www.gcmgames.com.br Open in urlscan Pro
20.65.84.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gcmgames.com.br/recarga-celular-m25/
Submission: On August 11 via manual (August 11th 2022, 10:06:28 am UTC) from BR — Scanned from DE

Summary HTTP 190 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 69 IPs in 10 countries across 61 domains to perform 190 HTTP transactions. The main IP is 20.65.84.125, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.gcmgames.com.br.
TLS certificate: Issued by R3 on July 31st 2022. Valid for: 3 months.

This is the only time www.gcmgames.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	20.65.84.125 20.65.84.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:254d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.224.189.103 13.224.189.103	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2606:4700:20:... 2606:4700:20::681a:8a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.18.79.138 2.18.79.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6812:1aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5 6	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:20:... 2606:4700:20::ac43:4635	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21f... 2600:9000:21f3:3000:2:5ea4:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.90 13.225.78.90	16509 (AMAZON-02) (AMAZON-02)
6	13.225.78.62 13.225.78.62	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::2010	15169 (GOOGLE) (GOOGLE)
1	2.18.79.139 2.18.79.139	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	35.158.200.182 35.158.200.182	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	3.64.230.211 3.64.230.211	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:d200:1b:832b:ac00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.59.78.133 52.59.78.133	16509 (AMAZON-02) (AMAZON-02)
1	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.159.184.12 18.159.184.12	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.121.205.163 3.121.205.163	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	104.103.102.147 104.103.102.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	52.210.214.177 52.210.214.177	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
2 2	54.156.247.58 54.156.247.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:2d6f:6c5:afe6:e7fa	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:612... 2600:1f18:612b:4264:5a8d:94bc:2cf9:40df	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
9	108.138.7.103 108.138.7.103	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.79 18.66.15.79	16509 (AMAZON-02) (AMAZON-02)
1	54.73.80.98 54.73.80.98	16509 (AMAZON-02) (AMAZON-02)
3	54.163.144.204 54.163.144.204	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:303... 2606:4700:3037::6815:27b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.142.112.216 3.142.112.216	16509 (AMAZON-02) (AMAZON-02)
4	52.1.133.67 52.1.133.67	14618 (AMAZON-AES) (AMAZON-AES)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
2	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.204.33.205 34.204.33.205	14618 (AMAZON-AES) (AMAZON-AES)
1	52.20.78.240 52.20.78.240	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
190	69

37 20.65.84.125 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.gcmgames.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.ezcdn.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w4.ezcdn.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w3.ezcdn.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:254d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.targeting.voxus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.voxus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.189.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-103.fra2.r.cloudfront.net

app.shoptarget.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
front.shoptarget.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:8a2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w-cdn.huggy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.79.138 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-138.deploy.static.akamaitechnologies.com

js.huggy.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webfonts.huggy.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1aaf (United States)

ASN13335 (CLOUDFLARENET, US)

certificate.trustvox.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trustvox.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
certificados.trustvox.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4635 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.huggy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:3000:2:5ea4:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

suite.linximpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

api-ads.percycle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-90.fra2.r.cloudfront.net

collect.chaordicsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.chaordicsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.78.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-62.fra2.r.cloudfront.net

ckies.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

trustvox-certificate-assets.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com

webfonts.huggy.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.200.182 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.64.230.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-230-211.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d200:1b:832b:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cotads.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.78.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-78-133.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.184.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-184-12.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.205.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.102.147 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-102-147.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.242 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.214.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-214-177.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.247.58 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-247-58.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:2d6f:6c5:afe6:e7fa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:5a8d:94bc:2cf9:40df (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.138.7.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-103.fra56.r.cloudfront.net

static.shopback.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-79.vie50.r.cloudfront.net

click.retargeter.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.80.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.163.144.204 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-144-204.compute-1.amazonaws.com

front.shopconvert.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:27b3 (United States)

ASN13335 (CLOUDFLARENET, US)

googleads.g-static.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.142.112.216 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-112-216.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.1.133.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-133-67.compute-1.amazonaws.com

api.shopback.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

shopbackbr.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.voxus.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.33.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-33-205.compute-1.amazonaws.com

api.voxus.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ezcdn.com.br w1.ezcdn.com.br w4.ezcdn.com.br w3.ezcdn.com.br	800 KB
13	shopback.net static.shopback.net — Cisco Umbrella Rank: 71544 api.shopback.net — Cisco Umbrella Rank: 83811	36 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 trustvox-certificate-assets.storage.googleapis.com — Cisco Umbrella Rank: 407447 ajax.googleapis.com — Cisco Umbrella Rank: 267	260 KB
12	gcmgames.com.br www.gcmgames.com.br	229 KB
11	criteo.com 6 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755 sslwidget.criteo.com — Cisco Umbrella Rank: 1552 widget.us.criteo.com — Cisco Umbrella Rank: 15285 dis.criteo.com — Cisco Umbrella Rank: 699	15 KB
6	ckies.net ckies.net — Cisco Umbrella Rank: 54033	2 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	652 B
6	huggy.chat js.huggy.chat — Cisco Umbrella Rank: 638001	279 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	22 KB
5	huggy.cloud webfonts.huggy.cloud — Cisco Umbrella Rank: 667568	9 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	282 KB
5	trustvox.com.br certificate.trustvox.com.br — Cisco Umbrella Rank: 326649 trustvox.com.br — Cisco Umbrella Rank: 51681 certificados.trustvox.com.br — Cisco Umbrella Rank: 414634	18 KB
5	huggy.io 1 redirects w-cdn.huggy.io widget.huggy.io — Cisco Umbrella Rank: 549121	6 KB
5	shoptarget.com.br app.shoptarget.com.br — Cisco Umbrella Rank: 69108 front.shoptarget.com.br — Cisco Umbrella Rank: 73343	15 KB
4	voxus.tv targeting.voxus.tv — Cisco Umbrella Rank: 109562 api.voxus.tv — Cisco Umbrella Rank: 158995	21 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	21 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238 secure.adnxs.com — Cisco Umbrella Rank: 462	4 KB
4	linximpulse.net suite.linximpulse.net — Cisco Umbrella Rank: 53982	36 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 118 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	3 KB
3	shopconvert.com.br front.shopconvert.com.br — Cisco Umbrella Rank: 140692	10 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 576 i6.liadm.com — Cisco Umbrella Rank: 1609	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 277 sp.analytics.yahoo.com — Cisco Umbrella Rank: 1031	1 KB
3	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 1323 cotads.adscale.de — Cisco Umbrella Rank: 2588	1 KB
3	chaordicsystems.com collect.chaordicsystems.com — Cisco Umbrella Rank: 60142 events.chaordicsystems.com — Cisco Umbrella Rank: 60096 Failed	671 B
3	voxus.com.br cdn.targeting.voxus.com.br — Cisco Umbrella Rank: 105547 targeting.voxus.com.br — Cisco Umbrella Rank: 82777	13 KB
3	gstatic.com fonts.gstatic.com	79 KB
2	github.io shopbackbr.github.io
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2757	480 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 188	2 KB
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1340	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 649	852 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 713	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 292	1 KB
2	percycle.com api-ads.percycle.com — Cisco Umbrella Rank: 57429	531 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	88 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5596	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 10	565 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2743	274 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 1303	268 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 309	98 B
1	g-static.co googleads.g-static.co — Cisco Umbrella Rank: 145743	539 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 502	337 B
1	retargeter.com.br click.retargeter.com.br — Cisco Umbrella Rank: 113091	354 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 14684	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2996	183 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 541	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1273	235 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1657	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 411	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1422	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1048	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 521	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 326	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 610	225 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 686	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1184	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 526	784 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	14 KB
0	popkit.club Failed app.popkit.club Failed
190	61

	Domain	Requested by
18	w4.ezcdn.com.br	www.gcmgames.com.br
12	www.gcmgames.com.br	www.gcmgames.com.br
9	static.shopback.net	app.shoptarget.com.br static.shopback.net
7	fonts.googleapis.com	www.gcmgames.com.br certificados.trustvox.com.br client
6	ckies.net	suite.linximpulse.net static.shopback.net
6	www.facebook.com	connect.facebook.net
6	gum.criteo.com	5 redirects static.criteo.net
6	js.huggy.chat	w-cdn.huggy.io
6	www.google-analytics.com	www.gcmgames.com.br www.google-analytics.com
5	webfonts.huggy.cloud	client webfonts.huggy.cloud
5	connect.facebook.net	www.gcmgames.com.br connect.facebook.net
5	w1.ezcdn.com.br	www.gcmgames.com.br
4	cdn.jsdelivr.net	client static.shopback.net
4	api.shopback.net	static.shopback.net
4	suite.linximpulse.net	app.shoptarget.com.br
4	widget.huggy.io	w-cdn.huggy.io
4	app.shoptarget.com.br	www.gcmgames.com.br app.shoptarget.com.br
3	front.shopconvert.com.br	static.shopback.net
3	trustvox-certificate-assets.storage.googleapis.com	certificados.trustvox.com.br
3	certificate.trustvox.com.br	www.gcmgames.com.br certificate.trustvox.com.br
3	fonts.gstatic.com	fonts.googleapis.com
2	secure.adnxs.com
2	api.voxus.tv	targeting.voxus.com.br
2	targeting.voxus.tv	targeting.voxus.com.br targeting.voxus.tv
2	shopbackbr.github.io	static.shopback.net
2	ajax.googleapis.com	static.shopback.net
2	ad.sxp.smartclip.net	1 redirects
2	i.liadm.com	2 redirects
2	dpm.demdex.net	1 redirects
2	ad.yieldlab.net
2	ups.analytics.yahoo.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	ih.adscale.de	2 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	x.bidswitch.net	1 redirects
2	targeting.voxus.com.br	cdn.targeting.voxus.com.br
2	collect.chaordicsystems.com	suite.linximpulse.net
2	api-ads.percycle.com	suite.linximpulse.net
2	www.googletagmanager.com	www.gcmgames.com.br certificados.trustvox.com.br
2	www.google.de	www.gcmgames.com.br
2	www.google.com	www.gcmgames.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	w3.ezcdn.com.br	www.gcmgames.com.br
1	sp.analytics.yahoo.com
1	api.ipify.org	targeting.voxus.com.br
1	s.thebrighttag.com
1	idsync.rlcdn.com
1	googleads.g-static.co	www.gcmgames.com.br
1	beacon.krxd.net
1	front.shoptarget.com.br	app.shoptarget.com.br
1	click.retargeter.com.br	app.shoptarget.com.br
1	events.chaordicsystems.com	suite.linximpulse.net
1	a.twiago.com
1	criteo-partners.tremorhub.com
1	i6.liadm.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	cotads.adscale.de
1	cm.g.doubleclick.net	1 redirects
1	certificados.trustvox.com.br	certificate.trustvox.com.br
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	mug.criteo.com
1	trustvox.com.br	certificate.trustvox.com.br
1	www.googleadservices.com	www.googletagmanager.com
1	w-cdn.huggy.io	1 redirects
1	static.criteo.net	www.gcmgames.com.br
1	cdn.targeting.voxus.com.br	www.gcmgames.com.br
0	app.popkit.club Failed	www.googletagmanager.com
190	83

This site contains links to these domains. Also see Links.

Domain
vip.gcmgames.com.br
twitter.com
plus.google.com
gcmgamesblog.com.br
letsencrypt.org
www.trinto.com.br
www.linxcommerce.com.br
huggy.io

Subject Issuer	Validity	Valid
www.gcmgames.com.br R3	`2022-07-31` - `2022-10-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.ezcdn.com.br R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
voxus.com.br Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
*.shopback.net Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-20` - `2022-08-18`	3 months	crt.sh
huggy.io Cloudflare Inc ECC CA-3	`2022-07-03` - `2023-07-03`	a year	crt.sh
app.huggy.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-08` - `2023-05-09`	a year	crt.sh
*.linximpulse.net Amazon	`2021-10-13` - `2022-11-10`	a year	crt.sh
*.percycle.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.chaordicsystems.com Amazon	`2022-08-11` - `2023-09-09`	a year	crt.sh
ckies.net Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-11` - `2022-12-12`	a year	crt.sh
*.retargeter.com.br Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
g-static.co Cloudflare Inc ECC CA-3	`2022-07-27` - `2023-07-27`	a year	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
api.voxus.tv Amazon	`2022-04-18` - `2023-05-17`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.gcmgames.com.br/recarga-celular-m25/
Frame ID: B6644B8D5B3EF74F550F8DD9ED4BF4A8
Requests: 116 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.gcmgames.com.br&origin=onetag
Frame ID: 72D8F0DD48A0E1CA44D12393E64E22B0
Requests: 2 HTTP requests in this frame

Frame: https://certificados.trustvox.com.br/gcmgames?hidden=true
Frame ID: 208EB3CBE09FD5F0DAA1FAF93D5C1FFD
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:300,400,500
Frame ID: C645B6D5CF78C69AA521266960149367
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:300,400,500
Frame ID: 332F46B568240CDBC98B3F41A7C1694F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?id=330319704130479&ev=Search&cd[content_type]=product&cd[content_ids]=%5B%222414288175962639733%22%2C%22-2484207473363124074%22%2C%22-3164248371298704047%22%5D&cd[product_catalog_id]=179831902750933&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=54e0e3fb-1e75-43e5-b503-0fb9f0a1ce16&cd[application_id]=423936147658676
Frame ID: 634F24545D55FEACC428101EC2F4CEC4
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30
Frame ID: 5E433A166A51EC35EA1AC09029807C57
Requests: 30 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,300,400,700
Frame ID: 64BB3636DA3654CF4892793836794381
Requests: 10 HTTP requests in this frame

Frame: https://shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/css/theme.min.css
Frame ID: 516851ADBDA390678AF74303EEB94EF9
Requests: 8 HTTP requests in this frame

Frame: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DGCM%20Games%26website_id%3D1135%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Frame ID: DF17FC291E98CEF2C3C841EAAA53A7D2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Recarga de celular para OI, TIM, VIVO e CLARO - GCM Games

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

190
Requests

91 %
HTTPS

36 %
IPv6

61
Domains

83
Subdomains

69
IPs

10
Countries

2285 kB
Transfer

4786 kB
Size

79
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://vip.gcmgames.com.br/
Title: SEJA GCM VIP

Search URL Search Domain Scan URL

URL: https://twitter.com/GCMGamesOficial

Search URL Search Domain Scan URL

URL: https://plus.google.com/102371336495465330113/posts

Search URL Search Domain Scan URL

URL: http://gcmgamesblog.com.br/

Search URL Search Domain Scan URL

URL: https://letsencrypt.org/

Search URL Search Domain Scan URL

URL: http://www.trinto.com.br/

Search URL Search Domain Scan URL

URL: https://www.linxcommerce.com.br/?utm_campaign=gcmgames&utm_medium=rodape&utm_source=cliente
Title: Plataforma de Loja Virtual

Search URL Search Domain Scan URL

URL: https://huggy.io/pt-br/huggy-chat/?utm_source=huggy-chat&utm_medium=9848&utm_campaign=www.gcmgames.com.br
Title: Chat By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://w-cdn.huggy.io/widget.min.js?v=8.0.0 HTTP 302
https://js.huggy.chat/widget.min.js

Request Chain 64

https://gum.criteo.com/sid/json?origin=onetag&domain=gcmgames.com.br&sn=ChromeSyncframe&so=0&topUrl=www.gcmgames.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=dIj8gXxGTGxpUDI3THlWWml5TFVTMVRzek5kWjFSdUhwbndBRTZJaSsxa1dpbVpKT3NwSktTNDVxOGVkSXpJMkZ0elJLS1lQREQ2RDlYZ3Axb3M1WkhReHl6Uk5ySWpITEJSWXp0YWFRSS8xTFNXamN2MWp2SDNhVmc1RDlDNjVzVlVMTXBBYTliTS93MlVZZitLa0tUejd0eG10UWZNUldHVWZPdHRTT1JJd0hIa2pZNDFLS1REK2kvd0MwWDZIODF4N0haYmxFYVUrdngwZW0yQ1E3ZVZJMUJBVzB6MGR2VlpVYitqNERSNVNLNU5BRnpDN0Jkd2xzdDNCV2l4L0crc3VUOU94UmhvRnRGZGZBb2tTMCtzdE1SUT09fA&cppv=2

Request Chain 73

https://sslwidget.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEVJUGMwb2pMcDZLMCUyQlg1aW9vVmdrTExvSXZGSVhqY0taJTJGTHR3b0lxYVdLc1A2amNlcjJGU0hOVUN5UnZRVXNTa1IxZzU0bmlsSzMycTk1c2lXa2FWNzNMJTJGT1ZXSTJDSWs1NWtSM0F4JTJCSHJDRXRFSGxWVGFXa0hHVjhqUTBQMHEwJTJGb24zZWlBcGs2U0ZRJTNEJTNE&tld=gcmgames.com.br&fu=https%253A%252F%252Fwww.gcmgames.com.br%252Frecarga-celular-m25%252F&dtycbr=21110 HTTP 302
https://widget.us.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEVJUGMwb2pMcDZLMCUyQlg1aW9vVmdrTExvSXZGSVhqY0taJTJGTHR3b0lxYVdLc1A2amNlcjJGU0hOVUN5UnZRVXNTa1IxZzU0bmlsSzMycTk1c2lXa2FWNzNMJTJGT1ZXSTJDSWs1NWtSM0F4JTJCSHJDRXRFSGxWVGFXa0hHVjhqUTBQMHEwJTJGb24zZWlBcGs2U0ZRJTNEJTNE&tld=gcmgames.com.br&fu=https%253A%252F%252Fwww.gcmgames.com.br%252Frecarga-celular-m25%252F&dtycbr=21110

Request Chain 111

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_cm&google_hm=ay1kQ1NJUXZLUnNNb05iLTVZT19KSkRpQ2t6VmZEZG9EMmtYaUdSdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_gid=CAESECh5ejx7olU9dEJc4vvkPC4&google_cver=1&google_ula=913071,0

Request Chain 113

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4792962874246797302

Request Chain 114

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-gWRuTvKRsMoNb-5YO_JJDiCkzVcWIysBabIFjw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-gWRuTvKRsMoNb-5YO_JJDiCkzVcWIysBabIFjw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=824414a410aa4d568095f4eea30b390f HTTP 307
https://cotads.adscale.de/ads/pixel/1by1.png?uid=00122918a87fd238e0f9fa88fbb37d7037c440ae7360f40c856bab277c5d1f1e

Request Chain 115

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog&C=1

Request Chain 116

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA

Request Chain 127

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg&verify=true

Request Chain 131

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_

Request Chain 133

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g&_li_chk=true&previous_uuid=442b4cf391e14868a3073ba0de97c895 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g

Request Chain 134

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA&ang_testid=1

Request Chain 146

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0py_KQdMbN49ej4kIJy3CievQ0u_sqT2

Request Chain 152

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=pubN4zKAHaBemuBQlzZLihNt3atl-wgt

Request Chain 154

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aF_KSjrFvF3od5SJFcX18Z2hEnwu1VpR

190 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.gcmgames.com.br/recarga-celular-m25/ 71 KB
16 KB 3195ms
2178ms Document
text/html 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

259089c6c2033989f615e79d44c2cbdebd4c18ee866392fbaf7711c8900236bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public,max-age=7200
content-encoding: gzip
content-language: pt-BR
content-length: 15628
content-security-policy: upgrade-insecure-requests
content-type: text/html; Charset=UTF-8
date: Thu, 11 Aug 2022 10:06:23 GMT
etag: W/1660212383
expect-ct: max-age=2592000, enforce
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
host: www.gcmgames.com.br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 template.css
www.gcmgames.com.br/css/build/ 266 KB
47 KB 96ms
94ms Stylesheet
text/css 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/css/build/template.css?v=08082019135000

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

26172f56d11f9c4f9f95a5b57e055fce068e1ff3e0f6ad1c0c19a1b254eeeefa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: W/1659984968
age: 227415
strict-transport-security: max-age=2592000; preload
content-length: 47913
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
date: Thu, 11 Aug 2022 10:06:23 GMT
expect-ct: max-age=2592000, enforce
vary: Accept-Encoding
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: text/css; Charset=UTF-8
x-content-type-options: nosniff

GET
H2 200 platform.js Show response
www.gcmgames.com.br/js/build/ 314 KB
106 KB 191ms
189ms Script
application/x-javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

984b1b94570eb38a7908d35f5c326026067cdb6c8d62a28373bc0b23bd01c2d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 107551
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: application/x-javascript
x-content-type-options: nosniff

GET
H2 200 platform-async.js Show response
www.gcmgames.com.br/js/build/ 157 KB
46 KB 95ms
95ms Script
application/x-javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/js/build/platform-async.js?v=1584635910823

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

a01bcc831785bbe2818ccc1c6cfa1c125a0537ac2cccdfae64481d84050b31bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 46026
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: application/x-javascript
x-content-type-options: nosniff

GET
H2 200 platform-page-ea8ee33a726e1fbc3060e8e4445ad25c.js Show response
www.gcmgames.com.br/js/build/ 3 KB
2 KB 95ms
95ms Script
application/x-javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/js/build/platform-page-ea8ee33a726e1fbc3060e8e4445ad25c.js?v=1559234588057

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

7fb14602ae1367f2973200ec9c5c597bb4241074f77669b9a48c84b5fc8e6767

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 1184
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: application/x-javascript
x-content-type-options: nosniff

GET
H2 200 template.js Show response
www.gcmgames.com.br/js/build/ 6 KB
2 KB 96ms
94ms Script
text/javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/js/build/template.js?v=07112018141900

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

27c7492cd34f28c7b632c86d51ecff88a26ccb6249ed5d09238ccfc659c6e3c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: W/1659984968
age: 227415
strict-transport-security: max-age=2592000; preload
content-length: 2039
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
date: Thu, 11 Aug 2022 10:06:23 GMT
expect-ct: max-age=2592000, enforce
vary: Accept-Encoding
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: text/javascript; Charset=UTF-8
x-content-type-options: nosniff

GET
H2 200 script_session.asp Show response
www.gcmgames.com.br/ 2 KB
2 KB 134ms
133ms Script
text/javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/script_session.asp?file=produtos_secoes.asp&marcaid=25

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

00a7dc8a1d809aa4c3498326a126145d45afa34efd7515388a11a658aecfdf1a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
strict-transport-security: max-age=2592000; preload
content-length: 925
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
expect-ct: max-age=2592000, enforce
vary: Accept-Encoding
content-language: pt-BR
cache-control: private,no-cache,no-store,no-transform,must-revalidate,max-age=0
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/javascript; Charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 133ms
47ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,300,100italic,300italic,400italic,700,700italic,900,900italic

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:06:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:23 GMT

GET
H2 200 logo.png
www.gcmgames.com.br/FILES/_ARQUIVOS/LOGO/ 6 KB
6 KB 97ms
96ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gcmgames.com.br/FILES/_ARQUIVOS/LOGO/logo.png

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

5b87357f2654192d0705d3c8a00945bb279cc67153dc3fe8fb2dd34b70f45c01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 5928
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: image/png
x-content-type-options: nosniff

GET
H2 200 spacer.gif
www.gcmgames.com.br/files/_img/ 43 B
510 B 97ms
96ms Image
image/gif 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gcmgames.com.br/files/_img/spacer.gif

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 43
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: image/gif
x-content-type-options: nosniff

GET
H2 200 spacer.gif
www.gcmgames.com.br/FILES/_IMG/ 43 B
510 B 96ms
95ms Image
image/gif 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gcmgames.com.br/FILES/_IMG/spacer.gif

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 43
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: image/gif
x-content-type-options: nosniff

GET
H2 200 spacer.gif
w1.ezcdn.com.br/gcmgames/files/_img/ 43 B
287 B 548ms
94ms Image
image/gif 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.ezcdn.com.br/gcmgames/files/_img/spacer.gif
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:23 GMT
via: EZCDN
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/spacer.gif>; rel="canonical"
content-length: 43

GET
H2 200 sprite_generica.png
w4.ezcdn.com.br/gcmgames/files/_img/layout/ 83 KB
84 KB 777ms
284ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_img/layout/sprite_generica.png
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c0593e62644a7fec131e43547e0d2cec3381175ce0b9fe98ffc35765becd61b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/layout/sprite_generica.png>; rel="canonical"
content-length: 85275

GET
H2 200 carrinho-icon.png
w4.ezcdn.com.br/gcmgames/files/_img/layout/ 51 KB
52 KB 773ms
280ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_img/layout/carrinho-icon.png
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 94a7bba3baf4aa24824ca274810347f807af47ca98fad1e74bd625fd837bbd13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/layout/carrinho-icon.png>; rel="canonical"
content-length: 52519

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 159ms
75ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,300,100italic,300italic,400italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 147494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,100,300,100italic,300italic,400italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 147494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 17:08:09 GMT

GET
H2 200 triangulo-topo-pag-produto.png
w4.ezcdn.com.br/gcmgames/files/_img/layout/ 37 KB
38 KB 764ms
285ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_img/layout/triangulo-topo-pag-produto.png
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 66d6c4a05908fcebf862ef9e7d3c71975d787911aa3b19abb1f2d4469b6b4841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227406
etag: W/1659984977
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/layout/triangulo-topo-pag-produto.png>; rel="canonical"
content-length: 38279

GET
H2 200 busca-cat-top-tri.png
w4.ezcdn.com.br/gcmgames/files/_img/layout/ 37 KB
37 KB 551ms
95ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_img/layout/busca-cat-top-tri.png
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0ffb079cda0d36482645313c77fbebc826aaefb5ce15a7dbf035e2b20a42b922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227406
etag: W/1659984977
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/layout/busca-cat-top-tri.png>; rel="canonical"
content-length: 37826

GET
H2 200 loading.gif
w4.ezcdn.com.br/gcmgames/files/_img/ 771 B
1016 B 739ms
283ms Image
image/gif 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_img/loading.gif
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_img/loading.gif>; rel="canonical"
content-length: 771

GET
H2 200 loading.gif
www.gcmgames.com.br/files/_img/ 771 B
1 KB 95ms
94ms Image
image/gif 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gcmgames.com.br/files/_img/loading.gif

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
vary: Accept-Encoding
age: 227415
date: Thu, 11 Aug 2022 10:06:23 GMT
content-length: 771
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
etag: W/1659984968
expect-ct: max-age=2592000, enforce
strict-transport-security: max-age=2592000; preload
content-language: pt-BR
cache-control: public,max-age=5184000
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
accept-ranges: bytes
content-type: image/gif
x-content-type-options: nosniff

GET
H2 200 sprite.png
w4.ezcdn.com.br/gcmgames/files/_custom_templates/custom_template_00001_1_1/_img/layout/ 6 KB
6 KB 738ms
285ms Image
image/png 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_custom_templates/custom_template_00001_1_1/_img/layout/sprite.png
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 214311a9366a961ba5da2aeb04d659b4da237be97fcbac135f62aa8e649f302f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_custom_templates/custom_template_00001_1_1/_img/layout/sprite.png>; rel="canonical"
content-length: 6015

GET
H2 404 fontawesome-webfont.woff2
w4.ezcdn.com.br/gcmgames/files/_css/fonts/ 0
0 549ms
97ms Font
text/plain 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_css/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:24 GMT
cache-control: private,no-cache,no-store,no-transform,must-revalidate,max-age=0
age: 0
content-length: 0
via: EZCDN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform-async.js?v=1584635910823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3863
date: Thu, 11 Aug 2022 09:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Aug 2022 11:02:00 GMT

GET
H2 200 B28-07062022155427.JPG
w4.ezcdn.com.br/gcmgames/files/_banners/ 53 KB
53 KB 250ms
249ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_banners/B28-07062022155427.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8bfb872b7eb198218613128be5c74402a9a1b20e8c662dd8dec29b6c21f58d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B28-07062022155427.JPG>; rel="canonical"
content-length: 54162
via: EZCDN

GET
H2 200 B25-07012021104419.JPG
w3.ezcdn.com.br/gcmgames/files/_banners/ 53 KB
53 KB 330ms
95ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w3.ezcdn.com.br/gcmgames/files/_banners/B25-07012021104419.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e5321dd3cb3939d73791581e72b18588f940c27a4cb92740cacde355ada73deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:23 GMT
content-encoding: gzip
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B25-07012021104419.JPG>; rel="canonical"
content-length: 54218
via: EZCDN

GET
H2 200 B30-29102020095243.JPG
w1.ezcdn.com.br/gcmgames/files/_banners/ 19 KB
19 KB 407ms
95ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.ezcdn.com.br/gcmgames/files/_banners/B30-29102020095243.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0245daa77bb76cebacef544bf46faf4e4bffb29bbc6fde190f470b3058e9b29f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:23 GMT
content-encoding: gzip
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B30-29102020095243.JPG>; rel="canonical"
content-length: 19221
via: EZCDN

GET
H2 200 B27-07012021085339.JPG
w4.ezcdn.com.br/gcmgames/files/_banners/ 59 KB
59 KB 251ms
250ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_banners/B27-07012021085339.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b8ee6dcd0a8566081fd5848b71e9ce47a619ba327b831d43adec9307daebee1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B27-07012021085339.JPG>; rel="canonical"
content-length: 60258
via: EZCDN

GET
H2 200 B31-29102020095021.JPG
w1.ezcdn.com.br/gcmgames/files/_banners/ 19 KB
19 KB 501ms
190ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.ezcdn.com.br/gcmgames/files/_banners/B31-29102020095021.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7812f0bbd5dbb1b353b63325891c5e95fce16b6b1391d60d0865eba85140de03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:23 GMT
content-encoding: gzip
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B31-29102020095021.JPG>; rel="canonical"
content-length: 19223
via: EZCDN

GET
H2 200 B29-29102020095047.JPG
w4.ezcdn.com.br/gcmgames/files/_banners/ 18 KB
18 KB 254ms
253ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_banners/B29-29102020095047.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9f19d9f6018fecf3ff04f866e6941a2c85a0b9e341a7bed8a983a1b7893a9c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B29-29102020095047.JPG>; rel="canonical"
content-length: 18071
via: EZCDN

GET
H2 200 recarga-celular-credito-online-tim-claro-vivo-oi-r-10-00.jpg
w4.ezcdn.com.br/gcmgames/fotos/pequena/1339fp1/ 22 KB
22 KB 251ms
250ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/fotos/pequena/1339fp1/recarga-celular-credito-online-tim-claro-vivo-oi-r-10-00.jpg
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3fdd4c769fae3ae6b05de109077227cb38d2e465666705fcf6041b2911b965a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 65850
etag: W/1660146534
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/fotos/pequena/1339fp1/recarga-celular-credito-online-tim-claro-vivo-oi-r-10-00.jpg>; rel="canonical"
content-length: 22351

GET
H2 200 recarga-celular-oi-claro-vivo-r-20-00.jpg
w4.ezcdn.com.br/gcmgames/fotos/pequena/498fp1/ 24 KB
24 KB 252ms
251ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/fotos/pequena/498fp1/recarga-celular-oi-claro-vivo-r-20-00.jpg
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e1adb6f427a4b13bbeb63a3c82bc2db0aba487817e8f02508302b732a24f6e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 65850
etag: W/1660146534
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/fotos/pequena/498fp1/recarga-celular-oi-claro-vivo-r-20-00.jpg>; rel="canonical"
content-length: 24450

GET
H2 200 recarga-celular-claro-vivo-oi-r-50-00.jpg
w4.ezcdn.com.br/gcmgames/fotos/pequena/499fp1/ 26 KB
26 KB 252ms
251ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/fotos/pequena/499fp1/recarga-celular-claro-vivo-oi-r-50-00.jpg
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fd658e65daffcde69ce2f0b2dce79ccc9531cdea4193dcf27cece1b6644ed0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 65850
etag: W/1660146534
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/fotos/pequena/499fp1/recarga-celular-claro-vivo-oi-r-50-00.jpg>; rel="canonical"
content-length: 26457

GET
H2 200 recarga-celular-oi-claro-vivo-r-15-00.jpg
w4.ezcdn.com.br/gcmgames/fotos/pequena/497fp1/ 13 KB
13 KB 253ms
252ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/fotos/pequena/497fp1/recarga-celular-oi-claro-vivo-r-15-00.jpg
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f0669f468e2482247a1b308dd273846000a122df6eba329d5bfbe0ea960c58ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
via: EZCDN
age: 65850
etag: W/1660146534
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/fotos/pequena/497fp1/recarga-celular-oi-claro-vivo-r-15-00.jpg>; rel="canonical"
content-length: 12985

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:51:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Aug 2022 10:51:53 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
244 B 43ms
43ms Ping
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63821524-1&cid=384816111.1660212381&jid=1381005321&gjid=1484048837&_gid=1458625793.1660212381&_u=aGBAiUIJDAAAAE~&z=868596083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 10:06:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
100 B 43ms
42ms Ping
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 53ms
20ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2269208-1&cid=384816111.1660212381&jid=1443453661&gjid=939957706&_gid=1458625793.1660212381&_u=aGDAiUIJDAAAAE~&z=1444729455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Aug 2022 10:06:23 GMT
content-type: text/plain
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 147ms
63ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63821524-1&cid=384816111.1660212381&jid=1381005321&_u=aGBAiUIJDAAAAE~&z=184949697

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 148ms
61ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63821524-1&cid=384816111.1660212381&jid=1381005321&_u=aGBAiUIJDAAAAE~&z=184949697

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff
w4.ezcdn.com.br/gcmgames/files/_css/fonts/ 70 KB
70 KB 96ms
95ms Font
application/x-woff 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_css/fonts/fontawesome-webfont.woff?v=4.3.0
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18

Request headers

Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227415
etag: W/1659984968
vary: Accept-Encoding
content-type: application/x-woff
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_css/fonts/fontawesome-webfont.woff?v=4.3.0>; rel="canonical"
content-length: 71511
via: EZCDN

GET
H2 200 100318.js Show response
cdn.targeting.voxus.com.br/ 2 KB
1 KB 248ms
200ms Script
application/javascript 2606:4700:10::ac43:254d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.targeting.voxus.com.br/100318.js?_=1660212380725
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:254d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4041d1cc02d8516ab396c6442273393bd777885e4bd7d19af8ce8ac7661470be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 11 Aug 2022 10:06:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 7390288bcf3d8ffe-FRA
content-length: 900
expires: Sat, 10 Sep 2022 10:14:55 GMT

GET
H2 200 tracking.js Show response
app.shoptarget.com.br/js/ 20 KB
7 KB 132ms
13ms Script
application/javascript 13.224.189.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/js/tracking.js
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: CzK.wXZAzki8t7nWZWFv0B8JJD_MQ.pS
content-encoding: gzip
last-modified: Tue, 24 Nov 2020 13:43:00 GMT
server: AmazonS3
age: 783
etag: W/"3a7b70eb7bc47fffe80267fbaef15990"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Thu, 11 Aug 2022 10:01:06 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7kSeW5-qY4JI7Po0qUkAgSlQ2YSaQ9ZC4aeM-TRarEEcYZYtyMYEiQ==

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 191ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js?_=1660212380726

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
server: nginx
etag: W/"62bc0403-a792"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Aug 2022 10:06:24 GMT

GET
H2

200

widget.min.js Show response
js.huggy.chat/
Redirect Chain

https://w-cdn.huggy.io/widget.min.js?v=8.0.0
https://js.huggy.chat/widget.min.js

709 KB
175 KB

266ms
33ms

Script
application/javascript

2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/widget.min.js
Protocol: H2
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2bc26f5ff936fd533e6b932e60baa8c5c40e826c7eadaa1db0aac951c484db7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:47:36 GMT
server: AmazonS3
x-amz-request-id: 3G4QW5Q7H0ECHDZH
etag: "80517731e86efd5dace9cad6ba7993e1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
x-amz-id-2: WaDwUwphBLPpbgMOku0eM2Isq227cTU1dYGlhZAOtI5kO74iZjRrbjQ37W1487VD3XXadhwQFW8=

Redirect headers

date: Thu, 11 Aug 2022 10:06:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzvlK3w4U23MIa6luC%2F4mmqr2Y7GJ2owWshuZSj0Tv1ADHNJPoeiR8PXw7D3qChpZJ52vbuew7VK69jLceqo%2BTrbUIN4PUl65rCMD6qs%2BtAt1k9QxpF0FhqJH7xwuqXB0nQZQBTiEV%2FXJNCz"}],"group":"cf-nel","max_age":604800}
location: https://js.huggy.chat/widget.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7390288bc98c9036-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 widget.js Show response
certificate.trustvox.com.br/ 26 KB
6 KB 206ms
158ms Script
application/javascript 2606:4700::6812:1aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://certificate.trustvox.com.br/widget.js?_=1660212380727
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b2f5622b6448a36e9744495757033a5ceb717250988d977d522b33f70d6ee41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycdso3vM9xer61v5AtC7Hw2Au966iB_823ggENClcTVRfsiYEAfCytba9SG6BjsXmhAC0bDN-xB3m368q5VdnXHHR0g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Thu, 06 May 2021 17:11:50 GMT
server: cloudflare
etag: W/"59c0441f8026d13c94b9196cc8a0dc85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=3HaqDA==, md5=WcBEH4Am0TyUuRlsyKDchQ==
x-goog-generation: 1620321110589876
cache-control: public, max-age=14400
x-goog-stored-content-length: 26585
cf-ray: 7390288bd84c9bdc-FRA
expires: Thu, 11 Aug 2022 14:06:24 GMT

GET
H2 404 blog2.jpg
w4.ezcdn.com.br/gcmgames/files/_arquivos/bannerblog/ 0
135 B 97ms
96ms Image
text/plain 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_arquivos/bannerblog/blog2.jpg
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/css/build/template.css?v=08082019135000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:24 GMT
cache-control: private,no-cache,no-store,no-transform,must-revalidate,max-age=0
age: 0
content-length: 0
via: EZCDN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
47 KB 147ms
58ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBNMBHH

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform-async.js?v=1584635910823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b89fb75ad247043d278773e869308b438e2cd2d38ac7c78c1ebd3d905ab60c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47299
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 10:06:24 GMT

GET
H2 200 script_substitution.asp Show response
www.gcmgames.com.br/ 454 B
756 B 135ms
134ms XHR
text/javascript 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gcmgames.com.br/script_substitution.asp?cupomcode=&_=1660212380728

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

12b876b0dc6795b2d7519927ac90701aec42653de7f89de473392851e1991f9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
strict-transport-security: max-age=2592000; preload
content-length: 231
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: nginx
host: www.gcmgames.com.br
x-frame-options: sameorigin
expect-ct: max-age=2592000, enforce
vary: Accept-Encoding
content-language: pt-BR
cache-control: private,no-cache,no-store,no-transform,must-revalidate,max-age=0
feature-policy: payment 'self'; fullscreen 'self'; microphone 'none'; camera 'none'
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: text/javascript; Charset=UTF-8

GET
H2 200 B28-07062022155427.JPG
w4.ezcdn.com.br/gcmgames/files/_banners/ 53 KB
53 KB 96ms
96ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_banners/B28-07062022155427.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8bfb872b7eb198218613128be5c74402a9a1b20e8c662dd8dec29b6c21f58d06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227416
etag: W/1659984968
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B28-07062022155427.JPG>; rel="canonical"
content-length: 54162
via: EZCDN

GET
H2 200 B25-07012021104419.JPG
w3.ezcdn.com.br/gcmgames/files/_banners/ 53 KB
53 KB 99ms
99ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w3.ezcdn.com.br/gcmgames/files/_banners/B25-07012021104419.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e5321dd3cb3939d73791581e72b18588f940c27a4cb92740cacde355ada73deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227433
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B25-07012021104419.JPG>; rel="canonical"
content-length: 54218
via: EZCDN

GET
H2 200 B30-29102020095243.JPG
w1.ezcdn.com.br/gcmgames/files/_banners/ 19 KB
19 KB 99ms
98ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.ezcdn.com.br/gcmgames/files/_banners/B30-29102020095243.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0245daa77bb76cebacef544bf46faf4e4bffb29bbc6fde190f470b3058e9b29f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B30-29102020095243.JPG>; rel="canonical"
content-length: 19221
via: EZCDN

GET
H2 200 B27-07012021085339.JPG
w4.ezcdn.com.br/gcmgames/files/_banners/ 59 KB
59 KB 97ms
96ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w4.ezcdn.com.br/gcmgames/files/_banners/B27-07012021085339.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b8ee6dcd0a8566081fd5848b71e9ce47a619ba327b831d43adec9307daebee1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227416
etag: W/1659984968
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B27-07012021085339.JPG>; rel="canonical"
content-length: 60258
via: EZCDN

GET
H2 200 B31-29102020095021.JPG
w1.ezcdn.com.br/gcmgames/files/_banners/ 19 KB
19 KB 98ms
98ms Image
image/jpeg 20.65.84.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w1.ezcdn.com.br/gcmgames/files/_banners/B31-29102020095021.JPG
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/js/build/platform.js?v=1574259897134
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.65.84.125 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7812f0bbd5dbb1b353b63325891c5e95fce16b6b1391d60d0865eba85140de03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
age: 227432
etag: W/1659984952
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
link: <http://www.gcmgames.com.br/files/_banners/B31-29102020095021.JPG>; rel="canonical"
content-length: 19223
via: EZCDN

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 46ms
46ms Ping
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
46ms Ping
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3241 Show response
app.shoptarget.com.br/impulse_api/is_impulse/ 39 B
411 B 230ms
206ms XHR
application/json 13.224.189.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/impulse_api/is_impulse/3241
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-103.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 5dfeba99dc69c8d7b89cafae438c373b32f330f79371597f4127e4606f730b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: N_7sT5uY-nTfKuZpm5tLZOEWUfSQ_QTCWUSbAou9I3Te4mnP9SJ-Ng==
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 3241 Show response
app.shoptarget.com.br/impulse_api/is_impulse/ 39 B
412 B 228ms
206ms XHR
application/json 13.224.189.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/impulse_api/is_impulse/3241
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-103.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 5dfeba99dc69c8d7b89cafae438c373b32f330f79371597f4127e4606f730b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
x-amz-cf-id: QTcc_lcU1dk3C_z_DlXFAMvKVSe0_SmPrD6NKfMxY769oaqciCyCqw==
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 72D8 15 KB
6 KB 53ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.gcmgames.com.br&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js?_=1660212380726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 10:06:24 GMT
server-processing-duration-in-ticks: 2144
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 153ms
67ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBNMBHH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 10:06:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: 3Ar6gdg46+hbteFlCzXYIf6wqUteBPEbm7DJbygZ0bmHXIf4pQhlGATjtRcXxO9LoacDM5rHNJpnTAZrFbK3fg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 10:06:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET f0459fe4cd0acca154e6b11f90c8bd32
app.popkit.club/pixel/ 0
0

GET
H2 200 widget.css
certificate.trustvox.com.br/ 7 KB
1 KB 26ms
25ms Stylesheet
text/css 2606:4700::6812:1aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://certificate.trustvox.com.br/widget.css
Requested by: Host: certificate.trustvox.com.br
URL: https://certificate.trustvox.com.br/widget.js?_=1660212380727
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab87be18ca9e16ff3280bce7c30b836ba2bc6c51303cd1f58787ea8508a94c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 108
x-guploader-uploadid: ADPycdu7fTM6kRv6_BPHFM6cgm52eBoRS164YrZ2acw7qpMIw9xRGlCmi0MUkPdjoUahuGyiPsCkqLrNesWGakYdlxnxlw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/css
last-modified: Mon, 02 May 2022 20:46:27 GMT
server: cloudflare
etag: W/"a026e2b98443784040d9394c2b8eef72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ZekIsA==, md5=oCbiuYRDeEBA2TlMK47vcg==
x-goog-generation: 1620321110496412
cache-control: public, max-age=14400
x-goog-stored-content-length: 7089
cf-ray: 7390288cf9ca9bdc-FRA
expires: Thu, 11 Aug 2022 14:06:24 GMT

GET
H2 200 load Show response
trustvox.com.br/trust_seal/v1/preferences/ 919 B
718 B 352ms
338ms Script
text/javascript 2606:4700::6812:1aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trustvox.com.br/trust_seal/v1/preferences/load?origin=www.gcmgames.com.br&callback=_tvCertificateReady

Requested by

Host: certificate.trustvox.com.br
URL: https://certificate.trustvox.com.br/widget.js?_=1660212380727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68feacdbfc41fdf784f0e4f1da2ec9b845a8ce43fd6a3f742fc18077b59a94e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 302ca82aeb85eaa8af9afc782dbab2b2
x-runtime: 0.004522
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"68feacdbfc41fdf784f0e4f1da2ec9b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7390288d09e29bdc-FRA
expires: Thu, 11 Aug 2022 14:06:25 GMT

GET
H3 200 410309732455260 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 75ms
63ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410309732455260?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91fa37cea50de551c1cd1d367311a4acf34db0e578224d0d1f64e8c3701251cc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: feShrhD+XR6ivEKeanGmWSObuWdylLnQg+GOeVXwkiEE5u62jRgjd8hCZlQOb0OD6SmkJrGmbOCCzsOVKmKB1A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 10:06:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660212384899
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 72D8
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=gcmgames.com.br&sn=ChromeSyncframe&so=0&topUrl=www.gcmgames.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=dIj8gXxGTGxpUDI3THlWWml5TFVTMVRzek5kWjFSdUhwbndBRTZJaSsxa1dpbVpKT3NwSktTNDVxOGVkSXpJMkZ0elJLS1lQREQ2RDlYZ3Axb3M1WkhReHl6Uk5ySWpITEJSWXp0YWFRSS8xTFNXamN2MWp2SDNhVmc1RD...

433 B
637 B

170ms
23ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dIj8gXxGTGxpUDI3THlWWml5TFVTMVRzek5kWjFSdUhwbndBRTZJaSsxa1dpbVpKT3NwSktTNDVxOGVkSXpJMkZ0elJLS1lQREQ2RDlYZ3Axb3M1WkhReHl6Uk5ySWpITEJSWXp0YWFRSS8xTFNXamN2MWp2SDNhVmc1RDlDNjVzVlVMTXBBYTliTS93MlVZZitLa0tUejd0eG10UWZNUldHVWZPdHRTT1JJd0hIa2pZNDFLS1REK2kvd0MwWDZIODF4N0haYmxFYVUrdngwZW0yQ1E3ZVZJMUJBVzB6MGR2VlpVYitqNERSNVNLNU5BRnpDN0Jkd2xzdDNCV2l4L0crc3VUOU94UmhvRnRGZGZBb2tTMCtzdE1SUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d5a4c407d8fe96cfe8c0ef104490a2deea12c8c5450bdb0efb362933444346fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7236
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=dIj8gXxGTGxpUDI3THlWWml5TFVTMVRzek5kWjFSdUhwbndBRTZJaSsxa1dpbVpKT3NwSktTNDVxOGVkSXpJMkZ0elJLS1lQREQ2RDlYZ3Axb3M1WkhReHl6Uk5ySWpITEJSWXp0YWFRSS8xTFNXamN2MWp2SDNhVmc1RDlDNjVzVlVMTXBBYTliTS93MlVZZitLa0tUejd0eG10UWZNUldHVWZPdHRTT1JJd0hIa2pZNDFLS1REK2kvd0MwWDZIODF4N0haYmxFYVUrdngwZW0yQ1E3ZVZJMUJBVzB6MGR2VlpVYitqNERSNVNLNU5BRnpDN0Jkd2xzdDNCV2l4L0crc3VUOU94UmhvRnRGZGZBb2tTMCtzdE1SUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2139
content-length: 541
expires: 0

POST
H2 200 / Show response
widget.huggy.io/chat/configs/ 2 KB
2 KB 309ms
248ms XHR
text/html 2606:4700:20::ac43:4635
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.huggy.io/chat/configs/
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d95eafbedf5bc63c5cb77855a1e4570555479250a10f4cf2541ab7a01e40910

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pz-route
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aHr7yiy83uLWcW4XK2OTbawQHs5%2BbSI7FA5tbk2ESo5QQbGxdlCaNjEUOEXDe6PBfT1LOUR%2FGPt7eTHi8qrdgnCm6dQYuVEriKGmWx10OsaBqMxwFs1VWko60I9TTuiTIjG%2FmvkDD7%2FhsfW7Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7390288e5b129259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 5.6ababfc94fc729ffd7c8.js
js.huggy.chat/ 0
8 KB 20ms
19ms Other
application/javascript 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/5.6ababfc94fc729ffd7c8.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:47:35 GMT
server: AmazonS3
x-amz-request-id: 0RBB728WDV5XYW0J
etag: "b155f0a6304f1a6ecc4a89c83d57a935"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8295
x-amz-id-2: YaugFRQbnf3m5iaEdUBrVFMxp+olrlBnGs3AKw6p8hzKgJlJI0fFiQXCbnSuq+053nqc3x21xOI=

GET
H2 200 14.65cfac372fb47aba31a6.js
js.huggy.chat/ 0
1 KB 18ms
18ms Other
application/javascript 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/14.65cfac372fb47aba31a6.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:24 GMT
last-modified: Wed, 27 Apr 2022 12:47:35 GMT
server: AmazonS3
x-amz-request-id: SHEK2EDH09NH7S3E
etag: "a32814b4a1433a252b441e52a498de87"
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=441843
accept-ranges: bytes
access-control-allow-headers: *
content-length: 839
x-amz-id-2: 1K75PmwAIOrVekTASt33ycIOiY3/9/9FoyFaCPrzoHcUVAdLmJy/EcQvUSz4HaZJVe0Jtf0hl8s=

GET
H2 200 18.36b7fc3b1622570ce2a2.js
js.huggy.chat/ 0
88 KB 46ms
46ms Other
application/javascript 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/18.36b7fc3b1622570ce2a2.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:47:35 GMT
server: AmazonS3
x-amz-request-id: N3VS1CNWKEN5YP0T
etag: "a6289f22e3fad99075fdd7aa3dc49e65"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
x-amz-id-2: Jz2hSNS0urG8mMPtkIH5w/s1PllsrYp6Bj/+/a8VxjnMSxzA2RujiNghr+EBQxLla/7ht0MPM7g=

GET
H3 200 688174648455174 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 144ms
144ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/688174648455174?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64a2cfa9b976f3035ddc939bae67324cafe5783fa7717c89dfd3f0c96ee54612

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ValT0ChJUq5qL6+rsP5PKaPWEuQmQOjCTtgLMgA7awNrRal1a+m+X+xtBMO2KK7iw0c24SetkgBnVVxTmTSQZg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 10:06:25 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660212385117
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 40ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410309732455260&ev=PageView&dl=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&rl=&if=false&ts=1660212382271&sw=1600&sh=1200&v=2.9.73&r=stable&ec=0&o=30&fbp=fb.2.1660212382270.986587209&it=1660212382122&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/960402742/ 2 KB
2 KB 156ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/960402742/?random=1660212382275&cv=9&fst=1660212382275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&tiba=Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4a4e4e9c35fba7d8dcc0d00609af2a9770c60b64c1dfb0642fc60171f369a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flags.json Show response
suite.linximpulse.net/impulse/gcmgames/ 583 B
1 KB 93ms
15ms XHR
application/json 2600:9000:21f3:3000:2:5ea4:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/gcmgames/flags.json
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:2:5ea4:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 638a480ab90c68ac0442549be9748390bcf676941a9cc95771e1019d283d769c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: LeADaTTSZGd_1PYyYy.E2gVkbaLYxP_e
via: 1.1 0d94766f433ae64cf30c40acb74fc43e.cloudfront.net (CloudFront)
etag: "bae99f712b7a37f15350b9960684e8ba"
age: 14260
x-cache: Hit from cloudfront
content-length: 583
last-modified: Tue, 22 Sep 2020 17:33:28 GMT
server: AmazonS3
date: Thu, 11 Aug 2022 10:06:25 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900,s-maxage=900
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: pso8BtPCVEBLEK-bVEbge8bQ1zWzn66Cm4yo7fSGND7EvEYZWq2qSA==

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEV...
https://widget.us.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEV...

10 KB
5 KB

611ms
121ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEVJUGMwb2pMcDZLMCUyQlg1aW9vVmdrTExvSXZGSVhqY0taJTJGTHR3b0lxYVdLc1A2amNlcjJGU0hOVUN5UnZRVXNTa1IxZzU0bmlsSzMycTk1c2lXa2FWNzNMJTJGT1ZXSTJDSWs1NWtSM0F4JTJCSHJDRXRFSGxWVGFXa0hHVjhqUTBQMHEwJTJGb24zZWlBcGs2U0ZRJTNEJTNE&tld=gcmgames.com.br&fu=https%253A%252F%252Fwww.gcmgames.com.br%252Frecarga-celular-m25%252F&dtycbr=21110

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2a90481dffd785bb11576544c95fcd60067f882bc00d610dfa8337f8e830de6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 29374098
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:24 GMT
content-encoding: gzip
server: Kestrel
location: https://widget.us.criteo.com/event?a=46008&v=5.12.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvl%26p%3D%255B1339%252C498%252C499%255D&p3=e%3Ddis&adce=1&bundle=s0DxK19kNkwzeHB6bEVJUGMwb2pMcDZLMCUyQlg1aW9vVmdrTExvSXZGSVhqY0taJTJGTHR3b0lxYVdLc1A2amNlcjJGU0hOVUN5UnZRVXNTa1IxZzU0bmlsSzMycTk1c2lXa2FWNzNMJTJGT1ZXSTJDSWs1NWtSM0F4JTJCSHJDRXRFSGxWVGFXa0hHVjhqUTBQMHEwJTJGb24zZWlBcGs2U0ZRJTNEJTNE&tld=gcmgames.com.br&fu=https%253A%252F%252Fwww.gcmgames.com.br%252Frecarga-celular-m25%252F&dtycbr=21110
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9053683
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 session.js Show response
suite.linximpulse.net/impulse/ 14 KB
5 KB 29ms
8ms Script
application/javascript 2600:9000:21f3:3000:2:5ea4:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/session.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:2:5ea4:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe1f2315a24c0f3ea5646738a71087bd616af2aee8769267ec035ad9a31a02a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: rKUZaQIaiHaVqqdcR20FKY_WhyJk6ue4
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 14:10:01 GMT
server: AmazonS3
age: 16898
etag: W/"b2bd62c7743410a9f47119f7e37ad838"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Thu, 11 Aug 2022 05:24:48 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ukx-NBniEwKo2icTWPRJ0FytPXGXMCqzmkoW4TkZUQByxZe8S2QJGg==

GET
H2 200 collection.js Show response
suite.linximpulse.net/impulse/ 9 KB
4 KB 28ms
8ms Script
application/javascript 2600:9000:21f3:3000:2:5ea4:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/collection.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:2:5ea4:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76cf209ad2b2e77d41db6b60874c228d99f23877b89e0d0ef802ed3eb88fba73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: aLhPWO8tbjWMgWrx2QbfRA8mgJSovkOK
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 14:50:17 GMT
server: AmazonS3
age: 19047
etag: W/"2454beff9e91416ce51e4cb68653c997"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Thu, 11 Aug 2022 04:48:59 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 3mD-LXdJO23Bb1wn7oEpfDEHdt5qwgIHR9WONuxkCspqfr6BSuQDCQ==

POST
H2 200 legacy_id Show response
api-ads.percycle.com/ 51 B
531 B 312ms
291ms XHR
application/json 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-ads.percycle.com/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-69.fra2.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 628ae5209ff66d86db509f30a2c881b3db39ce3092c090e9a1b9c68497cfb6d2

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type
content-length: 51
x-amz-cf-id: uqS2OsUKxRkgWOrrXb0DSKuFMyBhcm244BDwRsGXPPsM4OlAibP_SQ==

POST
H2 200 legacy_id Show response
collect.chaordicsystems.com/ 51 B
671 B 395ms
376ms XHR
application/json 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.chaordicsystems.com/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 628ae5209ff66d86db509f30a2c881b3db39ce3092c090e9a1b9c68497cfb6d2

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
content-md5: ObYu3IgR4iNWtWOts3dz2w==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID ADMa OPTa OUR NOR"
content-length: 51
x-request-id: 51e2ca9a-dca5-46e1-a225-91f8b1179f1f
x-response-time: 1
monkey: ip-10-26-70-82:9000@v6.0.170
server: nginx
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
access-control-allow-headers: *
x-amz-cf-id: BH3NCPoIIq1Ijd9Qr1Ldlmby5J-Uc8sxXSj9O3273neHy6ULNOTohA==

POST
H2 200 legacy_id Show response
ckies.net/ 51 B
525 B 310ms
288ms XHR
application/json 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/legacy_id
Requested by: Host: suite.linximpulse.net
URL: https://suite.linximpulse.net/impulse/session.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 628ae5209ff66d86db509f30a2c881b3db39ce3092c090e9a1b9c68497cfb6d2

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: OPTIONS, POST
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Content-Type
content-length: 51
x-amz-cf-id: GRP6PL6sTS4l0nvp5qBCnUv7VJLqrSkMJfHMm2Av-Ece1U5qRxK66w==

OPTIONS
H2 200 legacy_id
api-ads.percycle.com/ Frame 0
0 427ms
298ms Preflight
text/plain 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-ads.percycle.com/legacy_id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-69.fra2.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.gcmgames.com.br
content-length: 0
content-type: text/plain
date: Thu, 11 Aug 2022 10:06:25 GMT
server: awselb/2.0
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-id: 1r54QwE4CPOmVQjfuxGs3lDGZ3QxJnP31kuSlQDJTL1bp87z7jwcpQ==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

OPTIONS
H2 204 legacy_id
collect.chaordicsystems.com/ Frame 0
0 459ms
386ms Preflight 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.chaordicsystems.com/legacy_id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-host
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: https://www.gcmgames.com.br
access-control-max-age: 1728000
date: Thu, 11 Aug 2022 10:06:25 GMT
server: nginx
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id: EPuBIIznjzv7L61xWd0j-ogijmK-ZwcJJk1Pu1UcO6d_QQZuzZn0fA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

OPTIONS
H2 200 legacy_id
ckies.net/ Frame 0
0 353ms
289ms Preflight
text/plain 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/legacy_id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.gcmgames.com.br
content-length: 0
content-type: text/plain
date: Thu, 11 Aug 2022 10:06:25 GMT
server: awselb/2.0
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-id: MmRAnmycLoomqBEKCRlNijBDoUQgiZb3bX-7uk1t9YSTz3I-KEFqgQ==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H3 200 /
www.google.com/pagead/1p-user-list/960402742/ 42 B
64 B 140ms
49ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/960402742/?random=1660212382275&cv=9&fst=1660212000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&frm=0&url=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&tiba=Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games&async=1&fmt=3&is_vtc=1&random=2231331918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/960402742/ 42 B
64 B 145ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/960402742/?random=1660212382275&cv=9&fst=1660212000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&frm=0&url=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&tiba=Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games&async=1&fmt=3&is_vtc=1&random=2231331918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gcmgames Show response
certificados.trustvox.com.br/ Frame 208E 2 KB
1 KB 359ms
342ms Document
text/html 2606:4700::6812:1aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://certificados.trustvox.com.br/gcmgames?hidden=true

Requested by

Host: certificate.trustvox.com.br
URL: https://certificate.trustvox.com.br/widget.js?_=1660212380727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754bb9ac3d085efab70f7efab6ca082230a959ea2c3545654adb5746c209d5f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	ALLOWALL

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
cf-cache-status: MISS
cf-ray: 7390288f5d4a9bdc-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 10:06:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 11 Aug 2022 11:06:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-request-id: b11d96ea86d4dd9367f032a5df96d3f5
x-runtime: 0.007128

GET
H2 200 small-right.svg
certificate.trustvox.com.br/images/site-sincero/ 23 KB
8 KB 47ms
44ms Image
image/svg+xml 2606:4700::6812:1aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certificate.trustvox.com.br/images/site-sincero/small-right.svg
Requested by: Host: certificate.trustvox.com.br
URL: https://certificate.trustvox.com.br/widget.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04496da2c18ceb8e7931797e2bec6a65f34887a01eb654e912bea0b839607548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificate.trustvox.com.br/widget.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvtURWdsCBLGNw6w1NkTTXfqSuB9KPQeosLywKbOzXu2Yf_EWVNH1ePjxjR9jk_ebIg5oNqhykRGyYSrSNE-Bmw4E2rg8Au
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Thu, 06 May 2021 17:11:50 GMT
server: cloudflare
etag: W/"47fd548e62f9352e2bbd22287357c666"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=IBlD1A==, md5=R/1UjmL5NS4rvSIoc1fGZg==
x-goog-generation: 1620321110892921
cache-control: public, max-age=14400
x-goog-stored-content-length: 23722
cf-ray: 7390288f4d1b9bdc-FRA
expires: Thu, 11 Aug 2022 14:06:25 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 24ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=688174648455174&ev=PageView&dl=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&rl=&if=false&ts=1660212382498&sw=1600&sh=1200&v=2.9.73&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.2.1660212382270.986587209&it=1660212382122&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 11 Aug 2022 10:06:25 GMT

POST
H2 200 / Show response
widget.huggy.io/chat/ping/ 335 B
1019 B 204ms
204ms XHR
text/html 2606:4700:20::ac43:4635
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.huggy.io/chat/ping/
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513228dc1e7198561c055065b7c8ee9703b090917a731ed892b5f92ca3c224a4

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pz-route
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erlTR1arCT%2B1oOghPA6HoziFRO%2B%2FYQGowJwdGh%2BlQLuY9IKFmUh70EgJeqQ0sjRFcqJT5AMHh3QrulbvOpvzydIMQL0dWz7lgJEiu4E2%2Bzl2zRungIu%2F0ji%2F9cw%2BbNFLSJb7%2BT8zyWu%2FtEhQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7390288fecea9259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
widget.huggy.io/chat/isOnline/ 101 B
872 B 131ms
131ms XHR
text/html 2606:4700:20::ac43:4635
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.huggy.io/chat/isOnline/
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1ea20222499ae6ac9d063839ef4ab8e81c5aa0b8dbdb969e6f6b54625215b9

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pz-route
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaFSQ8YOAU%2FvuGtFrK1ODPdRABX2O%2Bioyogdqe0%2Fu5tBtmxleNiOQZeeSork80RcdenOKbnKkSnUpUp2K3R9Hb3nWv1zOik8QRejdyV%2BE6EVW8Z4UWofNBR%2FrWJgL1nEKhDSd9Pmbvye7m%2F%2FVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 739028913e949259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410309732455260&ev=Microdata&dl=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&rl=&if=false&ts=1660212382774&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games%22%2C%22meta%3Adescription%22%3A%22Compre%20aqui%20sua%20recarga%20do%20celular%20sem%20sair%20de%20casa%20para%20todas%20as%20operadores.%22%2C%22meta%3Akeywords%22%3A%22Cr%C3%A9dito%20celular%2C%20recarga%20celular%2C%20OI%2C%20TIM%2C%20VIVO%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22GCM%20Games%22%2C%22og%3Atitle%22%3A%22Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games%22%2C%22og%3Adescription%22%3A%22Compre%20aqui%20sua%20recarga%20do%20celular%20sem%20sair%20de%20casa%20para%20todas%20as%20operadores.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Flogo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Fpesquisa%2F%3Fp%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22javascript%3Alocation.reload()%3B%22%2C%22name%22%3A%22RECARGA%20CELULAR%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.73&r=stable&ec=1&o=30&fbp=fb.2.1660212382270.986587209&it=1660212382122&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 208E 27 KB
1 KB 120ms
47ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CBebas+Neue:regular

Requested by

Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54f02a26b41529e67d8c82b81fb0ec7a54a4880e8a2a97a3d4af0574ebe3806e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H3 200 icon
fonts.googleapis.com/ Frame 208E 569 B
366 B 127ms
55ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 stylesheets-32af36bf.css
trustvox-certificate-assets.storage.googleapis.com/packs/css/ Frame 208E 17 KB
18 KB 163ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trustvox-certificate-assets.storage.googleapis.com/packs/css/stylesheets-32af36bf.css
Requested by: Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c33a24025222203e7a2269b0e8ed0c68154125b1afa7f1d9520924672ec15c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:55:15 GMT
age: 670
x-guploader-uploadid: ADPycdubyeWG_Csqa1UL4IZYgau9U59LHKf0maklqYOofID1ajSsvnPQO1N0PDqxOTYMsP5hgg1WjmeBlElB-427X3_OV2VLTDpr
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17772
last-modified: Thu, 06 Jan 2022 23:37:40 GMT
server: UploadServer
etag: "8a450f09d43d85bda31bdb88d666d634"
x-goog-hash: crc32c=UtCT0w==, md5=ikUPCdQ9hb2jG9uI1mbWNA==
x-goog-generation: 1635774990507602
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17772
accept-ranges: bytes
content-type: text/css
expires: Thu, 11 Aug 2022 10:55:15 GMT

GET
H2 200 application-df8026aa73c6b60bf6dc.js Show response
trustvox-certificate-assets.storage.googleapis.com/packs/js/ Frame 208E 146 KB
146 KB 177ms
52ms Script
application/javascript 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trustvox-certificate-assets.storage.googleapis.com/packs/js/application-df8026aa73c6b60bf6dc.js
Requested by: Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8a40d99d2cf732daefa59c0de332d8001e8564a14bfa99a5406ca2da7a141d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 09:14:26 GMT
age: 3119
x-guploader-uploadid: ADPycdsINN0tgeFooCUjC3hGxB1yStygLxEeMK_Y9AeWnYOfcigBG26nufROK0Xl8v9YF9szYGedbQqisuygWXjcPFThGg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149307
last-modified: Thu, 06 Jan 2022 23:37:38 GMT
server: UploadServer
etag: "fa4297f897c6735d2e2aa9dbf44f76ec"
x-goog-hash: crc32c=aFHCCA==, md5=+kKX+JfGc10uKqnb9E927A==
x-goog-generation: 1641512258568713
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 149307
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 11 Aug 2022 10:14:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 208E 106 KB
41 KB 134ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45690715-8

Requested by

Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be8a9a2f760f0742f517f5f328c4706e6002ffb81f8abf85a3cbe19ca10142db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41882
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H3 200 empty-5508c842d9231d4a99372847138719cd.png
trustvox-certificate-assets.storage.googleapis.com/packs/media/images/ Frame 208E 25 KB
25 KB 238ms
159ms Image
image/png 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trustvox-certificate-assets.storage.googleapis.com/packs/media/images/empty-5508c842d9231d4a99372847138719cd.png
Requested by: Host: certificados.trustvox.com.br
URL: https://certificados.trustvox.com.br/gcmgames?hidden=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4ea09600373fd4473808ee9cc1bec09b507d2b4a6a1a2475d5ceff74b3bef1c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://certificados.trustvox.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
age: 1
x-guploader-uploadid: ADPycdu_E2-rYOQQr9KfEVDMUzTVI0lkNF7D4tmwsufMf9TYqy0l2tLMZxFMouXdkERob0ve3CQYJuMKWMCb9OaEL_Eld6TXD03A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25133
last-modified: Thu, 06 Jan 2022 23:37:34 GMT
server: UploadServer
etag: "5508c842d9231d4a99372847138719cd"
x-goog-hash: crc32c=ey7L8A==, md5=VQjIQtkjHUqZNyhHE4cZzQ==
x-goog-generation: 1641512254637082
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31557600
x-goog-stored-content-length: 25133
accept-ranges: bytes
content-type: image/png
expires: Fri, 11 Aug 2023 10:06:25 GMT

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ 2 KB
814 B 59ms
18ms Stylesheet
text/css 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c906e8dcbf84ad42019e58e8ffb69f3a7d84f1fb5df0298d5fc2bc09c108e80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:04:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: W/"19a00b6df5593c33f4b1b2520afabdc2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
content-length: 517
x-amz-cf-id: 82sBKdfX3a0tRQRFSLHukEkwcOCGzEIKRq8Jy4kGQ379vN1EKbJQsA==
expires: Thu, 18 Aug 2022 10:06:25 GMT

POST
H2 200 / Show response
widget.huggy.io/chat/list/ 87 B
1 KB 130ms
130ms XHR
text/html 2606:4700:20::ac43:4635
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.huggy.io/chat/list/
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4635 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd24e3e3d8e839c45839329818e9b8db0251ef6098bf8867708b76253b1c4053

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-pz-route
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10%2BBuy6VUjb18JovtFckMv2IN1QvMafSjHEFOFwyrEYEyd8IpEPmCS5b6nyVj8axaTiiZYyXELhX%2B%2BDPVllpJ6mzG%2FBF9i7DKiuVvoL2ug4PW9AmWOtuwo7k940xGk9Y8ReMU3st7bk0cIzPFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 739028922fc89259-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 12.abba7e55d495a2ad22ce.js Show response
js.huggy.chat/ 9 KB
5 KB 20ms
20ms Script
application/javascript 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/12.abba7e55d495a2ad22ce.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f0fc36ec143fba605ddcf53cd3239220b8fac3b64225633fc5e4054793adb818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:47:35 GMT
server: AmazonS3
x-amz-request-id: Z7A9VDK66HSRR2WY
etag: "43aa366b3db1e892fba3df1368cae015"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4441
x-amz-id-2: rXwNqTwYUrnJZThFcLjOZWk+nIXg3t+vLbVZuAklduwmJ6Ume6uXTBeWBKuGWmrq49wrH21f+0Y=

GET
H3 200 css
fonts.googleapis.com/ Frame C645 4 KB
549 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3630925de3d029aa2ff1530cc7ecbcaa33bd4b55737873f00822ef2ca41cc017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ Frame C645 2 KB
814 B 27ms
18ms Stylesheet
text/css 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c906e8dcbf84ad42019e58e8ffb69f3a7d84f1fb5df0298d5fc2bc09c108e80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:04:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: W/"19a00b6df5593c33f4b1b2520afabdc2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
content-length: 517
x-amz-cf-id: 82sBKdfX3a0tRQRFSLHukEkwcOCGzEIKRq8Jy4kGQ379vN1EKbJQsA==
expires: Thu, 18 Aug 2022 10:06:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 332F 4 KB
549 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3630925de3d029aa2ff1530cc7ecbcaa33bd4b55737873f00822ef2ca41cc017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 10:06:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ Frame 332F 2 KB
814 B 18ms
17ms Stylesheet
text/css 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c906e8dcbf84ad42019e58e8ffb69f3a7d84f1fb5df0298d5fc2bc09c108e80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:04:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: W/"19a00b6df5593c33f4b1b2520afabdc2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
content-length: 517
x-amz-cf-id: 82sBKdfX3a0tRQRFSLHukEkwcOCGzEIKRq8Jy4kGQ379vN1EKbJQsA==
expires: Thu, 18 Aug 2022 10:06:25 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
549 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rubik:300,400,500

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3630925de3d029aa2ff1530cc7ecbcaa33bd4b55737873f00822ef2ca41cc017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 09:10:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 macke.css
webfonts.huggy.cloud/macke/ 2 KB
814 B 17ms
17ms Stylesheet
text/css 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c906e8dcbf84ad42019e58e8ffb69f3a7d84f1fb5df0298d5fc2bc09c108e80a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:04:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: W/"19a00b6df5593c33f4b1b2520afabdc2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
content-length: 517
x-amz-cf-id: 82sBKdfX3a0tRQRFSLHukEkwcOCGzEIKRq8Jy4kGQ379vN1EKbJQsA==
expires: Thu, 18 Aug 2022 10:06:25 GMT

GET
H2 200 0.228d93a30b7d35d7819c.js Show response
js.huggy.chat/ 3 KB
2 KB 18ms
17ms Script
application/javascript 2.18.79.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.huggy.chat/0.228d93a30b7d35d7819c.js
Requested by: Host: w-cdn.huggy.io
URL: https://w-cdn.huggy.io/widget.min.js?v=8.0.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.138 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-138.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 981707d7eb6fd47b78ae2318115ac59342a2051bb26e8ee3124bc87063e87f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 12:47:35 GMT
server: AmazonS3
x-amz-request-id: M9YA5GY4NGH3CKZ1
etag: "76dbeccc1b88ed0392c60982d11ba102"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=441933
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1221
x-amz-id-2: v4byyXwpwzJXO73e/0v3awPNuyP2DZ/xZpOI1J6vlNrlxr35D5mAXzGbkbfaWgilR98jwGng5JM=

GET
H2 200 macke.woff2
webfonts.huggy.cloud/macke/ Frame C645 5 KB
5 KB 55ms
18ms Font
font/woff2 2.18.79.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.huggy.cloud/macke/macke.woff2?509df4a2347859ebbb9050eed95cfd8f
Requested by: Host: webfonts.huggy.cloud
URL: https://webfonts.huggy.cloud/macke/macke.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-79-139.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7707d2d97cd5cf87547c285468a471b0bb0b7a5597ecd3eeac416b2c1b6b786c

Request headers

Referer: https://webfonts.huggy.cloud/macke/macke.css
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:04:32 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
etag: "ef57704705b4bd665f521d04bd8cf082"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5159
x-amz-cf-id: AHJNRwMrxxMvc-1kqSipaLx_BiZB_NfSs-ZO7xrxTSS3v8Fpmz--nw==
expires: Thu, 18 Aug 2022 10:06:25 GMT

GET
H3 200 iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ Frame C645 33 KB
33 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 21:08:48 GMT
x-content-type-options: nosniff
age: 219457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33580
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 21:08:48 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=688174648455174&ev=Microdata&dl=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&rl=&if=false&ts=1660212383002&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games%22%2C%22meta%3Adescription%22%3A%22Compre%20aqui%20sua%20recarga%20do%20celular%20sem%20sair%20de%20casa%20para%20todas%20as%20operadores.%22%2C%22meta%3Akeywords%22%3A%22Cr%C3%A9dito%20celular%2C%20recarga%20celular%2C%20OI%2C%20TIM%2C%20VIVO%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22GCM%20Games%22%2C%22og%3Atitle%22%3A%22Recarga%20de%20celular%20para%20OI%2C%20TIM%2C%20VIVO%20e%20CLARO%20-%20GCM%20Games%22%2C%22og%3Adescription%22%3A%22Compre%20aqui%20sua%20recarga%20do%20celular%20sem%20sair%20de%20casa%20para%20todas%20as%20operadores.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Flogo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.gcmgames.com.br%2Fpesquisa%2F%3Fp%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22javascript%3Alocation.reload()%3B%22%2C%22name%22%3A%22RECARGA%20CELULAR%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.73&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1660212382270.986587209&it=1660212382122&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H2 200 / Show response
targeting.voxus.com.br/v/ 7 B
285 B 243ms
203ms XHR
text/html 2606:4700:10::ac43:254d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.com.br/v/
Requested by: Host: cdn.targeting.voxus.com.br
URL: https://cdn.targeting.voxus.com.br/100318.js?_=1660212380725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:254d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9230d2cc464817b3cccc77f8e06c220c0a2dd365ad5370c80ae0629946a26bcd

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Aug 2022 21:24:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
access-control-allow-origin: *
cf-ray: 739028939d449bca-FRA
access-control-allow-headers: sentry-trace

GET
H3 200 /
www.facebook.com/tr/ Frame 634F 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=330319704130479&ev=Search&cd[content_type]=product&cd[content_ids]=%5B%222414288175962639733%22%2C%22-2484207473363124074%22%2C%22-3164248371298704047%22%5D&cd[product_catalog_id]=179831902750933&cd[product_category]=0&cd[criteo_audience_3_0]=A3&cd[external_id]=54e0e3fb-1e75-43e5-b503-0fb9f0a1ce16&cd[application_id]=423936147658676

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 11 Aug 2022 10:06:25 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 5E43
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30

43 B
495 B

9ms
9ms

Image
image/gif

35.158.200.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30
Protocol: HTTP/1.1
Server: 35.158.200.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:06:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-go5i8PKRsMoNb-5YO_JJDiCkzVdV-lREbI7mNA&expires=30
Date: Thu, 11 Aug 2022 10:06:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 5E43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_cm&google_hm=ay1kQ1NJUXZLUnNNb05iLTVZT19KSkRpQ2t6VmZEZG9EM...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_gid=CAESECh5ejx7olU9dEJc4vvkPC4&google_cver=1&google_ula=913071,0

43 B
370 B

15ms
15ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_gid=CAESECh5ejx7olU9dEJc4vvkPC4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:26 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1227646
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dCSIQvKRsMoNb-5YO_JJDiCkzVfDdoD2kXiGRw&google_gid=CAESECh5ejx7olU9dEJc4vvkPC4&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 5E43
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4792962874246797302

43 B
370 B

16ms
16ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4792962874246797302

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1309553
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:06:25 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d27dd026-bc30-48f5-b5c9-bfabf654909c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4792962874246797302
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1by1.png
cotads.adscale.de/ads/pixel/ Frame 5E43
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-gWRuTvKRsMoNb-5YO_JJDiCkzVcWIysBabIFjw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=40&tpuid=k-gWRuTvKRsMoNb-5YO_JJDiCkzVcWIysBabIFjw&cburl=https%3A%2F%2Fcotads.adscale.de%2Fads%2Fpixel%2F1by1.png%3Fuid%3D__ADSCALE_USER_ID__&nut&uu=824414...
https://cotads.adscale.de/ads/pixel/1by1.png?uid=00122918a87fd238e0f9fa88fbb37d7037c440ae7360f40c856bab277c5d1f1e

321 B
718 B

160ms
7ms

Image
image/png

2600:9000:21f3:d200:1b:832b:ac00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cotads.adscale.de/ads/pixel/1by1.png?uid=00122918a87fd238e0f9fa88fbb37d7037c440ae7360f40c856bab277c5d1f1e
Protocol: H2
Server: 2600:9000:21f3:d200:1b:832b:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: L15pFHSGGE_bHbLCyc84fBPpy1DC4jsd
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
last-modified: Tue, 08 Sep 2020 23:05:25 GMT
server: AmazonS3
age: 465680
etag: "c1ab48a971e5c1a7eae346346487762d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
date: Sat, 06 Aug 2022 00:45:07 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 321
x-amz-cf-id: DG9pYUJircBdbhhSDuFBkMifQzqXucxPOIjahhUeCXhNRq0dIOPRhg==

Redirect headers

location: https://cotads.adscale.de/ads/pixel/1by1.png?uid=00122918a87fd238e0f9fa88fbb37d7037c440ae7360f40c856bab277c5d1f1e
date: Thu, 11 Aug 2022 10:06:25 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3

200

rum
r.casalemedia.com/ Frame 5E43
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog&C=1

43 B
930 B

166ms
34ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 739028950bba5c02-FRA
pragma: no-cache
date: Thu, 11 Aug 2022 10:06:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb6AMA8sDO88QPeeCwVwEhtc6dZh8DWAHYA0NEuBXVGgl%2F1l2x9oPjlGwLKTzZkEL2nb5e4jdQUpxIoAdmYHbpjpQ%2FbEkmqzxkcy9aJCYcqNs49U6V%2B2aT8HSxUxAoalD1Db"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSm0DPWy6zzFbdEacHOH7RUROqEveAX%2FV4FBlxH4j7PfkyH9K3vkfJY9ZVEzjFkNxvwCMtCyVIzZ4hb%2BJTORtKt%2BkcuSIy6rtVzuROSh95ce7bZOyvJEadMTibM4Yffdj%2FJL"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-RYKSRPKRsMoNb-5YO_JJDiCkzVclOBPJLSXxog&C=1
cache-control: no-cache
cf-ray: 73902893fd689bb2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 5E43
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA

43 B
447 B

10ms
10ms

Image
image/gif

52.59.78.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA
Protocol: H2
Server: 52.59.78.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-78-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1vd3__KRsMoNb-5YO_JJDiCkzVdIm2IMQOmTiA
date: Thu, 11 Aug 2022 10:06:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 5E43 45 B
784 B 384ms
158ms Image
image/gif 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-mV6ugfKRsMoNb-5YO_JJDiCkzVelIEKc_zHLzA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Thu, 11 Aug 2022 10:06:26 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Thu, 11 Aug 2022 10:06:26 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 5E43 40 B
40 B 49ms
13ms Image
text/html 18.159.184.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-YJjMJ_KRsMoNb-5YO_JJDiCkzVfKh05aE-bjGA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.184.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-184-12.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 5E43 0
145 B 437ms
96ms Image
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Att10_KRsMoNb-5YO_JJDiCkzVf2hGMJKMiXPg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:06:26 GMT
Cache-Control: no-cache
X-TraceId: 9e320dc4863e580f73e1daa93688bf5d
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 5E43 0
225 B 239ms
15ms Image
text/html 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-mOC1jfKRsMoNb-5YO_JJDiCkzVdYwaAybOZLqw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 5E43 0
239 B 191ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-07wB9PKRsMoNb-5YO_JJDiCkzVcr52Waj5c_bg&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 5E43 0
35 B 95ms
8ms Image
text/plain 3.121.205.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-7K4Yg_KRsMoNb-5YO_JJDiCkzVcM-pwowmGBhQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.205.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-205-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 5E43 43 B
163 B 127ms
17ms Image
image/gif 185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-e4ok-vKRsMoNb-5YO_JJDiCkzVc0U7IXfT2hHQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 5E43 0
99 B 138ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-QynDEPKRsMoNb-5YO_JJDiCkzVfe1mT7ygIMqQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13689

GET
H2 200 um
criteo-sync.teads.tv/ Frame 5E43 23 B
172 B 145ms
32ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-zxeN6vKRsMoNb-5YO_JJDiCkzVdLmGxlf8x65Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:26 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 11 Aug 2022 10:06:26 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 5E43 37 B
140 B 34ms
9ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-qDRbwPKRsMoNb-5YO_JJDiCkzVeNpu3I7NLwOw&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame 5E43
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg&verify=true

0
121 B

12ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-iz_uvPKRsMoNb-5YO_JJDiCkzVfuzzHIreqBSg&verify=true
date: Thu, 11 Aug 2022 10:06:26 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 5E43 0
522 B 96ms
38ms Image
text/plain 104.103.102.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-MbMn_fKRsMoNb-5YO_JJDiCkzVcO3SG-HXNcxg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-102-147.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:06:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 10 Aug 2022 10:06:26 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 5E43 43 B
163 B 99ms
20ms Image
image/gif 37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-bsyvVfKRsMoNb-5YO_JJDiCkzVfhKKS3ZdOPeA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
last-modified: Thu, 11 Apr 2019 08:33:12 GMT
server: nginx
accept-ranges: bytes
etag: "5caefbc8-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 5E43 49 B
235 B 61ms
22ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-3IHGO_KRsMoNb-5YO_JJDiCkzVe4KvSOZxidKQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:25 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 5E43
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_

42 B
942 B

33ms
33ms

Image
image/gif

52.210.214.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_

Protocol

HTTP/1.1

Server

52.210.214.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-214-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v038-0081e3a6f.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2zGag0NoTwU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-0729fb8fe.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DcecZkAITTY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=mO_Ir0U7SBg_v0TZ_aFpjwY0Sj1li0B_
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 5E43 43 B
1 KB 39ms
8ms Image
image/gif 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-1PJIs_KRsMoNb-5YO_JJDiCkzVd-tcayQYB_Ag

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:25 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 5E43
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g&_li_chk=true&previous_uuid=442b4cf391e14868a3073ba0de97c895
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g

43 B
419 B

348ms
109ms

Image
image/gif

2600:1f18:ed:550e:2d6f:6c5:afe6:e7fa
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:2d6f:6c5:afe6:e7fa Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 11 Aug 2022 10:06:27 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-yz5uzPKRsMoNb-5YO_JJDiCkzVdmSJznY5Uz3g
Date: Thu, 11 Aug 2022 10:06:25 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame 5E43
Redirect Chain

https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA
https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA&ang_testid=1

42 B
60 B

58ms
24ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA&ang_testid=1
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 11 Aug 2022 10:06:26 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=69&dspuuid=k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 5E43 43 B
183 B 371ms
112ms Image
image/gif 2600:1f18:612b:4264:5a8d:94bc:2cf9:40df
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-37rH_vKRsMoNb-5YO_JJDiCkzVdIGxj12wbhvA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:5a8d:94bc:2cf9:40df Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 5E43 43 B
153 B 92ms
27ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-ZeGG6_KRsMoNb-5YO_JJDiCkzVeR8CdQBZ_lYQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.29
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:26 GMT
server: Apache
x-powered-by: PHP/7.3.29
content-length: 43
content-type: image/gif

GET
H2 200 metadata.js Show response
suite.linximpulse.net/impulse/gcmgames/ 95 KB
25 KB 17ms
17ms Script
application/javascript 2600:9000:21f3:3000:2:5ea4:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://suite.linximpulse.net/impulse/gcmgames/metadata.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3000:2:5ea4:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df6268f79566cfe39333a90d22622d0d5e4af8059814f6c18a7f7b63d7e22ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: QHBlKQoitvOQCexlt8ytqkkREr.icpRi
content-encoding: gzip
last-modified: Thu, 06 Aug 2020 20:45:44 GMT
server: AmazonS3
age: 14254
etag: W/"5fc21d9bae4c6575e26a0ac77835e2ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
cache-control: max-age=900,s-maxage=900
date: Thu, 11 Aug 2022 10:06:25 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ZI0Z7NwcM5sQO5H2YCsA9egxrIHpzA65W91GOTvft1xsB2ITDpxDuA==

GET
H2 200 1003189.js Show response
targeting.voxus.com.br/clients/ 50 KB
12 KB 218ms
218ms Script
application/javascript 2606:4700:10::ac43:254d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.com.br/clients/1003189.js?v=1231900
Requested by: Host: cdn.targeting.voxus.com.br
URL: https://cdn.targeting.voxus.com.br/100318.js?_=1660212380725
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:254d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d48d49b5723388b215fa8d3348ce674ef058261cf3cdd88a8fc1acc461a06d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 11 Aug 2022 10:06:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 73902894d9fb8ffe-FRA
access-control-allow-headers: sentry-trace
content-length: 11607
expires: Sat, 10 Sep 2022 10:14:56 GMT

GET
H2 200 collect_sbk.js Show response
app.shoptarget.com.br/js/ 25 KB
7 KB 10ms
9ms Script
application/javascript 13.224.189.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.shoptarget.com.br/js/collect_sbk.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 193ba1b073e96e5494dd4dc217e47790141f644be81490521ef8b94eb30d1327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: YUbcg5sodFzaZUPp.zdTGzUXnrQolbQb
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 19:20:10 GMT
server: AmazonS3
age: 8075
etag: W/"c517c2748b5b3dffe9a61361fccdce09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 11 Aug 2022 07:51:52 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hC8uVJY7TOaeKxLTfFJPlCbRBiuVQDyQi81PpdV4Pez-6NGlJnI80w==

GET
H2 200 init.js Show response
static.shopback.net/tags/ 65 KB
15 KB 42ms
8ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shopback.net/tags/init.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b74ebea483400ac0412ee67187625ae4eefb19427ae64a61e1d71cb12d896c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: GVgKXBFLP6TO7OuwkgPgLpt1DEHKnrsR
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 18:31:25 GMT
server: AmazonS3
age: 31892
etag: W/"f76a7a1644f4c51a4923b31a696ebc99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date: Thu, 11 Aug 2022 01:14:55 GMT
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: Cp8P81M-1PoWjG1kA5E67Vmawhc5YUbP8w2K_bRRY9E4j-E9A92NxQ==

GET
H2 200 v1.js Show response
static.shopback.net/shopconvert/js/impression/ 23 KB
8 KB 36ms
9ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6faed34fd19f94af9d806fa1ac9e513b7c44076d135e72cc432eb8790c9c8968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: FESdj64sVY.fUa6M83VR9RjyQgpbBPye
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 00:17:43 GMT
server: AmazonS3
age: 20392
etag: W/"04043bff6ac4dced7842ee42bd9da158"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
date: Thu, 11 Aug 2022 04:26:54 GMT
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: psckJah3eg978YZbNOU-yNP2iZ-l7jDrWaGWTR_I0B7ZNYRehCoZTg==

POST category
events.chaordicsystems.com/v7/events/views/ 0
0

OPTIONS
H2 204 category
events.chaordicsystems.com/v7/events/views/ Frame 0
0 386ms
372ms Preflight 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.chaordicsystems.com/v7/events/views/category
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-host
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-host
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: https://www.gcmgames.com.br
access-control-max-age: 1728000
date: Thu, 11 Aug 2022 10:06:26 GMT
server: nginx
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-amz-cf-id: B3G69BBNzHmHRpsG90f6KIyXT8jHm4PzGlvBxDB4KeWxXXJgXa4xqA==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 get.php Show response
click.retargeter.com.br/ 15 B
354 B 431ms
230ms XHR
application/json 18.66.15.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://click.retargeter.com.br/get.php?i=3241&r=https://www.gcmgames.com.br/recarga-celular-m25/
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/collect_sbk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-79.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: a7de59dafa959ed051b76f14d7a6695263277ba4c2bbe83ea9b907dd7dc53468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
x-amz-cf-id: kr56MYb2hYzL4ai18en97bf-hDo_JO_x9f82RkX0EVSa8_wjs54TjQ==
via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)

GET
H2 200 aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv Show response
front.shoptarget.com.br/tr2/cc/3241/ 46 B
533 B 258ms
192ms XHR
application/json 13.224.189.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shoptarget.com.br/tr2/cc/3241/aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/collect_sbk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-103.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 448c8c75354f45c7d2c2c4a10ce0de386fdc749106c1fdb8c431d30956a2018a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C1
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, Content-Type, X-Requested-With
x-amz-cf-id: SvvOKYY1jiBNvjJIlUHvVvVTAtYAoPvGx1_Krwd5ys6g-q_LtDn7ZA==
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 5E43
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0py_KQdMbN49ej4kIJy3CievQ0u_sqT2

0
337 B

130ms
30ms

Image
text/plain

54.73.80.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0py_KQdMbN49ej4kIJy3CievQ0u_sqT2
Protocol: H2
Server: 54.73.80.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-80-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1660212386
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=0py_KQdMbN49ej4kIJy3CievQ0u_sqT2
date: Thu, 11 Aug 2022 10:06:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2590
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 5E43 0
522 B 39ms
39ms Image
text/plain 104.103.102.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-MbMn_fKRsMoNb-5YO_JJDiCkzVcO3SG-HXNcxg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-102-147.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:06:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 10 Aug 2022 10:06:26 GMT

GET
H2 200 aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv Show response
front.shopconvert.com.br/tr/rc/3029/ 315 B
279 B 341ms
99ms XHR
application/json 54.163.144.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shopconvert.com.br/tr/rc/3029/aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.144.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-144-204.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 428a1b721526badd4f45e47f48245eb9d3e6615678a2aae5916d71bb12423e2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
content-type: application/json

GET
H2 200 browser Show response
ckies.net/ 152 B
777 B 192ms
192ms Fetch
application/json 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/browser?source=https%3A%2F%2Fwww.gcmgames.com.br
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/tags/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 991f64943b662c8a902bdc0ab37fec2d88b006f6b30ff839cb102fc90cdd0e0f

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
referer-new: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method
x-amz-cf-id: WXU9r_X9enwFmcBt_71km--T8lsm6ty8asEnu_e4-n2B6asIimRcwg==
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)

OPTIONS
H2 200 browser
ckies.net/ Frame 0
0 190ms
189ms Preflight
text/html 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/browser?source=https%3A%2F%2Fwww.gcmgames.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,referer-new
Access-Control-Request-Method: GET
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,referer-new
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.gcmgames.com.br
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:06:26 GMT
server: nginx
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-id: LFYmNsuFdJTowhtMWVPG5RTtOuCKbttlihy8V0SZfOdlR8ckp7hyeg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 viewthroughconversion Show response
googleads.g-static.co/pagead/ 0
539 B 151ms
107ms Script
application/javascript 2606:4700:3037::6815:27b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://googleads.g-static.co/pagead/viewthroughconversion?random=1660212383574aip=1&_r=3&v=1&_v=j936&cid=f86aa6f53625a.1660212383574&gjid=1448774221&url=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F
Requested by: Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:27b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13WmjcAjfINI5ffExNIA%2BEBcD9wqtcyTNkVNmlH8x9PVf5qP23BM%2FzGyMY2kXf8Zqgllg%2BKOQ7MwV5uFbBoOJRkBNAzro1W8dyS6UJSeS3XMwMDXDiy7kXAlf90xdj7iafxEXcCgEdKMvSg0Zwt2MXUB0to%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 739028968a355bf1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 5E43
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=pubN4zKAHaBemuBQlzZLihNt3atl-wgt

0
98 B

112ms
39ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=pubN4zKAHaBemuBQlzZLihNt3atl-wgt
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=pubN4zKAHaBemuBQlzZLihNt3atl-wgt
date: Thu, 11 Aug 2022 10:06:25 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2779
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 helper_impulse_meta.js Show response
static.shopback.net/shoptarget/js/ 13 KB
4 KB 9ms
8ms Script
application/javascript 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.shopback.net/shoptarget/js/helper_impulse_meta.js
Requested by: Host: app.shoptarget.com.br
URL: https://app.shoptarget.com.br/js/collect_sbk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1fe48cf30b4b66d4f51f75dda260d86cee7b689f531b2b8ffe1e3813159c120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: BfeEbRSjpzSZtCklDWvdDPGCI52qKnNq
content-encoding: gzip
last-modified: Mon, 14 Jun 2021 13:35:13 GMT
server: AmazonS3
age: 2490
etag: W/"3eb73833799c33a565ac4926f9229c89"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 11 Aug 2022 09:25:10 GMT
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: SXE8vPtfGKnwu9Kz5MCHur3xpMSGUuFz4MKQC7tiylAYghgnqPvp5Q==

GET
H2

200

cs
s.thebrighttag.com/ Frame 5E43
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aF_KSjrFvF3od5SJFcX18Z2hEnwu1VpR

35 B
268 B

354ms
113ms

Image
image/gif

3.142.112.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aF_KSjrFvF3od5SJFcX18Z2hEnwu1VpR
Protocol: H2
Server: 3.142.112.216 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-142-112-216.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
x-bt-requestid: 43282230-195d-11ed-ae28-0000ac1701aa
server: nginx
date: Thu, 11 Aug 2022 10:06:26 GMT
p3p: CP=NOI DSP COR NID
access-control-allow-origin
cache-control: private, must-revalidate
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=aF_KSjrFvF3od5SJFcX18Z2hEnwu1VpR
date: Thu, 11 Aug 2022 10:06:25 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3181
content-length: 203
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv Show response
front.shopconvert.com.br/tr/fc/3029/7694/ 21 KB
6 KB 101ms
100ms XHR
application/json 54.163.144.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shopconvert.com.br/tr/fc/3029/7694/aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.144.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-144-204.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7e6b40e50c84af5a5bf1f06574d258bc12049da76daa4dc2749c5f4f1d131a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
content-type: application/json

GET
H2 200 aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv Show response
front.shopconvert.com.br/tr/fc/3029/7695/ 11 KB
4 KB 101ms
100ms XHR
application/json 54.163.144.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://front.shopconvert.com.br/tr/fc/3029/7695/aHR0cHM6Ly93d3cuZ2NtZ2FtZXMuY29tLmJyL3JlY2FyZ2EtY2VsdWxhci1tMjUv
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.163.144.204 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-144-204.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ffe0be955f1f743ac4ed4be157c4e8fd01398c0a28fc7139f91975b1f0b6982e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: gzip
server: nginx
content-type: application/json

POST
H2 200 customer Show response
api.shopback.net/auth/ 738 B
988 B 300ms
108ms Fetch
application/json 52.1.133.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/auth/customer

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/tags/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.133.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-133-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

48045f8957b6ee013645fd93fd0c1623cf72433456e90a7c738a0e4a980bcf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
referer-new: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:27 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method

OPTIONS
H2 200 customer
api.shopback.net/auth/ Frame 0
0 346ms
97ms Preflight
text/html 52.1.133.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/auth/customer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.133.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-133-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,referer-new
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,referer-new
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://www.gcmgames.com.br
access-control-max-age: 1000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:06:26 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H3 200 css
fonts.googleapis.com/ Frame 64BB 3 KB
444 B 45ms
45ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

077086e572ab7319595b15192ae3f55be182d21bdadf971636d45ff35bdc4d77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 10:06:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 10:06:26 GMT

GET
H2 200 jquery.slick@1.6.0(slick.css+slick-theme.css)
cdn.jsdelivr.net/g/ Frame 64BB 5 KB
2 KB 35ms
15ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery.slick@1.6.0(slick.css+slick-theme.css)

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fedcda93f53247ac7ab7c2969f32076b7e02b0161c3b5652237fda01d4f648ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4389894
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-iad-kiad7000127-IAD
timing-allow-origin: *
server: cloudflare
etag: W/"1312-JhtL6opDXJVDXQB6/xzepCjYIx8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZra1C8OyUd3Nvy%2BKZCG38fW%2BKIzgABkJHxlVsMZ5xZQV%2BN3dnx9ryLG99KfhxcDH%2FmgbmXOOtYePER%2BwRJ%2F3naTuOHVAyHVIwJdmQE05ZOFhXvuHRwnIGzIvIDED72fwnqXh4KSUyQWY5kQvWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 739028993ca39290-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 64BB 95 KB
34 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 14:35:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdn.jsdelivr.net/jquery.migrate/1.4.1/ Frame 64BB 10 KB
4 KB 35ms
16ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.migrate/1.4.1/jquery-migrate.min.js

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab96b90b9f492c6d024412b5bf721720bef5d6e16a3758f59c2fe3f0b3e44337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12357850
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2749-vUXTn8oX3CCxhWy/ByD85f6mgsY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=manC3TxywgAJ3m%2FjM5lVZGaZDsx111QFFVPDJl5m8HUCBhfVH1xI6RI5QMrYVBk5ajtFzB9p9iupjrYZpfMzwyvfHLr94D76K9qrBecKIz03ewo8iZ3CwNFhPsWlz6aU9PcbS7%2FEpZ0VyNX7748%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 739028993ca69290-FRA

GET
H2 200 slick.min.js Show response
cdn.jsdelivr.net/jquery.slick/1.6.0/ Frame 64BB 41 KB
11 KB 35ms
17ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.min.js

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12357879
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"a3e1-6fy8xPpwy6CTuB2YKht4UJQUzvc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP5GCuQgwn6zYL6QQgg4JABugcCrLDNEJfYOXU6eLVClJrCkX5I%2FhF7mXYmuqtXcFi4xzJIri0V4XdB2UDbPNC5JFk3JFfuApfV2Xa5ehhrHHl4bqr%2BXCmnJ0vBFSiB131GVA%2F5F4zsUimdLa2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 739028993ca79290-FRA

GET
H2 403 logo.png
static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/ Frame 64BB 0
0 618ms
617ms Image
application/xml 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/logo.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 adicionaCompra.png
static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/ Frame 64BB 0
0 621ms
621ms Image
application/xml 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/adicionaCompra.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 404 theme.min.css
shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/css/ Frame 5168 0
0 145ms
94ms Stylesheet
text/html 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/css/theme.min.css
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 403 logo.png
static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/ Frame 5168 0
0 756ms
754ms Image
application/xml 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/logo.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5168 95 KB
33 KB 153ms
85ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 14:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 14:35:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdn.jsdelivr.net/jquery.migrate/1.4.1/ Frame 5168 10 KB
5 KB 16ms
14ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.migrate/1.4.1/jquery-migrate.min.js

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab96b90b9f492c6d024412b5bf721720bef5d6e16a3758f59c2fe3f0b3e44337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12357850
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2749-vUXTn8oX3CCxhWy/ByD85f6mgsY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjXRGs7vvqnBKpPm1%2BkxDQ3Ruj8ppLOblbET8Dfi8WbIK3RJE%2BDZxoM1dDB1ZTESCRFHIDvv7L9l4ptShPFKlvOyjz2k%2Byr24O04LaZCil90JOWR3l1Q%2F%2B0JqAzPu9pnK%2FOyonD6yhP6QgSzb2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 739028993ca89290-FRA

GET
H2 404 vitrine-lateral.min.js
shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/js/ Frame 5168 0
0 141ms
92ms Script
text/html 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/js/vitrine-lateral.min.js
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 bot.png
static.shopback.net/shoptarget/uploads/imagens/fata/2018/03/ Frame 5168 5 KB
5 KB 13ms
12ms Image
image/png 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shoptarget/uploads/imagens/fata/2018/03/bot.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 636e051c42f3aab7a59466a62c26ef14e9039a1612bebdacee250961d998ac9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: QykzED2_wxIxYOYsxq5gu9tiv.JqYSwo
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified: Tue, 08 Oct 2019 17:45:37 GMT
server: AmazonS3
age: 50595
etag: "43b4d01d4f9d5cfaae55640a89a81b04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Wed, 10 Aug 2022 20:03:12 GMT
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 4824
x-amz-cf-id: e33Ao4ASgJwQZVCxnlFORsLWSq7SZC5BC2iLtqygf81DML0wg-ibVA==

GET
H2 403 bannerVitrineLateral.png
static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/ Frame 5168 0
0 610ms
609ms Image
application/xml 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/bannerVitrineLateral.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 search.png
static.shopback.net/shopconvert/uploads/imagens/w-buscatti/2017/julho/18/vitrine-lateral/ Frame 5168 1 KB
2 KB 18ms
17ms Image
image/png 108.138.7.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.shopback.net/shopconvert/uploads/imagens/w-buscatti/2017/julho/18/vitrine-lateral/search.png
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/shopconvert/js/impression/v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5610e6bdfb45b1d1cee5af48e777aa7a6bc2e45a29146521ea2cddf90dbfe7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: tV3YWXsS_S1YGZ40mDIrEGo3T3hwUwpa
via: 1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified: Tue, 08 Oct 2019 17:13:39 GMT
server: AmazonS3
age: 50594
etag: "66862413601e74b3448fcffe58a3b064"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Wed, 10 Aug 2022 20:03:13 GMT
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 1391
x-amz-cf-id: 1XmM_Ib104ZOy0S5KmrRNECYNxnZD5lwkZx7heamHG8-1zRYhtcCnA==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 64BB 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.gcmgames.com.br
URL: https://www.gcmgames.com.br/recarga-celular-m25/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ab9ea042851ea75b12b793dd9b339344bd5bee4252f84ab4015c884a3d0c957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZoQJDMvxq85r3hUzsf0dkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: mhvtJV9rzo59+DX7s4O+C+zcRfEinSYKwLvOdqQKpGu3QMo4LLw2kMH/dFMvyD8cz6qV7iHXxq2eUSvoZu00jw==
x-fb-content-md5: e47cda63de601e2c312def4c3452c61d
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 10:06:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b0efa3a5547eb72af98863d1f12b2306"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 Aug 2022 10:13:09 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 64BB 302 KB
86 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cee77d0096bf6511e4ea221829e43b35

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b7a5e49c7f89a7e0047e3ab96cf6d0a2af01eec36f0596ca7e4484d68a55157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
Origin: https://www.gcmgames.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wS06jio64dhTQqWUPDorNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87847
x-fb-rlafr: 0
x-fb-debug: cooGXPNdtkOOXeIw0DOE6IUj1l7Qvwp+7EpPthOgN5OEin3GIXc9Aq8pB7+sMFpPaXfkaPeevrgmiTpHa3hjXw==
x-fb-content-md5: c6f4e8407ceac0d15b6e3af3021c76b8
x-frame-options: DENY
date: Thu, 11 Aug 2022 10:06:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bc1b0fec37504580b2db498cdc1c45d2"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Aug 2023 09:25:47 GMT

GET
H3 200 status
www.facebook.com/x/oauth/ Frame 64BB 0
0 31ms
30ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.gcmgames.com.br&client_id=1561945913885777&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gcmgames.com.br%2Frecarga-celular-m25%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=cee77d0096bf6511e4ea221829e43b35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: CEYWXRMFHn0VT3XnJIKwR/HrVrgDWGHX63MKkUPhajTL8wBkenTmgv6FVQZGefnukiSuHlzzcFTKrfkoI57Hlw==
fb-s: unknown
date: Thu, 11 Aug 2022 10:06:27 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gcmgames.com.br
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 index_nckv4.html Show response
targeting.voxus.tv/a/ Frame DF17 53 KB
16 KB 389ms
340ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DGCM%20Games%26website_id%3D1135%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1003189.js?v=1231900
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c636f30c1965ba96e72f23d4892465cd4df82ca089243f647b2f169dd08065

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: sentry-trace
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 7390289ceb765b9e-FRA
content-encoding: br
content-type: text/html
date: Thu, 11 Aug 2022 10:06:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 17 Aug 2021 20:21:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf2uJVDWXbgVtBnJ0a9zh1bSXHfEAG0naeVEqqG%2FdNy4MxxcJkQJ4wXSbkDxPCztO9X5OWky1C35tD%2B814P%2FTt9dh9JVorJ%2F%2FhS2Eq%2FV%2F8dzbBbFpYf5SPCzr3D%2B1ITp3eNskUFyhEE4ApV7Atvbsvk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 start Show response
api.shopback.net/clients/5a201290808c3c786b4d5375/customers/$2gaygTSIpWMadHM3FlVHVjTUhGcOpHRa9ETtJjR2Q1VNVXbshWMqZVTlp3cBlleM5kVyQWTIRUZaRketVUT6FXT2$12/tracking/ 1 KB
914 B 103ms
102ms Fetch
application/json 52.1.133.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/clients/5a201290808c3c786b4d5375/customers/$2gaygTSIpWMadHM3FlVHVjTUhGcOpHRa9ETtJjR2Q1VNVXbshWMqZVTlp3cBlleM5kVyQWTIRUZaRketVUT6FXT2$12/tracking/start

Requested by

Host: static.shopback.net
URL: https://static.shopback.net/tags/init.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.133.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-133-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

96790f157153d0cb9f1d42da1d638733544fa207722b93fe8ac45f4e839e944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
referer-new: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY2MDIxMjM4NywiZXhwIjoxNjYwMjk4Nzg3LCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWEyMDEyOTA4MDhjM2M3ODZiNGQ1Mzc1IiwiY2xpZW50X2RvbWFpbiI6ImdjbWdhbWVzLmNvbS5iciIsImN1c3RvbWVyX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzEzIiwiY3VzdG9tZXJfYW5vbnltb3VzIjp0cnVlLCJjb25uZWN0aW9uX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzE0IiwiYWNjZXNzX2xldmVsIjoiY3VzdG9tZXIifX0.ESR1o64hKE-LuXyWgWvDJOkF6opmMUY6hYzu_P_TTl0.WrWruyuyqBgPWrgPKqiYEi
content-type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:27 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method

OPTIONS
H2 200 start
api.shopback.net/clients/5a201290808c3c786b4d5375/customers/$2gaygTSIpWMadHM3FlVHVjTUhGcOpHRa9ETtJjR2Q1VNVXbshWMqZVTlp3cBlleM5kVyQWTIRUZaRketVUT6FXT2$12/tracking/ Frame 0
0 97ms
97ms Preflight
text/html 52.1.133.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.shopback.net/clients/5a201290808c3c786b4d5375/customers/$2gaygTSIpWMadHM3FlVHVjTUhGcOpHRa9ETtJjR2Q1VNVXbshWMqZVTlp3cBlleM5kVyQWTIRUZaRketVUT6FXT2$12/tracking/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.1.133.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-1-133-67.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,referer-new
Access-Control-Request-Method: POST
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,referer-new
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: https://www.gcmgames.com.br
access-control-max-age: 1000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:06:27 GMT
server: nginx
strict-transport-security: max-age=31536000

OPTIONS
H2 200 get
ckies.net/ Frame 0
0 191ms
191ms Preflight
text/html 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/get?filter=w&source=https%3A%2F%2Fwww.gcmgames.com.br
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,referer-new
Access-Control-Request-Method: GET
Origin: https://www.gcmgames.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,referer-new
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.gcmgames.com.br
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 10:06:27 GMT
server: nginx
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-id: -zKC30J4qd3tIJfrfFYstZLyAPFadtQHjXK5bhkHRiOqdqnPkXKu9w==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront

GET
H2 200 get Show response
ckies.net/ 2 B
670 B 192ms
192ms Fetch
application/json 13.225.78.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ckies.net/get?filter=w&source=https%3A%2F%2Fwww.gcmgames.com.br
Requested by: Host: static.shopback.net
URL: https://static.shopback.net/tags/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-62.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
referer-new: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY2MDIxMjM4NywiZXhwIjoxNjYwMjk4Nzg3LCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWEyMDEyOTA4MDhjM2M3ODZiNGQ1Mzc1IiwiY2xpZW50X2RvbWFpbiI6ImdjbWdhbWVzLmNvbS5iciIsImN1c3RvbWVyX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzEzIiwiY3VzdG9tZXJfYW5vbnltb3VzIjp0cnVlLCJjb25uZWN0aW9uX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzE0IiwiYWNjZXNzX2xldmVsIjoiY3VzdG9tZXIifX0.ESR1o64hKE-LuXyWgWvDJOkF6opmMUY6hYzu_P_TTl0.WrWruyuyqBgPWrgPKqiYEi
content-type: application/json

Response headers

date: Thu, 11 Aug 2022 10:06:27 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://www.gcmgames.com.br
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Authorization, Client-Security-Token, Session, Cookie, Access-Control-Request-Method
x-amz-cf-id: HDErXFydMTD85qNXV-VxIIeD5DUsCMeaE_3oNLgWzntJKb4bPB0FNw==
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)

GET
H3 200 rocket-loader.min.js Show response
targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame DF17 12 KB
4 KB 23ms
11ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: targeting.voxus.tv
URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DGCM%20Games%26website_id%3D1135%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DGCM%20Games%26website_id%3D1135%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Aug 2022 13:05:41 GMT
server: cloudflare
etag: W/"62ed15a5-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zff0hICtiHyMmOusNi6BP0sf%2FvgcYEZbPIxCD%2Bd0SLNtzpYFcT7MdAMti4nLJ5%2BwfIgO7xHfp3yvd1nl5A%2BshYtOklb2Tku8fZD2UFM%2FZBx%2BOpDcT0quOIvXbj%2FTjrf1Q0BSelCdEgpXhcBsbeWoals%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7390289f2ab39078-FRA
vary: Accept-Encoding
expires: Sat, 13 Aug 2022 10:06:27 GMT

GET
H/1.1 200
OK / Show response
api.voxus.tv/verify/ 24 B
249 B 501ms
143ms XHR
text/html 34.204.33.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.voxus.tv/verify/?adv_id=1135&ck_id=16602123850140.472466468504616270cb6iu6qvqjs&ipa=true
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1003189.js?v=1231900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.33.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-33-205.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.17
Resource Hash: 91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 10:06:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.17
Content-Length: 24
Content-Type: text/html

GET
H/1.1 200
OK / Show response
api.voxus.tv/verify/ 24 B
249 B 461ms
102ms XHR
text/html 34.204.33.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.voxus.tv/verify/?adv_id=1471&ck_id=16602123850140.472466468504616270cb6iu6qvqjs
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1003189.js?v=1231900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.33.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-33-205.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.17
Resource Hash: 91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Aug 2022 10:06:28 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.17
Content-Length: 24
Content-Type: text/html

GET
H/1.1 200
OK / Show response
api.ipify.org/ 32 B
274 B 306ms
98ms XHR
application/javascript 52.20.78.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1003189.js?v=1231900
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-78-240.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 547232a4db04449d6ac7f3d9436d8b9feecbb90baab49ceafcc80d551d21ecb2

Request headers

Referer: https://www.gcmgames.com.br/recarga-celular-m25/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Thu, 11 Aug 2022 10:06:29 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.gcmgames.com.br
Connection: keep-alive
Content-Length: 32

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
633 B 131ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10110934

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 10:06:28 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 11 Aug 2022 10:06:28 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 29ms
10ms Image
image/gif 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=18588459&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:06:28 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 710264ec-b6f0-4838-a7ab-afdf03e1e50f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 43 B
1 KB 26ms
8ms Image
image/gif 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=18741353&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gcmgames.com.br/recarga-celular-m25/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Aug 2022 10:06:28 GMT
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 84426952-387c-4082-97aa-db2a9bbb06cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.popkit.club
URL: https://app.popkit.club/pixel/f0459fe4cd0acca154e6b11f90c8bd32

Domain: events.chaordicsystems.com
URL: https://events.chaordicsystems.com/v7/events/views/category

Verdicts & Comments Add Verdict or Comment

309 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

79 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 13:48:36	Name: sback_browser Value: 0-61211700-1660212386e312430e4e5de6cbafeb9abd3f0b5b1ceb3cc5e018416203962f4d4a2957282-80363949-185213155168,1301760150-1660212386
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 13:48:36	Name: sback_client Value: 5a201290808c3c786b4d5375
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 05:11:31	Name: sback_access_token Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhcGkuc2JhY2sudGVjaCIsImlhdCI6MTY2MDIxMjM4NywiZXhwIjoxNjYwMjk4Nzg3LCJhcGkiOiJ2MiIsImRhdGEiOnsiY2xpZW50X2lkIjoiNWEyMDEyOTA4MDhjM2M3ODZiNGQ1Mzc1IiwiY2xpZW50X2RvbWFpbiI6ImdjbWdhbWVzLmNvbS5iciIsImN1c3RvbWVyX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzEzIiwiY3VzdG9tZXJfYW5vbnltb3VzIjp0cnVlLCJjb25uZWN0aW9uX2lkIjoiNjJmNGQ0YTM4ZjExZjgyMzA3NjNkMzE0IiwiYWNjZXNzX2xldmVsIjoiY3VzdG9tZXIifX0.ESR1o64hKE-LuXyWgWvDJOkF6opmMUY6hYzu_P_TTl0.WrWruyuyqBgPWrgPKqiYEi
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 13:48:36	Name: sback_partner Value: false
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 05:10:15	Name: sback_current_session Value: 1
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 13:55:48	Name: sback_total_sessions Value: 1
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 13:55:48	Name: sb_days Value: 1660212384812
www.gcmgames.com.br/recarga-celular-m25	1970-01-20 05:10:55	Name: sback_customer_w Value: true
i.liadm.com/s	1970-01-20 05:53:24	Name: _li_ss Value: MgkI_____wcQ_RI
www.gcmgames.com.br/	1969-12-31 23:59:59	Name: SID Value: e31k1sqebkacoc8chdzpmw
www.gcmgames.com.br/	1969-12-31 23:59:59	Name: gcmgames Value: histsecoes=0%23%23Toda+a+loja
www.gcmgames.com.br/	1970-01-20 07:19:48	Name: StaticTimeStamp Value: 11122020172707
www.gcmgames.com.br/	1970-01-20 05:53:24	Name: splash Value: 1
.gcmgames.com.br/	1970-01-20 14:46:12	Name: _ga Value: GA1.3.384816111.1660212381
.gcmgames.com.br/	1970-01-20 05:11:38	Name: _gid Value: GA1.3.1458625793.1660212381
.gcmgames.com.br/	1970-01-20 05:10:12	Name: _gat_tracker1 Value: 1
.gcmgames.com.br/	1970-01-20 05:10:12	Name: _gat_tracker2 Value: 1
.criteo.com/	1970-01-20 14:31:48	Name: uid Value: a89b2206-6a81-4d9f-93af-bae4dd8080ba
.gcmgames.com.br/	1970-01-20 07:19:48	Name: _fbp Value: fb.2.1660212382270.986587209
.gcmgames.com.br/	1970-01-20 14:39:36	Name: cto_bundle Value: s0DxK19kNkwzeHB6bEVJUGMwb2pMcDZLMCUyQlg1aW9vVmdrTExvSXZGSVhqY0taJTJGTHR3b0lxYVdLc1A2amNlcjJGU0hOVUN5UnZRVXNTa1IxZzU0bmlsSzMycTk1c2lXa2FWNzNMJTJGT1ZXSTJDSWs1NWtSM0F4JTJCSHJDRXRFSGxWVGFXa0hHVjhqUTBQMHEwJTJGb24zZWlBcGs2U0ZRJTNEJTNE
.gcmgames.com.br/	1970-01-20 13:55:48	Name: nav_id Value: c3713d24-e763-4be7-83a5-06172d6c45e8
.www.gcmgames.com.br/	1970-01-20 13:55:48	Name: hgyclh-w9848 Value: 427363efa8642a4210f66a6b9e0db312
exchange.mediavine.com/	1970-01-20 05:30:21	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2242a361d0-195d-11ed-bfac-7dde533790b9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:30:21	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2242a361d0-195d-11ed-bfac-7dde533790b9%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 05:30:21	Name: criteo Value: %7B%22id%22%3A%22k-YJjMJ_KRsMoNb-5YO_JJDiCkzVfKh05aE-bjGA%22%2C%22version%22%3A%22criteo%22%7D
.adscale.de/	1970-01-20 13:52:28	Name: uu Value: 824414a410aa4d568095f4eea30b390f
.adscale.de/	1970-01-20 13:52:28	Name: cct Value: 1660212385918
.ih.adscale.de/	1970-01-20 13:52:28	Name: tu Value: 4#3968972216#40~k-gWRuTvKRsMoNb-5YO_JJDiCkzVcWIysBabIFjw~461170~0~0
.casalemedia.com/	1970-01-20 13:55:48	Name: CMID Value: YvTUoYrQwU8o4t9duzL34gAA
.casalemedia.com/	1970-01-20 07:19:48	Name: CMPS Value: 1139
.casalemedia.com/	1970-01-20 07:19:48	Name: CMPRO Value: 1139
.gcmgames.com.br/	1970-01-20 13:55:48	Name: legacy_p Value: c3713d24-e763-4be7-83a5-06172d6c45e8
.gcmgames.com.br/	1970-01-20 13:55:48	Name: chaordic_browserId Value: c3713d24-e763-4be7-83a5-06172d6c45e8
.gcmgames.com.br/	1970-01-20 13:55:48	Name: legacy_c Value: c3713d24-e763-4be7-83a5-06172d6c45e8
.gcmgames.com.br/	1970-01-20 13:55:48	Name: legacy_s Value: c3713d24-e763-4be7-83a5-06172d6c45e8
.adnxs.com/	1970-01-20 07:19:48	Name: uuid2 Value: 4792962874246797302
ct-socket.huggy.app/	1970-01-20 05:20:17	Name: AWSALBCORS Value: CAKrZ2kIU8Cu+laGpspMuLvTXoGpXelT+zaKRUNMJIbqhEQxLFbax/60mSB69XEZJL2/LJ4h7Dqt6vQ+ghkFwmPIU1i7y9cUUEtXvBCyZRwE2xehZEYexq25seZB
.gcmgames.com.br/	1970-01-20 05:10:14	Name: impulsesuite_session Value: 1660212383386-0.5043482890959419
.360yield.com/	1970-01-20 07:19:48	Name: tuuid Value: e7acfe37-9504-4712-b461-4ecfda21ae4f
.360yield.com/	1970-01-20 07:19:48	Name: tuuid_lu Value: 1660212386
.bidswitch.net/	1970-01-20 13:55:48	Name: tuuid Value: b021399a-df6b-4269-a960-c39b22bbbe24
.bidswitch.net/	1970-01-20 13:55:48	Name: c Value: 1660212386
.bidswitch.net/	1970-01-20 13:55:48	Name: tuuid_lu Value: 1660212386
.gcmgames.com.br/	1970-01-20 05:10:14	Name: _st_ses Value: 4209377783940429
.360yield.com/	1970-01-20 07:19:48	Name: um Value: !38,Su47bPSzE7ng9kbPD5dNy6YH0T94BWE5ICFApHhlHbRFnY5OA3WcDkMs-VpH3usBGqcH6xbI,1667988386
.360yield.com/	1970-01-20 07:19:48	Name: umeh Value: !38,0,1722420386,-1
.casalemedia.com/	1970-01-20 07:19:48	Name: CMTS Value: 5156
.doubleclick.net/	1970-01-20 14:31:48	Name: IDE Value: AHWqTUmHQRjc_mGj6or41Nt5ImDN5YqDzgMCj9ENV80pSmHfoHqZzJAOVUEntsQFJYY
.demdex.net/	1970-01-20 09:29:24	Name: demdex Value: 76686060034135367653634945273422855292
.yahoo.com/	1970-01-20 13:56:09	Name: A3 Value: d=AQABBKLU9GICENuHDn7Td4RUVELZB5kgf_EFEgEBAQEm9mL-YgAAAAAA_eMAAA&S=AQAAApfK2mQubdQ2ByyY0mWaZlQ
.dpm.demdex.net/	1970-01-20 09:29:24	Name: dpm Value: 76686060034135367653634945273422855292
.analytics.yahoo.com/	1970-01-20 13:55:48	Name: IDSYNC Value: 18zh~26iy
.id5-sync.com/	1970-01-20 05:10:12	Name: cf Value:
.id5-sync.com/	1970-01-20 05:10:12	Name: cip Value:
.id5-sync.com/	1970-01-20 05:10:12	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:10:12	Name: car Value:
.id5-sync.com/	1970-01-20 05:10:12	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:10:12	Name: callback Value:
.yieldlab.net/	1970-01-20 13:55:48	Name: id Value: 7bc675c7-8381-43f2-afeb-0b5d4f355cd8
.media.net/	1970-01-20 13:55:48	Name: visitor-id Value: 3032139868397699000V10
.media.net/	1970-01-20 05:53:24	Name: data-c-ts Value: 1660212386
.media.net/	1970-01-20 05:53:24	Name: data-c Value: k-mV6ugfKRsMoNb-5YO_JJDiCkzVelIEKc_zHLzA~~3
.gcmgames.com.br/	1970-01-20 05:53:24	Name: _spl_pv Value: 1
.sxp.smartclip.net/	1970-01-20 05:53:24	Name: uuid Value: c4f809d8-a2d4-f462-3bdc-ce092a5a127b
.krxd.net/	1970-01-20 09:29:24	Name: _kuid_ Value: PAvEeetw
.sxp.smartclip.net/	1970-01-20 05:53:24	Name: dspuuid Value: 69.k-d8WfHPKRsMoNb-5YO_JJDiCkzVdTw2gM-nhmNA
.sxp.smartclip.net/	1970-01-20 05:53:24	Name: psyn Value: 19215.69
.gcmgames.com.br/	1970-01-20 05:10:14	Name: _st_cart_script Value: helper_impulse_meta.js
.gcmgames.com.br/	1970-01-20 05:10:14	Name: _st_cart_url Value: /
.gcmgames.com.br/	1970-01-20 05:10:14	Name: _st_no_user Value: 1
.liadm.com/	1970-01-20 14:46:12	Name: lidid Value: 442b4cf3-91e1-4868-a307-3ba0de97c895
.gcmgames.com.br/	1970-01-20 13:48:36	Name: sback_customer Value: $2gaygTSIpWMadHM3FlVHVjTUhGcOpHRa9ETtJjR2Q1VNVXbshWMqZVTlp3cBlleM5kVyQWTIRUZaRketVUT6FXT2$12
.voxus.tv/	1970-01-20 14:46:12	Name: _dmp_ Value: 16602123850140.472466468504616270cb6iu6qvqjs
.voxus.tv/	1970-01-20 07:19:48	Name: voxusdsp_ret2 Value: [["1135","2022-08-11 10:06:25"]]
.gcmgames.com.br/	1970-01-20 05:10:15	Name: voxusmediamanager_id Value: 16602123850140.472466468504616270cb6iu6qvqjs
.gcmgames.com.br/	1970-01-20 05:53:24	Name: voxusmediamanager_acs2 Value: true
.gcmgames.com.br/	1970-01-20 05:53:24	Name: voxusmediamanager_acs Value: true
.adnxs.com/	1970-01-20 07:19:48	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?_ic(S1!]tbP6j2F-XstGt!@DZl$h:W'
.gcmgames.com.br/	1970-01-20 05:10:12	Name: voxusmediamanager__ip Value: 185.213.155.168

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://w4.ezcdn.com.br/gcmgames/files/_css/fonts/fontawesome-webfont.woff2?v=4.3.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://w4.ezcdn.com.br/gcmgames/files/_arquivos/bannerblog/blog2.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.popkit.club/pixel/f0459fe4cd0acca154e6b11f90c8bd32 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=pubN4zKAHaBemuBQlzZLihNt3atl-wgt Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.gcmgames.com.br/recarga-celular-m25/ Message: Access to XMLHttpRequest at 'https://events.chaordicsystems.com/v7/events/views/category' from origin 'https://www.gcmgames.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://events.chaordicsystems.com/v7/events/views/category Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/js/vitrine-lateral.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://shopbackbr.github.io/ShopTemplate/projects/vitrine-lateral/css/theme.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/logo.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/adicionaCompra.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/bannerVitrineLateral.png Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://static.shopback.net/shoptarget/uploads/imagens/GCM-Games/2018/03/logo.png Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.sxp.smartclip.net
ad.yieldlab.net
ajax.googleapis.com
api-ads.percycle.com
api.ipify.org
api.shopback.net
api.voxus.tv
app.popkit.club
app.shoptarget.com.br
beacon.krxd.net
cdn.jsdelivr.net
cdn.targeting.voxus.com.br
certificados.trustvox.com.br
certificate.trustvox.com.br
ckies.net
click.retargeter.com.br
cm.adform.net
cm.g.doubleclick.net
collect.chaordicsystems.com
connect.facebook.net
contextual.media.net
cotads.adscale.de
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
events.chaordicsystems.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
front.shopconvert.com.br
front.shoptarget.com.br
googleads.g-static.co
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
js.huggy.chat
match.sharethrough.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
shopbackbr.github.io
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
static.shopback.net
stats.g.doubleclick.net
suite.linximpulse.net
sync-t1.taboola.com
sync.outbrain.com
targeting.voxus.com.br
targeting.voxus.tv
trustvox-certificate-assets.storage.googleapis.com
trustvox.com.br
ups.analytics.yahoo.com
visitor.omnitagjs.com
w-cdn.huggy.io
w1.ezcdn.com.br
w3.ezcdn.com.br
w4.ezcdn.com.br
webfonts.huggy.cloud
widget.huggy.io
widget.us.criteo.com
www.facebook.com
www.gcmgames.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
app.popkit.club
events.chaordicsystems.com
104.103.102.147
104.111.242.245
104.18.18.126
108.138.7.103
13.224.189.103
13.225.78.62
13.225.78.69
13.225.78.90
141.226.228.48
141.95.98.66
142.250.185.98
142.250.186.66
178.250.0.157
178.250.2.151
18.159.184.12
18.66.15.79
185.255.84.153
185.64.190.80
185.86.139.89
2.18.79.138
2.18.79.139
20.65.84.125
212.82.100.181
2600:1f18:612b:4264:5a8d:94bc:2cf9:40df
2600:1f18:ed:550e:2d6f:6c5:afe6:e7fa
2600:9000:21f3:3000:2:5ea4:5e80:93a1
2600:9000:21f3:d200:1b:832b:ac00:93a1
2606:4700:10::ac43:254d
2606:4700:20::681a:8a2
2606:4700:20::ac43:4635
2606:4700:3037::6815:27b3
2606:4700::6810:5814
2606:4700::6812:1aaf
2606:50c0:8001::153
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:803::2004
2a00:1450:4001:808::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::2010
2a00:1450:400c:c00::9b
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3121::c
3.121.205.163
3.126.56.137
3.142.112.216
3.64.230.211
34.204.33.205
35.158.200.182
35.186.194.101
35.244.174.68
37.157.6.242
37.252.172.250
52.1.133.67
52.20.78.240
52.210.214.177
52.59.78.133
54.156.247.58
54.163.144.204
54.73.80.98
69.173.144.138
70.42.32.95
74.119.119.150
76.223.111.18
85.215.5.31
92.123.38.97
00a7dc8a1d809aa4c3498326a126145d45afa34efd7515388a11a658aecfdf1a
0245daa77bb76cebacef544bf46faf4e4bffb29bbc6fde190f470b3058e9b29f
04496da2c18ceb8e7931797e2bec6a65f34887a01eb654e912bea0b839607548
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
077086e572ab7319595b15192ae3f55be182d21bdadf971636d45ff35bdc4d77
0d48d49b5723388b215fa8d3348ce674ef058261cf3cdd88a8fc1acc461a06d5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
0ffb079cda0d36482645313c77fbebc826aaefb5ce15a7dbf035e2b20a42b922
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b876b0dc6795b2d7519927ac90701aec42653de7f89de473392851e1991f9d
193ba1b073e96e5494dd4dc217e47790141f644be81490521ef8b94eb30d1327
1b2f5622b6448a36e9744495757033a5ceb717250988d977d522b33f70d6ee41
214311a9366a961ba5da2aeb04d659b4da237be97fcbac135f62aa8e649f302f
259089c6c2033989f615e79d44c2cbdebd4c18ee866392fbaf7711c8900236bc
26172f56d11f9c4f9f95a5b57e055fce068e1ff3e0f6ad1c0c19a1b254eeeefa
27c7492cd34f28c7b632c86d51ecff88a26ccb6249ed5d09238ccfc659c6e3c1
2a90481dffd785bb11576544c95fcd60067f882bc00d610dfa8337f8e830de6e
2bc26f5ff936fd533e6b932e60baa8c5c40e826c7eadaa1db0aac951c484db7e
2d95eafbedf5bc63c5cb77855a1e4570555479250a10f4cf2541ab7a01e40910
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3630925de3d029aa2ff1530cc7ecbcaa33bd4b55737873f00822ef2ca41cc017
3ab9ea042851ea75b12b793dd9b339344bd5bee4252f84ab4015c884a3d0c957
3b74ebea483400ac0412ee67187625ae4eefb19427ae64a61e1d71cb12d896c1
4041d1cc02d8516ab396c6442273393bd777885e4bd7d19af8ce8ac7661470be
428a1b721526badd4f45e47f48245eb9d3e6615678a2aae5916d71bb12423e2b
448c8c75354f45c7d2c2c4a10ce0de386fdc749106c1fdb8c431d30956a2018a
48045f8957b6ee013645fd93fd0c1623cf72433456e90a7c738a0e4a980bcf42
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea09600373fd4473808ee9cc1bec09b507d2b4a6a1a2475d5ceff74b3bef1c2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
513228dc1e7198561c055065b7c8ee9703b090917a731ed892b5f92ca3c224a4
547232a4db04449d6ac7f3d9436d8b9feecbb90baab49ceafcc80d551d21ecb2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f02a26b41529e67d8c82b81fb0ec7a54a4880e8a2a97a3d4af0574ebe3806e
5610e6bdfb45b1d1cee5af48e777aa7a6bc2e45a29146521ea2cddf90dbfe7e0
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5b87357f2654192d0705d3c8a00945bb279cc67153dc3fe8fb2dd34b70f45c01
5dfeba99dc69c8d7b89cafae438c373b32f330f79371597f4127e4606f730b41
628ae5209ff66d86db509f30a2c881b3db39ce3092c090e9a1b9c68497cfb6d2
636e051c42f3aab7a59466a62c26ef14e9039a1612bebdacee250961d998ac9b
638a480ab90c68ac0442549be9748390bcf676941a9cc95771e1019d283d769c
64a2cfa9b976f3035ddc939bae67324cafe5783fa7717c89dfd3f0c96ee54612
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66d6c4a05908fcebf862ef9e7d3c71975d787911aa3b19abb1f2d4469b6b4841
678743e83d255d34a3476fa3eed80d55d212874f0fe98285a54fbf293f8b73ee
68feacdbfc41fdf784f0e4f1da2ec9b845a8ce43fd6a3f742fc18077b59a94e3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6faed34fd19f94af9d806fa1ac9e513b7c44076d135e72cc432eb8790c9c8968
754bb9ac3d085efab70f7efab6ca082230a959ea2c3545654adb5746c209d5f6
76cf209ad2b2e77d41db6b60874c228d99f23877b89e0d0ef802ed3eb88fba73
7707d2d97cd5cf87547c285468a471b0bb0b7a5597ecd3eeac416b2c1b6b786c
7812f0bbd5dbb1b353b63325891c5e95fce16b6b1391d60d0865eba85140de03
7e6b40e50c84af5a5bf1f06574d258bc12049da76daa4dc2749c5f4f1d131a0a
7fb14602ae1367f2973200ec9c5c597bb4241074f77669b9a48c84b5fc8e6767
81a161d5793ac2a33f02ddcd64fb0dc2d028616dac084e4f64e77f4898b0c4e4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86e467735c7c594f72fa0a2adccb89a36590f601446fdbf1de3f0aead46c7b43
89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a40d99d2cf732daefa59c0de332d8001e8564a14bfa99a5406ca2da7a141d2e
8b89fb75ad247043d278773e869308b438e2cd2d38ac7c78c1ebd3d905ab60c4
8bfb872b7eb198218613128be5c74402a9a1b20e8c662dd8dec29b6c21f58d06
8e1ea20222499ae6ac9d063839ef4ab8e81c5aa0b8dbdb969e6f6b54625215b9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c
91fa37cea50de551c1cd1d367311a4acf34db0e578224d0d1f64e8c3701251cc
9230d2cc464817b3cccc77f8e06c220c0a2dd365ad5370c80ae0629946a26bcd
94a7bba3baf4aa24824ca274810347f807af47ca98fad1e74bd625fd837bbd13
96790f157153d0cb9f1d42da1d638733544fa207722b93fe8ac45f4e839e944a
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
981707d7eb6fd47b78ae2318115ac59342a2051bb26e8ee3124bc87063e87f09
984b1b94570eb38a7908d35f5c326026067cdb6c8d62a28373bc0b23bd01c2d5
991f64943b662c8a902bdc0ab37fec2d88b006f6b30ff839cb102fc90cdd0e0f
9b7a5e49c7f89a7e0047e3ab96cf6d0a2af01eec36f0596ca7e4484d68a55157
9f19d9f6018fecf3ff04f866e6941a2c85a0b9e341a7bed8a983a1b7893a9c39
a01bcc831785bbe2818ccc1c6cfa1c125a0537ac2cccdfae64481d84050b31bc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c636f30c1965ba96e72f23d4892465cd4df82ca089243f647b2f169dd08065
a3fd05981a0c3de2a9a444448377474b00455094746abfec60bb97bf0e66ae4e
a7de59dafa959ed051b76f14d7a6695263277ba4c2bbe83ea9b907dd7dc53468
ab87be18ca9e16ff3280bce7c30b836ba2bc6c51303cd1f58787ea8508a94c55
ab96b90b9f492c6d024412b5bf721720bef5d6e16a3758f59c2fe3f0b3e44337
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b8ee6dcd0a8566081fd5848b71e9ce47a619ba327b831d43adec9307daebee1e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be8a9a2f760f0742f517f5f328c4706e6002ffb81f8abf85a3cbe19ca10142db
c0593e62644a7fec131e43547e0d2cec3381175ce0b9fe98ffc35765becd61b8
c1fe48cf30b4b66d4f51f75dda260d86cee7b689f531b2b8ffe1e3813159c120
c33a24025222203e7a2269b0e8ed0c68154125b1afa7f1d9520924672ec15c0b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c906e8dcbf84ad42019e58e8ffb69f3a7d84f1fb5df0298d5fc2bc09c108e80a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5a4c407d8fe96cfe8c0ef104490a2deea12c8c5450bdb0efb362933444346fe
dd24e3e3d8e839c45839329818e9b8db0251ef6098bf8867708b76253b1c4053
df6268f79566cfe39333a90d22622d0d5e4af8059814f6c18a7f7b63d7e22ef5
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e1adb6f427a4b13bbeb63a3c82bc2db0aba487817e8f02508302b732a24f6e3b
e3870de89716b72cb61a4bba0e17c75783b361cdaba35ea96961c3070bd8ca18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fdd4c769fae3ae6b05de109077227cb38d2e465666705fcf6041b2911b965a
e5321dd3cb3939d73791581e72b18588f940c27a4cb92740cacde355ada73deb
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
eb4a4e4e9c35fba7d8dcc0d00609af2a9770c60b64c1dfb0642fc60171f369a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0669f468e2482247a1b308dd273846000a122df6eba329d5bfbe0ea960c58ed
f0fc36ec143fba605ddcf53cd3239220b8fac3b64225633fc5e4054793adb818
fd658e65daffcde69ce2f0b2dce79ccc9531cdea4193dcf27cece1b6644ed0c6
fe1f2315a24c0f3ea5646738a71087bd616af2aee8769267ec035ad9a31a02a0
fedcda93f53247ac7ab7c2969f32076b7e02b0161c3b5652237fda01d4f648ab
ffe0be955f1f743ac4ed4be157c4e8fd01398c0a28fc7139f91975b1f0b6982e

www.gcmgames.com.br Open in urlscan Pro 20.65.84.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

91 %HTTPS

36 %IPv6

61 Domains

83 Subdomains

69 IPs

10 Countries

2285 kBTransfer

4786 kBSize

79 Cookies

8 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gcmgames.com.br Open in urlscan Pro
20.65.84.125 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

91 %
HTTPS

36 %
IPv6

61
Domains

83
Subdomains

69
IPs

10
Countries

2285 kB
Transfer

4786 kB
Size

79
Cookies

190 HTTP transactions
0 data transactions