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:827::2016
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a05:d01c:1d8:8101:a311:1b15:c341:2fec
35.227.252.103
64.233.184.156
69.173.144.138
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
0766e37797ed71aa16735a33a049c8e38950de648892e3fa64cb38e65af64e8f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
145bdcf13567621166cc0d57f3dd7b77fe27b35f80633ad6cda3ddb2b16c3ad6
149bccf7e467541fc83e870e967ac322b26065e5d6797169c8a677a67db07e60
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
162330daa0b027ec12acf0dfbfdbf19224849ca0090a038d696b8e282013bd2f
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fb9e6aae5dae7bfdca1cd2c2d3097fd8cacc3c8265822ce215da486b4d59e87
20b7f01651c2024da3d22705dcf5400577e0d161d12652d6ffa4738e9217f59f
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
262887ef66bfdd2b900f3b991f5b48e15e9094c81c08374a2c525b1eac4ac9e9
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2c92c34625d4600a4de6afaadd1de8d30b91082e0d54425dcfe61970515e65e8
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
30c7de3267ee505cf34f482f6ace7a59e2df634a7c63c1b2ec2d60991955e83d
32ae1222c34ac8d4ca2dcd6455e4b25c789515cbc05291c565dc49c64c21675e
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
333147ef6f75a758f699800d4970402c617a3c0d1214cd528f9720f7b76339d8
3636de76205aab18eb531d8c3af3b9d550972b60f1200c8ab3fbaf11ba470919
37106cb7f5b3d70297ca032b38d4645d828500a3f86c181a9f9992bc9be07162
38529dac65b645f12664da3b8d53a066fc3cee379907f41981674e426cec7c22
3beba212b5067dcd13915e24790a1feed1932ab3895f4b42372387ec98a2dfea
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3f88164ab95992bbf6c96870f86e8fc024890f11e309d5e0688a5d1ee316b634
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
414363cb8150c2f60382da1d5a33f260caad65a54d6933e6b28534763d388db8
42269c258d4e383fec2a898675c7a4ca5ee58ad3216871a99bb55c4058977521
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
446582440b05ecec9020614cebc519b04d30f8c65f8e37b5be652542baccbe11
44d82d364ee3801a99dae402638440c27d584cff04f65ebe44beed9c3b0f891d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46448909ce97ba850c6c0753a47bba758da621333b0fa3a11931a396a8bac43e
4875df18359ae0da0d35b4c10f82c07e15932414913a04c7509ee742236564eb
48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a34f2d0410e7673e3ff6ffb21364f610f547a058486bbabf4caf337d74ce021
4ae9ddae3a7d2fcaa1dad375bdda6496f34adea77e4646118e090a80ba752856
4cf91facad0c607b6df34456a7e72d02a93126bf216d85ebc02c7ac2ba917627
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
50c7f9f9fa9a713998e0b35b436ea9bd5c006d8102c746d25816fa463a1682b9
513cf32ceee28c34904e1f9f2f8ba382ef09d72dbaa6753ab4877cd8c562f6a3
5429e131e3e1183da24c317a94b32caf436991c41da64132e50fa0f4f3f1f252
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e605563c0e14e3b421d248ea108748fe1d715b7170517bc5951c7c781aceba
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5abae6e19ed0784a432e61a5f9915cbff9a587062c7a1f2c9b4bc7ab2ea06d8e
6088be74a556ff4b78944a782ec9ca019491945dc9b64d38a6122fea50acf335
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
65c9b5b6949b47a975c677f7ef5fd187e6f2737684cc65388a6a2c0d4720e634
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
686ec5bbcb480c901884aa89f3ad5ebabd11844503cec9d7d7b7c358f41c1436
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f33d75dffd628cdf7ac8e2505ea514d22e6394078d5ec5d16d935ba0995107d
717c9554069f56045165bcce3d790e2ae5b8eb4dfa894d8c1023e8e61095e541
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
73d48e5b77e6f9c20e969dedbd1b226f3904b843b532a3324297d145596e0564
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7617ed30b8adef52b9e11ad72dd08abec0947acf8a609e599093efa9f83b28af
769a140d14493f4bb0d32475613445ef691c56cd616ed79ae4fa46bad5d156ff
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
7d430451dd6218e60bcf3ca6e84d1f7e90ea3e5f8e0416514ccea28f063512e7
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e11527c64e7ef627227a12c9063413e5eef860a05bd70c9a8aa0981f5fc52af
7e46dadd61ce1431d7fcc5b0980e706f3e8275586d6d01f1565ffbddb5016690
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
86f243738c5f1c4f2bf207919ef1390de6c7a48cc0aa0808e25ba26e159d1cf5
8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89bcb21c46257b4aa437c57358d2bee052368acce05e2974a80f530aed5a0c2a
8f1b4f982ba63c394201dc76f4cb9de87d22bf21973c17595b6b1f140c7a1f15
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91e48fbf064b5abf1f1ddb81119158a3f2eed6aca62cf5fc7baae0ac50875dc8
9483c6907f27fcb7196089b2fced074e6fbf9f5cb030318700264844c3022fa2
94c70406aa0c3e261cb6636c0a565f0a23a6597c774afce9ed472b435a9b07df
9688be9ce9fe8bb4d51863d8794b04e4011129096c3bed5a49c9ba2fe18e806a
99a62f93024e0662926aa4c55cab9e5da3a0578900bd69a4581a33ea53cb01d8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a8545e41a271b2c693fac9a459bc37c068eae50d717b3f4faa67b1023b9d538a
a8db0c3ffa957c5358f947902ff58c5e58d2a3b09492cbbebdc2eff5b44d9bbb
a90d0e756aa25e20a637e1f37d472c28dfcd56f39fe2430dd4f8c3b35ed0468f
aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e
aac05095d40ef0103466fa75159c0fcc72baf7f2ec1335e20d0ca05b7fdc919d
ad485bd58e6fe39a768b5c7f8cfb02c5adee5744d1e306f7c387446337bb71e3
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1c61dcdd7264f26b5b0736f83da4b38d3e4db307d0c089090e42dde20b2d74
b5060eae6f839e4c8755890318de5e2f83388ff77a40084588083cfff8833153
b5c2c5d3c5a2cedf4dacc156a80c3ec5168f18ff77d05baa769e3119a2696b41
b643c72d45e4fec735a3314a38c4ff74e53aa040fd44e040c64913592dc15b62
b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8aca29145b6992f815d0db022dc483714a682b6e09625167cf199f688526ebf
bab555606324a699dae6549dbab9a4638c08b667de0eed996665962579d662b8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c22a1a45c8f0ceb0c5fc6e9b0b440c78272c41bccb878d2665d83c7f66dcc0ce
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d48b84dbad35cdffcfe8a21f0633a757af7e0844e7f9bb511baf0450ed12bced
d51dd8697304b6dab1fc52044874b36a5d11c5cc33b9ba60aa917bacf342dd83
d67cbe62c3c2c50fa3af647e3f7910c28a9927aeca37463ae28ffff9a240376d
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d70312535fbd2b2f1a1c18f5985c53f227088c70960a79950b5a45c1127ac892
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d940cacfc0e42a2a8042b5127fdff6410119e4b9edf2450ecc993614dfafee9a
db8c71654a10f884bff18344cc548c8302dbb9c4b64d4d7bcf308a6200d2e7f6
db90f430d966448bfdbd72f8e1a6fccc9a11333b32ac4760d061fe45cfe9c11c
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
dffadbf147983987335df1ce9da3b183b5d86c1284fe8d46315b32fc90f80f1d
e0380ee1d5c7c67078ed5ae469ef6ebc923ed2b6a43a00b93297496d26b9bc2e
e0e5ba0e1838d8bf5f1a01546084f82964c857e7bf5cee2cb0d9178dd5195d9a
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3221651103697de1efb29b38ac3a8611476981904f54a123a5ff44a2da5b905
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e6117cce9a5c9be508a185bf3a3d87b342defac6f4847e589290d6cc26095582
e93377c902d3df46a89eed7cff2a1810d6f5ef29c05b97f5e67b3f5fbad52e6e
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

fimdejogo.com.br Open in urlscan Pro 167.172.26.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

171 Requests

96 %HTTPS

70 %IPv6

24 Domains

42 Subdomains

37 IPs

7 Countries

2955 kBTransfer

8942 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fimdejogo.com.br Open in urlscan Pro
167.172.26.75 Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

96 %
HTTPS

70 %
IPv6

24
Domains

42
Subdomains

37
IPs

7
Countries

2955 kB
Transfer

8942 kB
Size

16
Cookies

171 HTTP transactions
20 data transactions