urlscan.io logo urlscan.io
SecurityTrails logo

forum.guiadohacker.com.br Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: http://forum.guiadohacker.com.br/
Submission: On January 31 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 9 countries across 32 domains to perform 313 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is forum.guiadohacker.com.br.
This is the only time forum.guiadohacker.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
28 2a06:98c1:312... 13335 (CLOUDFLAR...)
58 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 25 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
13 31 172.217.16.194 15169 (GOOGLE)
3 7 104.18.36.155 13335 (CLOUDFLAR...)
3 5 185.89.210.46 29990 (ASN-APPNEX)
6 142.250.184.198 15169 (GOOGLE)
22 46.4.10.49 24940 (HETZNER-AS)
9 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 5 138.201.84.244 24940 (HETZNER-AS)
6 34.98.64.218 396982 (GOOGLE-CL...)
1 8 23.32.185.35 16625 (AKAMAI-AS)
1 5 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 3.75.62.37 16509 (AMAZON-02)
7 138.201.135.164 24940 (HETZNER-AS)
2 142.250.186.162 15169 (GOOGLE)
4 94.130.102.164 24940 (HETZNER-AS)
5 10 54.76.227.52 16509 (AMAZON-02)
1 14 104.64.118.247 16625 (AKAMAI-AS)
3 138.201.63.145 24940 (HETZNER-AS)
3 176.9.26.250 24940 (HETZNER-AS)
5 2600:9000:20b... 16509 (AMAZON-02)
1 1 23.213.161.198 20940 (AKAMAI-ASN1)
1 65.9.66.58 16509 (AMAZON-02)
3 2620:116:800d... 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
6 6 213.155.156.165 1299 (TWELVE99 ...)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 51.89.9.251 16276 (OVH)
4 4 18.193.90.185 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 37.157.3.20 198622 (ADFORM)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.214.149.91 15169 (GOOGLE)
313 36
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
forum.guiadohacker.com.br
28    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
forum.guiadohacker.com.br
58    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
25    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
38    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
31    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
cm.g.doubleclick.net
7    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
22    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
9    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de
hal900026.redintelligence.net
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
8    23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com
sync.teads.tv
5    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
7    138.201.135.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
4    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
10    54.76.227.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
ti.tradetracker.net
14    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
3    138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de
hal900010.redintelligence.net
3    176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
5    2600:9000:20b4:cc00:1a:7c92:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.tradetracker.net
1    23.213.161.198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-198.deploy.static.akamaitechnologies.com
ui2.awin.com
1    65.9.66.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-58.fra56.r.cloudfront.net
a1.awin1.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    85.114.159.118 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
6    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    2a05:d01c:1d8:8101:ce35:92aa:dc67:4345 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    18.193.90.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-90-185.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
871 KB
62 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
ad.doubleclick.net — Cisco Umbrella Rank: 163
265 KB
44 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38309
hal900026.redintelligence.net — Cisco Umbrella Rank: 216221
hal900015.redintelligence.net — Cisco Umbrella Rank: 252534
hal900012.redintelligence.net — Cisco Umbrella Rank: 210406
hal900010.redintelligence.net — Cisco Umbrella Rank: 189872
hal900014.redintelligence.net — Cisco Umbrella Rank: 215778
348 KB
30 guiadohacker.com.br
forum.guiadohacker.com.br
367 KB
17 gstatic.com
www.gstatic.com
fonts.gstatic.com
220 KB
15 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
a1.awin1.com — Cisco Umbrella Rank: 48836
20 KB
15 tradetracker.net
ti.tradetracker.net — Cisco Umbrella Rank: 113022
static.tradetracker.net — Cisco Umbrella Rank: 120399
371 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
95 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1376
1 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
519 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
5 KB
6 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
2 KB
6 openx.net
us-u.openx.net — Cisco Umbrella Rank: 524
744 B
5 google.com
www.google.com — Cisco Umbrella Rank: 2
710 B
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
5 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
3 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
771 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
891 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
235 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1872
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 53518
612 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 2226
297 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
587 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
718 B
1 awin.com
ui2.awin.com — Cisco Umbrella Rank: 51824
101 B
1 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
125 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
27 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
313 32
Domain Requested by
58 pagead2.googlesyndication.com forum.guiadohacker.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
38 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
forum.guiadohacker.com.br
pagead2.googlesyndication.com
31 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
30 forum.guiadohacker.com.br forum.guiadohacker.com.br
ajax.googleapis.com
25 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
forum.guiadohacker.com.br
22 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900026.redintelligence.net
hal900015.redintelligence.net
hal900012.redintelligence.net
hal900010.redintelligence.net
hal900014.redintelligence.net
14 www.awin1.com 1 redirects googleads.g.doubleclick.net
hal900015.redintelligence.net
hal900012.redintelligence.net
11 fonts.gstatic.com fonts.googleapis.com
10 ti.tradetracker.net 5 redirects forum.guiadohacker.com.br
hal900026.redintelligence.net
9 fonts.googleapis.com googleads.g.doubleclick.net
hal900026.redintelligence.net
hal900015.redintelligence.net
hal900012.redintelligence.net
hal900010.redintelligence.net
hal900014.redintelligence.net
8 sync.teads.tv 1 redirects googleads.g.doubleclick.net
8 www.googletagservices.com googleads.g.doubleclick.net
forum.guiadohacker.com.br
7 hal900015.redintelligence.net hal9000.redintelligence.net
hal900015.redintelligence.net
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
6 d5p.de17a.com 6 redirects
6 us-u.openx.net googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 ad.doubleclick.net googleads.g.doubleclick.net
5 static.tradetracker.net googleads.g.doubleclick.net
hal900026.redintelligence.net
5 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
5 hal900026.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900026.redintelligence.net
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 pm.w55c.net 4 redirects
4 hal900012.redintelligence.net hal9000.redintelligence.net
hal900012.redintelligence.net
3 cms.quantserve.com googleads.g.doubleclick.net
3 hal900014.redintelligence.net hal9000.redintelligence.net
hal900014.redintelligence.net
3 hal900010.redintelligence.net hal9000.redintelligence.net
hal900010.redintelligence.net
2 c1.adform.net 2 redirects
2 onetag-sys.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 www.googleadservices.com forum.guiadohacker.com.br
1 x.bidswitch.net googleads.g.doubleclick.net
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 gcm.ctnsnet.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 a1.awin1.com hal900015.redintelligence.net
1 ui2.awin.com 1 redirects
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 cdnjs.cloudflare.com forum.guiadohacker.com.br
1 ajax.googleapis.com forum.guiadohacker.com.br
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
313 45

This site contains links to these domains. Also see Links.

Domain
proxylink.pro
Subject Issuer Validity Valid
guiadohacker.com.br
GTS CA 1P5		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
redintelligence.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.tradetracker.net
Amazon RSA 2048 M02		 2023-09-19 -
2024-10-16		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.innovid.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-04-14		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 46 frames:

Primary Page: http://forum.guiadohacker.com.br/
Frame ID: BD8136AB7B1DD6575EA95D4DC427FA29
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Frame ID: 8EF6E6BCA2427BF059DBF55B17CF68A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Frame ID: DC4D2205C9F063CBC918F21CD824F623
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&adk=3969420673&adf=1607144832&lmt=1706660207&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706660207308&bpp=5&bdt=1989&idt=364&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=375
Frame ID: CF5238B93F8B5E9367FFF7750E3796FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Frame ID: 649100012B7BEB38BAA6AE6BD72BD142
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Frame ID: 0811787BCDBA2B44C5D3BED2745D2A72
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Frame ID: 70ABB934A94692068A316555A31275E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Frame ID: AC632E8A812F4B97F26CD3DBEA9ABFE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 551B83F712393F9741AB90DB789358D1
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3E7811CE10F940DE146370BD39B9AEFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 88D787FD5754536BEFFE36C6F3F309B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D488D2D450165CE4B25D870E4FB90389
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5E3249709F7AE922023E7188EB95AF8A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Frame ID: C888E08446A2847AA0FEC4C545C86F50
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 578D6359302BAAEC3676383D005DA6C2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Frame ID: 505F6A46443AD852CBF6F331255B2EDF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: ED95C1A64F8DEE47C7C17F1409E35466
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0438EB40758F5E59274AFA579DAE44B3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A41BC850634C3501995696C322962E30
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Frame ID: 7ED4B34B4BF5CDFB472435AA2FD7C495
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 968FE7F593E45855530521B8A0E657F2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Frame ID: CFE1DBFC6A2CC336C9D267DE8199CEB5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3CD989051DAB6C5BAE1517F6F1ADFFAA
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: D5A0B2FB8F445C0D8B67EAB184892441
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWyngnzIY4UKYkCD6NAsB7DLpN77NezRDrXZIN785xpmqWcChTPiA6Ymr5ef7RmwBe9clKIzef5-6GCh3MgCgyrvf_Xt0xMoZzQHh6YRXy00oIB2AKTmVVyPxDLt3pw8qjYicLTZYDsjjrlZrdde-4s_8n5AVHj3HLIehbP6_ZJSbhchQY
Frame ID: C8992AC8F987E93A100856E8D96C4F89
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F5BBA1ACDC5FCC5C933F7F1FEC7BBF80
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E2210CF95942E4C439B0253A9C6CE6B5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4CEEE520A02F8D42D6F9E351B20D12CA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Frame ID: 0D5110F27F913D55DD2BEDA1BCB260C8
Requests: 1 HTTP requests in this frame

Frame: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Frame ID: BBC31ED78FBA425B0C65628F3D489C7A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DAE250AC81DFE96A41E02F80D54824B0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9901D762E61644D80F1156146F7AF8E3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7F5879C693BFBF5D286BBECEE84AE122
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=40455400004329204444456012586015&pv=1&pref2=guiadohacker.com.br
Frame ID: C0F26C8D04BEBA61E2DF0913B166973C
Requests: 1 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Frame ID: C82C2D32822C5193205D31D675664A18
Requests: 9 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=36178700004364004444456012586012&pv=1&pref2=guiadohacker.com.br
Frame ID: E023A3C8CCEE23382D6134ECF6087039
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=36178700004364004444456012586012&pv=1&pref2=guiadohacker.com.br
Frame ID: 0D5F1EF25C342AB2AF6297ACDA55501F
Requests: 1 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Frame ID: 03A089C4D221F45B1E0BE1152DE8D95F
Requests: 9 HTTP requests in this frame

Frame: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Frame ID: 3F4513DE5C758625FDECBC79B59F6ACC
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A12D6B56A86526A9CF8108EF38C3226A
Requests: 9 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Frame ID: 9E7BAB369AEA74F363180C00BAC5E6B1
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 61FBF1746E54A49601C677B820A02896
Requests: 9 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Frame ID: 571C4F67DDBEC885BE84256E3ECA0FDB
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 52CF25D6358B2CF5D5FA19F39A920FC1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AF738EA6D3FB7B08B6C14041ABBBBA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E606D40CED732C41C1395ABBD9B9F45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Comunidade - Fórum do Guia do Hacker

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

313
Requests

87 %
HTTPS

36 %
IPv6

32
Domains

45
Subdomains

36
IPs

9
Countries

3108 kB
Transfer

7436 kB
Size

42
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
Request Chain 43
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmRcJI0Rsg8.lioodsWBQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
Request Chain 44
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
Request Chain 45
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
Request Chain 88
  • https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D&documentReferer=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ancestorOrigins=http%3A%2F%2Fforum.guiadohacker.com.br&random=212680113987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D&documentReferer=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ancestorOrigins=http%3A%2F%2Fforum.guiadohacker.com.br&random=212680113987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmRcJI0Rsg8.lioodsWBQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Request Chain 118
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 132
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChDgAutxv17UQuzm_MpcDE&google_cver=1
Request Chain 173
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ChnN5b5G5ZfvVK7eGnsEPuem-YJHeiIFvvauAof8Q29keEAEg0bGHJ2CRhKCFjBigAer5o7YCyAEBqQKhwvBC-yeyPqgDAcgDywSqBNUBT9AqyqK29Uo_eoEIYHcHavtCIJkerp3dGyIB3UM6N_3bOPiHjilGNV7-9yVnrEqY7kDlnK2p1kGrFCXKkyEtVPBMKccAs93GMfY_ODviJcM5F9VAbALK0ndNhu4MKRdAbA-zfLvKghTHT8NCnHJDU1-yGl-VrwmXFKAFw1pnGJuim5R8UWS16koNlTvEP4FGxW0SG_yFdoUWBRgabk3VIuUZZIVHXCX98aEL3jKMP2oHHGZ__5A3HZ6O0jCadkEli-iSzPR9qNDU7dJIUS8EyXRmqL_9wASNhq3KlASIBYX5wa1JkgUECAQYAZIFBAgFGASAB_6F3MkBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ5I0M0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljjiLvbrIaEA5oJQ2h0dHBzOi8vd3d3LmNvbWFyY2guY29tL2ZpbmFuY2UvaW5zdXJhbmNlL2NvbWFyY2gtaW5zdXJhbmNlLWNsYWltcy-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODczNTA4MTcwNjA1OTIxNRgA&sigh=DjQSLsZvbL4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216089488192301914002%22,%22debug_reporting%22:true,%22destination%22:%22https://comarch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650706154%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227858276822895631185%22}&andc=true
Request Chain 206
  • https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=30629900004884704444450012586026&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
Request Chain 215
  • https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=40455400004329204444456012586015&pv=0 HTTP 302
  • https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png HTTP 301
  • https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
Request Chain 217
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=30629900004884704444450012586026&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Request Chain 245
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_cver=1&google_push=AXcoOmRxMwzT9q-zwNPhgthJBD3fbQgVuoXP33eAxU-_VxFjRnTCnOetWBzkdqfn4vWO-8oG1-l1IftJfkluGj_NcrNr0oUjeB3-4vI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRxMwzT9q-zwNPhgthJBD3fbQgVuoXP33eAxU-_VxFjRnTCnOetWBzkdqfn4vWO-8oG1-l1IftJfkluGj_NcrNr0oUjeB3-4vI
Request Chain 246
  • https://um.simpli.fi/gp_match?google_gid=CAESEISoYvrrYo7iVhB0zDD7YZY&google_cver=1&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDqiKTFESkmUL37Tjyc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEF9CAF3E5B24105BBB4EF1ADCAE9489&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDqiKTFESkmUL37Tjyc
Request Chain 247
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP4AT5-07IVaebmShwYrPwE&google_cver=1&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfIv8gy86SqlGPQGDYzc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDA0OTc4MzA0MzM4OTU4Ng%3D%3D&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfIv8gy86SqlGPQGDYzc
Request Chain 248
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No
Request Chain 250
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGG0nKpw0HaEt-NrBG61Mg&google_cver=1&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8-cD6C80a8p0-G5rQyg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8-cD6C80a8p0-G5rQyg
Request Chain 253
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66FrAT1X4dSFk1XJhz3y2PyCZdFTvcEAIb39pudDqHLZa6LU0dV3z-5cLhnd HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66FrAT1X4dSFk1XJhz3y2PyCZdFTvcEAIb39pudDqHLZa6LU0dV3z-5cLhnd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66FrAT1X4dSFk1XJhz3y2PyCZdFTvcEAIb39pudDqHLZa6LU0dV3z-5cLhnd
Request Chain 254
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEMxxNkluvWt4ZkeX8p-wM&google_cver=1&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcCTmWZpFR2OrjjbZA0CRVBs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcCTmWZpFR2OrjjbZA0CRVBs&google_hm=hbCfIlPiRWeZZ9py_q1vjME
Request Chain 256
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq
Request Chain 257
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJxIVQjszD1b4Be3MUhn1qU&google_cver=1&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP5iflrtJPlXcpsNHY87-5cqM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJxIVQjszD1b4Be3MUhn1qU&google_cver=1&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP5iflrtJPlXcpsNHY87-5cqM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM1MDgwOTAwOTAwMzg3OTMyNg&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP5iflrtJPlXcpsNHY87-5cqM
Request Chain 258
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHPmiURIf1vR3qwDUrSw8y8&google_cver=1&google_push=AXcoOmS3Mf4CdTZFJETGmIpH5q2eRVlt8-PqG6MFEdWBguSSwwAbf27b60YewzjTDV_gDhQvEGS6sppNW6KAzMM48Tez98YJVeCFgwmZMA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS3Mf4CdTZFJETGmIpH5q2eRVlt8-PqG6MFEdWBguSSwwAbf27b60YewzjTDV_gDhQvEGS6sppNW6KAzMM48Tez98YJVeCFgwmZMA HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 264
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=35977500004098304444456012586010&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Request Chain 266
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jyshYsa1WDrOkJQJNDpytpKGV36iMwJG11ZB49PQoIGNjUatY5_SzWPk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jyshYsa1WDrOkJQJNDpytpKGV36iMwJG11ZB49PQoIGNjUatY5_SzWPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jyshYsa1WDrOkJQJNDpytpKGV36iMwJG11ZB49PQoIGNjUatY5_SzWPk
Request Chain 267
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 268
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_cver=1&google_push=AXcoOmRY5tKQ9KLpJVaiQE01_pUl6YuLEzk24x7xNVM11OxubG39q3y1cuoelqv0-t--HXkLs3alNTtAk_fMmxLTg1Ot9M8waeRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRY5tKQ9KLpJVaiQE01_pUl6YuLEzk24x7xNVM11OxubG39q3y1cuoelqv0-t--HXkLs3alNTtAk_fMmxLTg1Ot9M8waeRg
Request Chain 270
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP
Request Chain 271
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGG0nKpw0HaEt-NrBG61Mg&google_cver=1&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoWFDs4OqExhaFff43v HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoWFDs4OqExhaFff43v
Request Chain 273
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=61417200004329304444456012586015&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Request Chain 278
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=47229600004328504444456012586014&t=html HTTP 302
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg

313 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
forum.guiadohacker.com.br/ 		189 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://forum.guiadohacker.com.br/
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08dff474c032cf50a99543097d49f40e8eaa9ddeb4af820edcceba81f881fd0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options sameorigin, sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84ddc485780d7758-AMS
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=ISO-8859-1
Date
Wed, 31 Jan 2024 00:16:45 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70OYbXJ7D1EuKcBcbHrmbWLZH4bIeixwHeta1E30kJJCmohMfMF2Q26ZKs%2FlYuTNtA1%2FwoJpZfxo7W4jmDqdX8SH5jzZkoDWFo1Mo1XhI3FCQyiqIlj6DR8UL3R8a5a7d2aEOvm9iz3mN0SA2t%2BVRvMJN%2BR%2FlESg"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
sameorigin, sameorigin
alt-svc
h3=":443"; ma=86400
css.php
forum.guiadohacker.com.br/vb5/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a47728e216d63aa5820a6d259dba8bdc21ec1180eeb31398140926bad27d7e26
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNtJII0fsAX3q9g%2FbUzCJHA0hmXfQLnHSraPa8Ii13hwzwoajApRFKfZEptL%2F5XTJxkjNl2YZyoRMXuE0ITAhZBY4CsLrGmp%2FUCdobiRc160J2IPRnxoqZP45OC%2FQWSn0pqJK0IC2TrMGbXAwygkR%2BkmfDmnq%2F8s"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d416702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:45 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		226 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_12_1_custom.css,css_jquery_qtip.css,css_jquery_selectBox.css,css_jquery_autogrow.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c778ecd8443ad88346ab10ac2f1bfe3dc2f893c85c90700e02d568332facca87
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWucwwwfyPtXBBIHDY4vV0MvhGJOR0tcj%2BfmeVcidTUCSAV9Bau4UoyxBo20urDZQ3lB96WYxrew1X6eUMYE4MG92Oo7NneO%2BJdgn5ah%2F1D4uC84yq3vq5pDZtarrxBJd5UxaU5xImVCs%2BG6qw2MgbFfnntdAlNB"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d426702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:44 GMT
header-rollup-564.js
forum.guiadohacker.com.br/vb5/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/js/header-rollup-564.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632fa9d7e19991e690d24a9f65a08922582b5d1d32745d53cca217e6d4c9a1fe
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113283
cf-polished
origSize=18116
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 22 Dec 2020 21:14:33 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9ALbKTY%2FxL1dcmIKhbng9sHfsJEP%2F9Bfr2UkTB1HrOYA9RaWkaBlv8TZiegLJkJcHQ5FGZPHzNuQ%2BjRrenKhNJmkz5HvyF5zgPb532PH9AsV%2F4WC7mV1dxxw24CH6ixveM%2FFobQuQ3gaBmbQuP4YBaqvgY7jWPq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
cf-ray
84ddc48bad5d6702-AMS
expires
Mon, 12 Feb 2024 16:48:41 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		902 B
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_login.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8375f748c40c582848c1a71d08047e2efe3172760e071420284a05300cb48b68
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWcJ50M9tgiYvhsJi%2FR2%2BZpl4qT5kvB7YJwEBa0PJc%2F8zBJNi0bsWLVGnzJVflk%2FQajmjpLVnwmJNwticbKFfyzqIUbKo5hpbddhgOzH7p7VUPLi68Ccdo8yExEaqh%2BWf%2BwB0Bd59ZYicjXkaT%2BmiTRQBJ5OHQvS"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d386702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:44 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_dbtech_vbshout.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7d009aa65b62f1953c635e1e87ff1d5618502199c017a114d65468fa15edd8
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzEGq9Czq7QQcDNUFf8F7lezaaOD17eeIM%2Fm0xMY%2Fnz3WIF7zaegWcnTdFyxpDEyEZsER75MClbsl4%2FpNh0PDXl3myB3dKWQTtKFSQxTuMKdDMZOqP7I2wcpNjPEwMCFgawGzgF17y98r6N7P66L7GRk801hRilu"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d3f6702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:45 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		2 KB
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_dbtech_vbshout_colours.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df67b5b36b4a11a65675363edbec0cf1c701cc6ea70d1b1a2ff1b53734df6204
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kIkccQvxTs2zCCoVJoTIl2jhTNE%2BXfFI0wbFLJCeAJBoJ5uvCQFhriA2kz1C%2BWGxLlIiKl9TXsimYy0fTkDeP%2FT8a7q2peX6q0dHmB322OBPPJnETV%2B3%2BWHUmiLzztdnshFHttkQJ6Kaa1hDGxnV%2FC8fqv8eP26"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d3e6702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:44 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_dbtech_vbshout_editor.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a18b65875af336b6a3bc9c868bfd3919a6257dd91db8cf59e5f70952d0c837b
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPp%2BP5aXJab7n37mdIZFiwF5NaZ0LTKRu9YRrlYTJlsrNFWaq1vMUH0VuISJEAMVOHuDaCj4k1LZLKWE%2B7Fa74FL4RFUUO0ZKoDnJU%2BYnL%2BqynBjqahbp5kKplZo4vDvKbU9QBNTlM0rs%2B2fdjtHAuKhgEf6Xktm"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d3c6702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:45 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		551 B
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=yilmazquotationcollapse.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a593ea893a9ec7b7f1f1e03b7f4e45f54cd2aa03a78b606f0c385e99da2b7c21
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMj0f1ukGtbDPso0fVi31NbpF5dTm9x9nE2oLPfRhCJXV7zg3l84JNYzTjuMI48Zjl9y4%2B0RKT3zgLQqX03ZvFnWRQDde6LibFdl%2F8XVN4mrpA2DN7P1JRIaJx7tP6ILr%2FFmwSsN3NX%2BhuMLihGrNwnBrYyYuvzz"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d3a6702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:44 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		474 B
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=yilmaz_backtotop.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f39c444205caf7a22673fe6770fc553d9fd55fdd31fad52e56b10cfad271e7c
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO%2BF7oJOoV87QeTGTggt5B3hoekLShosMGwceSAmiuL%2BxToWxWUJmD6RX0E68FPdkHy%2Bm%2FGrhZjvs%2F7m5hfj6pBDf%2F4bjrn3JNGaPhlGDlGg%2BspKxZLhEgZX3oFQaiyeYbqnL1AnY3EipGT2F6yf3tWKbQy4yoo1"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48bad5c6702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:45 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_b_post.css,css_b_post_control.css,css_b_post_attachments.css,css_b_post_notice.css,css_b_post_sm.css,css_b_comments.css,css_b_comment.css,css_b_comment_entry.css,css_b_userinfo.css,css_b_meter.css,css_b_inlinemod.css,css_b_bbcode_user.css,css_b_event.css,css_b_link_thumbnail_list.css,css_b_thumbnail_nav.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aff95aacc134b7b4789fb1b49579857af7ee7edd2f400aac99b358c21ceeb90
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRfkssfK2hMskaLABvGSgYQNW2rle75%2FWFsU8kjLuj1sZ3OpL0GRzHagZ225D7N86s6kfRmVAMNUQQmztKCw0HWfousmnpfuBjPk1ObYLQSGb9%2B0b4mYA43QxovBj5v2PkLmovcg0AdRiejk6B01kIUjSeRSuo%2FF"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48b9d436702-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 30 Jan 2025 00:16:44 GMT
css.php
forum.guiadohacker.com.br/vb5/ 		33 B
376 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_additional.css&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e672e984403d411613bb7b84ae0a1c21f4f817408574a694d2c5e3b841f737dd
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
date
Wed, 31 Jan 2024 00:16:46 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2Fmd64K6SBUV%2Fc8GQaZvcGSYeavgEQrg50lh5jUwI43JISsj8I1Hl%2BSocIBJ52D0Dq9QTlQATrqleocc6qyYo27YM9EDjeM3q5%2FOV1UvjsgHdr7fuwYQszChpfwSCvssf%2FAIE97o4PmNyVEOqw%2F2m4JV9H35vXDg"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
cache-control
max-age=31536000, private
cf-ray
84ddc48bad5b6702-AMS
alt-svc
h3=":443"; ma=86400
content-length
33
expires
Thu, 30 Jan 2025 00:16:45 GMT
fetch
forum.guiadohacker.com.br/vb5/filedata/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/filedata/fetch?filedataid=1770
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fab078dcec484cf996555c115f53f905913557897fd9c7c30bf7c1dabefd373
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="image_1770.png"
alt-svc
h3=":443"; ma=86400
content-length
36597
pragma
last-modified
Sat, 26 Dec 2020 09:02:38 GMT
server
cloudflare
etag
"1770"
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3G%2Fiu6j9dCnO%2FHBszGN88ow7O5S089tCDAiiCu2VWY8ieBPDpWAJOK%2BAE1ME6ISZUDvw5j%2FUX3kqplKLTm6X6LGbIN8aC8SVUCgnTU16M6KEuJKyj8AD9ZCmPGP9xYJW6ByfaX6O9YMHQiqiJc7CTOksBlgz0vN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000, private
accept-ranges
bytes
cf-ray
84ddc48bdd816702-AMS
expires
Thu, 30 Jan 2025 00:16:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
348a823952baba3baa648b74ba1d787bf98770679eb5da2b81c0e8439950558b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52273
x-xss-protection
0
server
cafe
etag
7518840342858178240
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 31 Jan 2024 00:16:46 GMT
default_avatar_thumb.png
forum.guiadohacker.com.br/vb5/core/images/default/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/images/default/default_avatar_thumb.png
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d4e851d6f61bb2adbc10d777db617fa0882b0414e5f8ecce5d1fccbe6d244b
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492398
alt-svc
h3=":443"; ma=86400
content-length
976
last-modified
Tue, 22 Dec 2020 21:18:49 GMT
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jD2lQi8MkGec07M5p9erXb1elBrgQAnRj4EUAHsulIDR1Uqlb620xkqS5NKxvNv%2Fh6Pg7EUmMGIywngRPejsRe1XkRBbDL7IvD%2FhLdCUVkSCPFLj8yx%2BYOAh%2FWzqw9pA3S%2F3pdQF2u2oGbE3krcc8Nd%2Bw5XYDmaU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
84ddc48bdd846702-AMS
expires
Thu, 08 Feb 2024 07:30:06 GMT
image.php
forum.guiadohacker.com.br/vb5/core/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/image.php?userid=76768&thumb=1&dateline=1302967991
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c935effb95b4bec9e6023cf5f22646020f85cb049096ba310bca47e8d4cd7ac0
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNUhoVyCTFjddU8lYtuFJJgFoS8fIh2Ca7kBSmNoHWSdy48ab3%2Fyvukjp9tq1BBKDEZs%2BfxuQwbIhjTCoOBH9%2BR%2B7Vu%2FiDGXPnzLgyjc36PR2aF84UKlB77uf%2BZrhuGJblNrTtoxyAsZGpeCK4lZVQqTmkeqyKV3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
content-transfer-encoding
binary
content-disposition
inline; filename=default_avatar_large.png
cf-ray
84ddc494d98866fd-AMS
alt-svc
h3=":443"; ma=86400
content-length
6185
expires
Thu, 30 Jan 2025 00:16:46 GMT
image.php
forum.guiadohacker.com.br/vb5/core/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/image.php?userid=350602&thumb=1&dateline=1626689179
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2acaf246acf46c7d1c38a079591b933c6c18afd3369ee9a60142a5d44bcfca8
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1626689179-350602"
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKoqF8KYWnZqsy616e%2BCgUKwHLV442qLWIEL4Hm%2Bb8DKlIUdkW0UxYTcl2IT9Wm2wRqqBvLkAFelPsOmDSEAnAmV0rdL7SEUjIVpmr%2FoVdxCgIyx9THjfS3HdrQwfbhLLiiiHGDO%2FGB2jePR02thOn4EXJ1sm8Vm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
content-disposition
inline; filename=avatar350602_0.png
cf-ray
84ddc494d98a66fd-AMS
alt-svc
h3=":443"; ma=86400
content-length
17455
expires
Thu, 30 Jan 2025 00:16:46 GMT
image.php
forum.guiadohacker.com.br/vb5/core/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/image.php?userid=432869&thumb=1&dateline=1659498551
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0025b5440e0740c714a7719b20bb47561e2c10754a82e1a031d266bd98710250
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1659498551-432869"
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AezdFK1Uz1%2F5Xj2YviUg8mZoK7QPgj3hso1%2Fxak1b%2B3s8qWP%2FoYyfHWg68tfZnHCaZUTrQwIjKUoeQCsTrfXt8%2BZEj5v9GIgaz6%2F6aIr%2BwL7y3znYn%2BJS8%2FKgO3ruB87IDCaO%2FcrU%2B0ulaAh91IziGg6I%2F%2BiiEQv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
content-disposition
inline; filename=avatar432869_0.jpg
cf-ray
84ddc494d98b66fd-AMS
alt-svc
h3=":443"; ma=86400
content-length
3768
expires
Thu, 30 Jan 2025 00:16:46 GMT
image.php
forum.guiadohacker.com.br/vb5/core/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/image.php?userid=156877&thumb=1&dateline=1392682662
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25dbbbbc9b86ac1d79e939a13a96815d125eb63934ccca67377c65ed63d5d0b7
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1392682662-156877"
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akPkWxLmjlvkjua%2BWVmomXslIsUjUbb0Epqkx19%2FypP1aFLFQKsyG7iuZ0TJJEnO8DNXZPww7rDL%2FvKNRxnbtrzodsgPCYt8nDT4M%2BZ%2F375y9ciMZ1Aeqs5zaWUO7cTsIB5TIDBK1ewSliab3COr%2Fdgg4TEeMXq7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
content-disposition
inline; filename=avatar156877_0.gif
cf-ray
84ddc494d98c66fd-AMS
alt-svc
h3=":443"; ma=86400
content-length
6492
expires
Thu, 30 Jan 2025 00:16:46 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 10:08:08 GMT
x-content-type-options
nosniff
age
137317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Jan 2025 10:08:08 GMT
footer-rollup-564.js
forum.guiadohacker.com.br/vb5/js/ 		499 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/js/footer-rollup-564.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ef6b4aebeae350a6dd1e64b6af610ea5658be444231da35d81007ab1e045e7
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
545764
cf-polished
origSize=549656
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 22 Dec 2020 21:14:32 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nwke%2Bgt2s7DWEfPjJryrdo7en1e2z%2BAhlkj4ifkAjc8rSQ0Dep%2FbbtEgRAlezdciE%2FKf1lkKVf0F0OR16vZzytndaOfOjDiZ%2FycxaDLzzdoIwHYvZ7PLasOd%2FVcZtuqXQYFJZrpHzMPr3nFMoBvf7cyNluJGKWl"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
cf-ray
84ddc48d5bee66fd-AMS
expires
Wed, 07 Feb 2024 16:40:41 GMT
login.js
forum.guiadohacker.com.br/vb5/js/ 		997 B
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/js/login.js?v=564
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d246f7de7dab5ff38699786321c9b88ad3dfefc2c2576bcd69862d6a04c6346
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247427
cf-polished
origSize=1718
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 22 Dec 2020 21:14:34 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gMyyV2hZsf9THU4taSC9hPz1DNFujOSNyj9cEMcGEW28N9K876aU7n%2F%2BlkP1L1mZUz6zeNyx2%2FzMio%2FZrsfKXcvf2oqL4OoVXhpnnI%2BaVjOeCSQS56AKC01SHUO6d0jIF53uOgBESWIAAYcUMI1p6B7jV36Cg6M"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
cf-ray
84ddc48dfc5066fd-AMS
expires
Sun, 11 Feb 2024 03:32:58 GMT
core.js
forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/js/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/js/core.js?v=564
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3218774bab3c59362743a635850945412281be791eb7fb4d55c7f82de161af1
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
247427
cf-polished
origSize=33187
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 27 Dec 2020 23:11:27 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kom4QIrduSq2nDSBqIWgUnGSupv8JlE75lxUzUqWMrHBuvIcz6HBUqQsEF3JKyWeclmbfy8OT1h%2BR3WJpce2491i%2FkYWWCOdBS8HZueOH6bHrSbWItVPzDHfU9%2FPM2yLo8NsdPbz3H%2F2hvscTBGG2uCouBQKmQBd"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
cf-ray
84ddc48e1c6666fd-AMS
expires
Sun, 11 Feb 2024 03:32:58 GMT
jquery.tmpl.min.js
forum.guiadohacker.com.br/vb5/js/jquery/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/js/jquery/jquery.tmpl.min.js?v=564
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Dec 2020 08:47:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
502024
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRXh6ulpKJVqoQ9AGMSW9CoQYFYWEUHIODwlOp8nE6I2MbubXn9EzgVMuO%2FqcEtWEicq2LYFQLvSpTHuMLs3wTq17mb0M3nv%2F8gcYHdPJHLvCwXaAgdzHyby4PvMbPd%2FSBG%2FvgQ9Ts6vsH48gx0McFs%2BwNcR18Rm"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=1209600
cf-ray
84ddc48e4c8866fd-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 08 Feb 2024 04:49:40 GMT
bckg_page.png
forum.guiadohacker.com.br/vb5/images/css/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/images/css/bckg_page.png?v=3
Requested by
Host: forum.guiadohacker.com.br
URL: https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1697954510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f9bfe7f73b83508ae0688a02b5364d478b9ebb7f92883972cc0e07130c5e4fd
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_reset.css,css_unreset.css,css_utilities.css&ts=1697954510
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
99478
alt-svc
h3=":443"; ma=86400
content-length
12237
last-modified
Tue, 22 Dec 2020 21:24:00 GMT
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzPLnxUB9qi%2FfjzNJnOXcOY3TFtOP5I8ouvCIhN1hl%2BoLTDiSVnc0NeZZw3DxQDxnMUIFlPPB8U0LTEebrzK5pYMEzxZypEYSMtke9M%2Fe5y4L%2FADcNj7kYYwJVje6Loi1LDuRSWhy1anrjdxXZpKJz%2FovoUY6mHK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
84ddc4913eb366fd-AMS
expires
Mon, 12 Feb 2024 20:38:47 GMT
default_avatar_thumb.png
forum.guiadohacker.com.br/vb5/core/images/default/ 		976 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/images/default/default_avatar_thumb.png
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2d4e851d6f61bb2adbc10d777db617fa0882b0414e5f8ecce5d1fccbe6d244b
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492399
alt-svc
h3=":443"; ma=86400
content-length
976
last-modified
Tue, 22 Dec 2020 21:18:49 GMT
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjyQRtf9%2FBFccONnqIjv5hQSJoV9InqHaixoiix4qf5aiCu2qTzinbwwcTc7CktxRJc3yX%2BoEI4zvgLdeGiMkCUGM0c8o2IAPwAsEXzxMMaQEKRqR8sh6qu%2FtbbdbO7kJkR9v%2FE584oZCrjbbeSGRJRIjb8ngthu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
84ddc494e99966fd-AMS
expires
Thu, 08 Feb 2024 07:30:06 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://forum.guiadohacker.com.br/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 31 Jan 2024 00:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7845761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
26983
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YC6a9R%2BSW0FsfgjvOffJcbUs8QyRz9Znz1yvy5PnCE%2BEWImncGFVj05%2BXN43916C3EAcuyCrbfhNxVW%2F0LksC2oQv9T7xOMwbsPuaVwc%2BkXroukxTul3o4P66nO4la0pFtxliyDc8K%2F99FB4EmGIgdgz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84ddc4951e6db8f4-AMS
expires
Mon, 20 Jan 2025 00:16:46 GMT
sprite.php
forum.guiadohacker.com.br/vb5/ 		202 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/sprite.php?styleid=41&td=ltr&sprite=sprite_icons_general.svg&ts=1697954510
Requested by
Host: forum.guiadohacker.com.br
URL: https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_12_1_custom.css,css_jquery_qtip.css,css_jquery_selectBox.css,css_jquery_autogrow.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1697954510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c69a773ccd0276f41bde86c234c8ab4e0f64e3dc8fa571244c75620fefaa3410
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options sameorigin, sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_imgareaselect-animated.css,css_jquery-ui-1_12_1_custom.css,css_jquery_qtip.css,css_jquery_selectBox.css,css_jquery_autogrow.css,css_global.css,css_fonts.css,css_b_link.css,css_b_layout.css,css_b_button.css,css_b_button_group.css,css_b_icon.css,css_b_tabbed_pane.css,css_b_form_control.css,css_b_form_input.css,css_b_form_select.css,css_b_form_textarea.css,css_b_media.css,css_b_divider.css,css_b_avatar.css,css_b_ajax_loading_indicator.css,css_responsive.css,css_b_vbscroller.css,css_b_theme_selector.css,css_b_top_background.css,css_b_module.css,css_b_comp_menu_horizontal.css,css_b_comp_menu_dropdown.css,css_b_comp_menu_vert.css,css_b_top_menu.css&ts=1697954510
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
content-security-policy
frame-ancestors 'self'
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
pragma
last-modified
Sat, 03 Mar 1973 09:46:39 GMT
server
cloudflare
x-frame-options
sameorigin, sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FDRBwEX07MQ8GDRJsxbgD1gSPERDwfMNoR9JHexsdOdH7hnM%2Fj61CwNrecyWigczPKxofU5nmsyvfK8bSxU2ReQZcTXb4w%2FjvYGBqxma8n8nTABGmNCMdKye7o%2BiinXVIMH0LSBxhoV5ykmz4dguTTGV91cWZKr"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000, private
cf-ray
84ddc494e99b66fd-AMS
expires
Thu, 30 Jan 2025 00:16:47 GMT
generic_button.png
forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/images/ 		104 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/images/generic_button.png
Requested by
Host: forum.guiadohacker.com.br
URL: https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_dbtech_vbshout_colours.css&ts=1697954510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95bd9333692538a45adb4357c4ef0f9280e7290a41275d2b80928dd02c021ee0
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forum.guiadohacker.com.br/vb5/css.php?styleid=41&td=ltr&sheet=css_dbtech_vbshout_colours.css&ts=1697954510
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
492399
alt-svc
h3=":443"; ma=86400
content-length
104
last-modified
Sun, 27 Dec 2020 23:11:23 GMT
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3yRcBtLr4rHvJN7tpsg4hVi7F1%2FteAmL7QErGqXZu5y4mfFZOeNhAGAMDG1uqBIi%2FsVZsev2Q81ZFjC%2BWTvsVkxGZQomcWt8r2HWHBV4SlDuswnqmCDxwEhBx14hTu0KoQXqZKoidxsO4L1g2HMsl6DZG%2Fn7U31"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=1209600
accept-ranges
bytes
cf-ray
84ddc494e99c66fd-AMS
expires
Thu, 08 Feb 2024 07:30:06 GMT
pop.ogg
forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/ 		681 B
0 		Media
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/pop.ogg
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
http://forum.guiadohacker.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 27 Dec 2020 23:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DHFx4QlCHOAAFWmqGF9furVVKQZcVyp2nk1ThWVd9MZ23858T1HPlc8ZLp6Erg9%2FvqGaJfvst%2BoWlC9obGF0JeNovw4%2BZVWPWc5FqP5pgixlCGeW0NSReP3TWdQZL4DoIsX1dMuo7mdhAM3V%2FwQzVFSFHamgK1gY"}],"group":"cf-nel","max_age":604800}
content-type
audio/ogg
vary
Accept-Encoding
Content-Range
bytes 0-4493/4494
cache-control
max-age=14400
cf-ray
84ddc49529cd66fd-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
4494
pop.ogg
forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/ 		4 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/pop.ogg
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ff990193ae1216f9bf60dfdf17e88c75736bc610ae49b5fdfba9fec3e888c4
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
http://forum.guiadohacker.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 27 Dec 2020 23:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6tMlggEVPb5n8kLs3hrkQG68ynorpCspH3eLQ0DuD26cLTEd7SV9U742T82fbvQRjxGzJqIJYOoB8JGoKCgsQB4SQXdN9HJqEC3PqaYjCBiFKQVvDegAHlbG1GQOV7jQh0Y9IP2NjCcxexh6XPuamA3vHwACSlC"}],"group":"cf-nel","max_age":604800}
content-type
audio/ogg
vary
Accept-Encoding
Content-Range
bytes 0-4493/4494
cache-control
max-age=14400
cf-ray
84ddc49529ce66fd-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
4494
pop.ogg
forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/ 		4 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://forum.guiadohacker.com.br/vb5/core/packages/dbtechvbshout/sounds/pop.ogg
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
http://forum.guiadohacker.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 27 Dec 2020 23:11:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
sameorigin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTQq6f3q%2Bpou%2B%2F1GYQevPCfZWBqVWbS6Yw3exyu5cWhesWKBgGyMNEuIzutIFAWryF9ve3L6lR%2Br%2FbVCD54BuN%2BMvepUh8a1a823jYTNxQ363zeTqK5a9ReKFc6pYU1iLOK3xj2KHjWngNNt0lbJkvsIdEB0xjCM"}],"group":"cf-nel","max_age":604800}
content-type
audio/ogg
vary
Accept-Encoding
Content-Range
bytes 0-4493/4494
cache-control
max-age=14400
cf-ray
84ddc49529cf66fd-AMS
alt-svc
h3=":443"; ma=86400
Content-Length
4494
loaddata
forum.guiadohacker.com.br/vb5/ajax/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://forum.guiadohacker.com.br/vb5/ajax/loaddata
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acad69e9b832ccc4a639b680e2c2215d1f79441a0bd5a22c330c51c9ca583c2
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://forum.guiadohacker.com.br/
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 31 Jan 2024 00:16:47 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
3580
Pragma
no-cache
Last-Modified
Wed, 31 Jan 2024 00:16:46 GMT
Server
cloudflare
X-Frame-Options
sameorigin
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05lSix%2Bg10%2B6hd270KSRtTWyPTAgswaT1r0nqUkpKdzeeh4HlyDA%2F5KPNoa8jrpJt72fkGLgRWZagyrEtuf066prrudJKE8F0xPqUhbQqNfveOxdADmIPdv8VryisVLt2ifZ28AaSRw3ohylOR4ZBhr9GawjEhyZ"}],"group":"cf-nel","max_age":604800}
Cache-Control
max-age=0,no-cache,no-store,post-check=0,pre-check=0
CF-RAY
84ddc4958bb07758-AMS
Expires
Sat, 1 Jan 2000 01:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8187fa276fa62061871a109a5d4186dfc5320a71d8273a9c68aebd15b8a780b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140887
x-xss-protection
0
server
cafe
etag
18440460214507024635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame 8EF6 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
50075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 10:22:12 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 10:22:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC4D 		25 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73f08e454018b9539cc8e849dfdef73ad147863708564024d0cd7deea589f49b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11152
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:47 GMT
expires
Wed, 31 Jan 2024 00:16:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CF52 		457 KB
106 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&adk=3969420673&adf=1607144832&lmt=1706660207&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1706660207308&bpp=5&bdt=1989&idt=364&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b46daf948108136003027ba4701c98f57a9e7ad3f48521075b7e15e7a18383a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
107880
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
expires
Wed, 31 Jan 2024 00:16:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgNb5Nuvj5Ej9aJr9Zx387UJkSZ3m97f7J3RB_ase6YqyR91IepHvpeK0MR5kZICtU5Be6ofr_gRnGjP3KP7jRZIuJVaP88aB3MRXwWh3WWnRNhwY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DC4D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame DC4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame DC4D 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DC4D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6491 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
expires
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 6491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecpavqdujgBHO1LpB1N6sURuSd90u86v%2Fg3Nr66oe1IwKif1OmiFoKcOhorMf3m6tXGef4fM%2FkJC6nNhDKt1aHFc091WbGvOnV3qab9TCTnArLhQ42PfbqyDUpfELvVqbzR%2FxMzNZNFOnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ddc49d4b27655d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6491
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmRcJI0Rsg8.lioodsWBQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBe7yHN6EkRJSISF1DgFYtnKIFDH2lrQOS3rbSCC3XqpRNstug3QFpGjvXapnf3AYMFTNStNFhqUBVOOzc%2BUYGiXo17uAJDIZqIDAlS7j%2BEpSSGhXBTujzaPL3MxttLS%2B%2B8V4k3axwTD1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ddc49d9b55655d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
an-x-request-uuid
d9f335da-ebfa-44bb-aaf8-f241adf87c1c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6491
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj2hbzGATAB&v=APEucNXvfAHrOs5Onci1x1Dg6KOSM8zNDa1_tioR9CWI5UmJm9E6Ifs51d9JcF6BCBGxmw2yG3ilkd2DvMYgMFWwv0OutH7Bm9E7CLGvrTxwh_bV9hxGIogasBK1nzwgSmOWfnX_eBpcSElqJlbr3ObW404PJ8XI9IgBZDJwOoRl464g5rGYCaE
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
an-x-request-uuid
65bceac3-5f8b-4327-b017-c4078e60476f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
x-proxy-origin
31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC4D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7333505727725&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC4D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7333505727725&version=m202309260101&ct=77&x=1&cor=9861624155107780000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DC4D 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKSyAAGKGrm3CFHbMvqNLzY3VPPqBwNeEip_odbP1FRApw53xD4KniFn8BmzN5pZxhpq5-34UUBPIcvDNK-_DAC3g6ju_Trj-doggJCZdqPSQzeE0Hzb7U9UkYpJMRB8CBreRdHcNNXP-EKKwuxlLpkflCppOjYXeDP3cSukHpKyY5qDY&cry=1&dbm_d=AKAmf-ClJI5emeNkYu_S-PuZD28enbqIrbixgTRI0KLvexKObX4AGZ_o-T_lNd6a6_SM55yLRdXzs443pP7CzjSvNtcJc9GSopayIrKL37V22s8EDQjwAhprh_pMcP35iQEGDYZn4FHFoYWuLZlFdHq-Q6czJV95Pbez7EC7ECeNEOGKn0F0Dws_pI6rGae5jW5TWYShS2bKwHGnZ8_Lz5VjOl7Mg79bkPSP0tWJLot5XhRK9Guyw90sOHdOhQ7RyZ3ZCAsqAthN-Iiyk5V1vB1txkURRO1pMdwZZKDcXPrddo7AbPjeInfBZVLsp7GOYaJApS8qW4n4xlUqUifARGZRz_F3gzm0F4_YFCbpv62qF2YIpebG5w369RSa5Cq8a0NaZuybkHwUeU1y6B6tv0hxBKFYPRjFBvM-IEadSuh9Rmyy7KTsAFpfvjjYiQlcaejFVoxzk1GGuqLVkqaqFIXG0ASgf1GvUTb5nbiJhuQ5t2g5XljD-a2CfvHOMWtsOu151qf4_xmYWZe77hlseZyAJMiZLHlvocZ31SqF9H3lYXdWQW7meI7eEG9zahPbgqNdoN8gpg_TaQ4vFl_NghuRzizDjVO4qEEAXDsKUuHZ3EzyAvqR5ro_IL-G9NL-c1tX2iO89rd7enVh22w-p9WPQOFvrhxJY9ITMQ8F-cnLmrI2NdbcXc4kai2j7X36GmBDYl4Z3XAIOtpawPOdNSjNh-6EoPPUWge8RemNya6RrdWDb_q8Q4FOVz4qcQOB4eDi083dsJI5bpBpyOkC8TK2LJYJi4QJZ4xjPF0w1Kjgn_q1PuQwDjtZrU_QI7NB8mWuQtqFabrV4SiCmbVUh93OaHpcF3k23hXqXDka9pGnR3z941PJVjOca34AKGqEFMKbDMt_vuz8x0Et47JzaEvIYsY1Gbrd7ip-EUTvbkxEQuaaJhWFx43YGIKPV9zgOaQEiOttp6_4OXw_9Ca6S1iAQ21M4-5UBi2s9f4kRWAt5MSkAQFhd1L_8msvfzwFXUIuCFf4TYKXQT_Re_0akw-MDaL8hEfweNrtYOSjBKQk6KfkanTXotvEXfVgP4wMT-6Edls_DRS7lYm4V_QWm_a4uOUUtvJfYC_8E4vzqsXJ_oIiax-iFKq1yqzVE8gPZmCLFCYeFzIO2ZTLEc4bck3rePwyc3eWebIvJ491wEvH-ItBv6iKiyoGa40kTTO0rNR2mM4pSBh_RvFT94YhepXQn4SNz9ZcRDOXW4ht9Ie5l69_z_nwsE6smqO0cb6orsagFw7lymOu9RTChrW30kG3k7Kxh25-QBxfXb97mvb-nyJI-4TAywqooFoYdq8bE_Nek2DyDGJJP7RLR0G_UdxxgdiJFj0D0HJwjypTbNKQo7HE1nt0aGR2bKfQyDQ4DzIrURw55R8ddb0a806Tz8v0Ae7z-f8WdxgXLaXvxbVr9Xa2wRwT4MPYOsZ1H-GVMFePxt1SOoVnwNvNnMC0EKymN_Mr8DRDNz_LJ5lplEwmHkkY8tEEIerFfhcazGukPK0TbQL244edrukuC1ZIEJONunsAWp6m9ksyHTzfzkFZonPQgE3o11g3_IGhgl2J2Sa_Kf789r2743LxRZtow_2abdhX___fSVNInuDeBOwKZMWWiff4vRP-HPEATgNXbdW13Mmlnxyc4fc72Sw1-plme43DozE-uOOSt8c81Yn0iQqQ83wU4MusfVylefVCt2TcM5LqklWLYWc9Vubg0Fzd_1r0FwVoltwtxGyxCgbEK2H71xEpTokyFneX5cqSu3FjLRx--wwLf1J60BmWGLgic2YMC4EAhEULa9jtuaxoETZFYBiBDLxF5mKViDAvuCmd1ZOOz-h7nv6zBIC5Nxwc0_FqkrJL_ChBSde91irUXR0uHrXrdBDHTRf8uRdUJ6ar9syyqGhD_2ELpFnCv7F7Y8WObh-Ru4BSuk5SO57WVlfZT7ictU7zBG72ujWIqMjsenxu06hE11i6Dk8TsQuMjwyRGDmF90x8L4e4o7Ca9kv4qvplSm3HVrowdY8Oo1CsfBWl2AIGvTrJa1nVgUUMn7i2AE-rpDG55eqy0m_RHriYsynYqRZwOL6CIg86t8yQNQhgTGrwziSXCe5UhA42oxqManZHd46cp9caZhd4nLpJ-rm-DjNXnwQApQT7h3z46-lyV3bQZju9E8mGXvuEC5x6vyYz-hgZnvS7b_oxH6JyWBj8fZv-vkwf1yEggW0SMar4DUhiug4orDqUBWEVKXAl3yd9UxRITgxpHQjQxPWh935ajKzV1vCH8aBJuL9FJbPIAj1gYbuIKW3gx_61rORYKakiYHV4lrNQOvI7WkDj29omS8cGHgRqQGnFCIrHBXs3vFz5tlnLGy4teimscu_7Ts2rCc1q93HObTAv9zNwlHdDwk5bFK8PZGcR3f75uCvb3nDr4OINYwkKfOvjnfJwwQ2E-xIA6u5ncEiN6sigzZ-koTfe4goCOWQCmRe6Aj5vKwlowzwREQODT2oC7BAkZNKZ-ZC2v1Xi5NNQAVRPF1Q-Y2s3b8HiTViv5Rx0x3YJE_1BsYj6tz9ZZEMKhou1zpmUsaqmQm9C8AB4axG5wHk9Bkv2b0kRbzhj_1PnJDkqiFPqqScrUNuRkE2TTw71HWApi6K8lVR43Hj7CctFiJbE0cGy1f2K6aMNpe58h3gOpNCYLnxlJKxP-G49hd-khnEXMEosI7hiOeiP3mcalZIi_jmpW4p32MEPEboOBhBExBkW82dRgcwoFxUTp4yVbVwM1einC_sOESyxeEo0SSIgnzq5UEqbUQgSQ6XjNjaTh9ONWf09UCeQf0ry9sHxRW9RiyFfJ4n7ooEgUPvW_GUPVuZfacO795VTZLREZs3mUFw01RjYtdPQQ1fid5L9_V9urwODmEylAIXbR1VnnrjaIpstby7OXAyQ8fo3WUPs14s_E5UOgQj7rUnRxQzGVNxKDm9tJtRMjQ1Jqe0KXIKeChg7GRNFkrtt0EIRCR4TpP3jBIOANSycj89C9QPo-TNTFJMm4XDGQeMfZEkE9cI18CGOtmmdVT0m-C_K3Xt1Sjb2K2IXAAXnI6gISK1thor3FXznppNMoO5yqw_E3HpfY4Tt9ds9ah65XO2sMxjvXM1tXicV2q8NbWXsrcZYHvdMuU2ve5YWezu8x_jmTu10nEzDVPXIgHwPZc5Mi0pB0nAt6kMfFz34Xj482QrhQxqKHXc6EQ_BEkpTI0QzpMv7NGKWfGf5qBs7Vipiytpv-OI6Ui-ThVygqFlz-HmdKPNMPabvGNLJbCFzJrAr9ipBpiqTa_3eXRoC0Zf90SheuwqMajHHMW_pZooYEyZsqrGh26xu7ymHQbpMxI2edugNwrcu_ux06_itmKPfjSkc2a0r81_KBDh-3xr1v7VrrWJlt-Ro8QvzZ9s4jPYDTKrtcFQrbbSjxIzx9IoNywsQjF5GRNESz3UgdPKHVgEs3U_C3-BoPC09kGRBXlH6X73vrbYA40sBTAwKP7GY3PKczTsY6W5Jx43hGeEQVgnj3DjFXtcri8K7U8rHFhSMSWzvl_-jZO4c-kKyR2fKVs4FapgFIpy7sYshpVrDdp_MartOgeMscn5r1p2fW03ZyvnYPfYpXqkmcpAc6Js5Oqu8pgK4zs_gVnA3ovnsuwSmyblNoXtmU1dxiMcqgZASgYhWp79PmQeqZ9gnepTOZk7qDVEd3v1hVPDlYmVq9j2jH_BSpU9tWUUN5MJ07C9iDs4LvLU3xIq3vljr4SB1om64jtxdpoq6dIhu9XPvJKCZM1p7RQ&cid=CAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=9861624155107780000&adk=356101034&idt=145&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8bf621b2a3fd16e6f679fb8855c4b010f2b5c37a2e8c2482693729af56b8f50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13627
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf320f16a620d7ac23b5c38480f932bc3eab00a5b7def135c353faf280420734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57007
x-xss-protection
0
server
cafe
etag
14669809553891721333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0811 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6317b5bf214c6755011b9e2a641b231627ba24c41084fb2d00e9da9415a9ceba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 70AB 		32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
537afbe0d93778cfbf5e707d362a3a4878b0d6477fcb23094e092785228fcffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13708
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AC63 		31 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f376ef037e9cb668feabdfb141d0d4b79f5c9c999affe1ac0060340ff474b80e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
13520
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DC4D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AKSyAAGKGrm3CFHbMvqNLzY3VPPqBwNeEip_odbP1FRApw53xD4KniFn8BmzN5pZxhpq5-34UUBPIcvDNK-_DAC3g6ju_Trj-doggJCZdqPSQzeE0Hzb7U9UkYpJMRB8CBreRdHcNNXP-EKKwuxlLpkflCppOjYXeDP3cSukHpKyY5qDY&cry=1&dbm_d=AKAmf-ClJI5emeNkYu_S-PuZD28enbqIrbixgTRI0KLvexKObX4AGZ_o-T_lNd6a6_SM55yLRdXzs443pP7CzjSvNtcJc9GSopayIrKL37V22s8EDQjwAhprh_pMcP35iQEGDYZn4FHFoYWuLZlFdHq-Q6czJV95Pbez7EC7ECeNEOGKn0F0Dws_pI6rGae5jW5TWYShS2bKwHGnZ8_Lz5VjOl7Mg79bkPSP0tWJLot5XhRK9Guyw90sOHdOhQ7RyZ3ZCAsqAthN-Iiyk5V1vB1txkURRO1pMdwZZKDcXPrddo7AbPjeInfBZVLsp7GOYaJApS8qW4n4xlUqUifARGZRz_F3gzm0F4_YFCbpv62qF2YIpebG5w369RSa5Cq8a0NaZuybkHwUeU1y6B6tv0hxBKFYPRjFBvM-IEadSuh9Rmyy7KTsAFpfvjjYiQlcaejFVoxzk1GGuqLVkqaqFIXG0ASgf1GvUTb5nbiJhuQ5t2g5XljD-a2CfvHOMWtsOu151qf4_xmYWZe77hlseZyAJMiZLHlvocZ31SqF9H3lYXdWQW7meI7eEG9zahPbgqNdoN8gpg_TaQ4vFl_NghuRzizDjVO4qEEAXDsKUuHZ3EzyAvqR5ro_IL-G9NL-c1tX2iO89rd7enVh22w-p9WPQOFvrhxJY9ITMQ8F-cnLmrI2NdbcXc4kai2j7X36GmBDYl4Z3XAIOtpawPOdNSjNh-6EoPPUWge8RemNya6RrdWDb_q8Q4FOVz4qcQOB4eDi083dsJI5bpBpyOkC8TK2LJYJi4QJZ4xjPF0w1Kjgn_q1PuQwDjtZrU_QI7NB8mWuQtqFabrV4SiCmbVUh93OaHpcF3k23hXqXDka9pGnR3z941PJVjOca34AKGqEFMKbDMt_vuz8x0Et47JzaEvIYsY1Gbrd7ip-EUTvbkxEQuaaJhWFx43YGIKPV9zgOaQEiOttp6_4OXw_9Ca6S1iAQ21M4-5UBi2s9f4kRWAt5MSkAQFhd1L_8msvfzwFXUIuCFf4TYKXQT_Re_0akw-MDaL8hEfweNrtYOSjBKQk6KfkanTXotvEXfVgP4wMT-6Edls_DRS7lYm4V_QWm_a4uOUUtvJfYC_8E4vzqsXJ_oIiax-iFKq1yqzVE8gPZmCLFCYeFzIO2ZTLEc4bck3rePwyc3eWebIvJ491wEvH-ItBv6iKiyoGa40kTTO0rNR2mM4pSBh_RvFT94YhepXQn4SNz9ZcRDOXW4ht9Ie5l69_z_nwsE6smqO0cb6orsagFw7lymOu9RTChrW30kG3k7Kxh25-QBxfXb97mvb-nyJI-4TAywqooFoYdq8bE_Nek2DyDGJJP7RLR0G_UdxxgdiJFj0D0HJwjypTbNKQo7HE1nt0aGR2bKfQyDQ4DzIrURw55R8ddb0a806Tz8v0Ae7z-f8WdxgXLaXvxbVr9Xa2wRwT4MPYOsZ1H-GVMFePxt1SOoVnwNvNnMC0EKymN_Mr8DRDNz_LJ5lplEwmHkkY8tEEIerFfhcazGukPK0TbQL244edrukuC1ZIEJONunsAWp6m9ksyHTzfzkFZonPQgE3o11g3_IGhgl2J2Sa_Kf789r2743LxRZtow_2abdhX___fSVNInuDeBOwKZMWWiff4vRP-HPEATgNXbdW13Mmlnxyc4fc72Sw1-plme43DozE-uOOSt8c81Yn0iQqQ83wU4MusfVylefVCt2TcM5LqklWLYWc9Vubg0Fzd_1r0FwVoltwtxGyxCgbEK2H71xEpTokyFneX5cqSu3FjLRx--wwLf1J60BmWGLgic2YMC4EAhEULa9jtuaxoETZFYBiBDLxF5mKViDAvuCmd1ZOOz-h7nv6zBIC5Nxwc0_FqkrJL_ChBSde91irUXR0uHrXrdBDHTRf8uRdUJ6ar9syyqGhD_2ELpFnCv7F7Y8WObh-Ru4BSuk5SO57WVlfZT7ictU7zBG72ujWIqMjsenxu06hE11i6Dk8TsQuMjwyRGDmF90x8L4e4o7Ca9kv4qvplSm3HVrowdY8Oo1CsfBWl2AIGvTrJa1nVgUUMn7i2AE-rpDG55eqy0m_RHriYsynYqRZwOL6CIg86t8yQNQhgTGrwziSXCe5UhA42oxqManZHd46cp9caZhd4nLpJ-rm-DjNXnwQApQT7h3z46-lyV3bQZju9E8mGXvuEC5x6vyYz-hgZnvS7b_oxH6JyWBj8fZv-vkwf1yEggW0SMar4DUhiug4orDqUBWEVKXAl3yd9UxRITgxpHQjQxPWh935ajKzV1vCH8aBJuL9FJbPIAj1gYbuIKW3gx_61rORYKakiYHV4lrNQOvI7WkDj29omS8cGHgRqQGnFCIrHBXs3vFz5tlnLGy4teimscu_7Ts2rCc1q93HObTAv9zNwlHdDwk5bFK8PZGcR3f75uCvb3nDr4OINYwkKfOvjnfJwwQ2E-xIA6u5ncEiN6sigzZ-koTfe4goCOWQCmRe6Aj5vKwlowzwREQODT2oC7BAkZNKZ-ZC2v1Xi5NNQAVRPF1Q-Y2s3b8HiTViv5Rx0x3YJE_1BsYj6tz9ZZEMKhou1zpmUsaqmQm9C8AB4axG5wHk9Bkv2b0kRbzhj_1PnJDkqiFPqqScrUNuRkE2TTw71HWApi6K8lVR43Hj7CctFiJbE0cGy1f2K6aMNpe58h3gOpNCYLnxlJKxP-G49hd-khnEXMEosI7hiOeiP3mcalZIi_jmpW4p32MEPEboOBhBExBkW82dRgcwoFxUTp4yVbVwM1einC_sOESyxeEo0SSIgnzq5UEqbUQgSQ6XjNjaTh9ONWf09UCeQf0ry9sHxRW9RiyFfJ4n7ooEgUPvW_GUPVuZfacO795VTZLREZs3mUFw01RjYtdPQQ1fid5L9_V9urwODmEylAIXbR1VnnrjaIpstby7OXAyQ8fo3WUPs14s_E5UOgQj7rUnRxQzGVNxKDm9tJtRMjQ1Jqe0KXIKeChg7GRNFkrtt0EIRCR4TpP3jBIOANSycj89C9QPo-TNTFJMm4XDGQeMfZEkE9cI18CGOtmmdVT0m-C_K3Xt1Sjb2K2IXAAXnI6gISK1thor3FXznppNMoO5yqw_E3HpfY4Tt9ds9ah65XO2sMxjvXM1tXicV2q8NbWXsrcZYHvdMuU2ve5YWezu8x_jmTu10nEzDVPXIgHwPZc5Mi0pB0nAt6kMfFz34Xj482QrhQxqKHXc6EQ_BEkpTI0QzpMv7NGKWfGf5qBs7Vipiytpv-OI6Ui-ThVygqFlz-HmdKPNMPabvGNLJbCFzJrAr9ipBpiqTa_3eXRoC0Zf90SheuwqMajHHMW_pZooYEyZsqrGh26xu7ymHQbpMxI2edugNwrcu_ux06_itmKPfjSkc2a0r81_KBDh-3xr1v7VrrWJlt-Ro8QvzZ9s4jPYDTKrtcFQrbbSjxIzx9IoNywsQjF5GRNESz3UgdPKHVgEs3U_C3-BoPC09kGRBXlH6X73vrbYA40sBTAwKP7GY3PKczTsY6W5Jx43hGeEQVgnj3DjFXtcri8K7U8rHFhSMSWzvl_-jZO4c-kKyR2fKVs4FapgFIpy7sYshpVrDdp_MartOgeMscn5r1p2fW03ZyvnYPfYpXqkmcpAc6Js5Oqu8pgK4zs_gVnA3ovnsuwSmyblNoXtmU1dxiMcqgZASgYhWp79PmQeqZ9gnepTOZk7qDVEd3v1hVPDlYmVq9j2jH_BSpU9tWUUN5MJ07C9iDs4LvLU3xIq3vljr4SB1om64jtxdpoq6dIhu9XPvJKCZM1p7RQ&cid=CAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=9861624155107780000&adk=356101034&idt=145&cac=0&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODE4MjgyMgogIHNlcnZlcl9pcDogMTM1MzgzOTQ5CiAgcHJvY2Vzc19pZDogMzE5MzcwNDkxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame DC4D 		0
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODE4MjgyMgogIHNlcnZlcl9pcDogMTM1MzgzOTQ5CiAgcHJvY2Vzc19pZDogMzE5MzcwNDkxCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDU0MjEyMjI0NjQ3MjAyNzc4MDgKZGVidWdfa2V5OiAyMjYwMTM1NTY5MjcyMTk2OTc1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0zMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc4OTMyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTk4OTQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x48f593c0f7c0c5980000000000000000"},"debug_key":"2260135569272196975","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5421222464720277808"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8e4hjwsd4phy
hal9000.redintelligence.net/zone/ Frame DC4D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/8e4hjwsd4phy?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ecce247276e4701eef9126436277333a1a2f993e8c289f482dd13a17d9aaf6d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4158
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ajax
forum.guiadohacker.com.br/vb5/ajax/api/vbshout_shoutbox/ 		0
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame 551B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
28816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:16:32 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 16:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame 3E78 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
28816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:16:32 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 16:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame 88D7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
28816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:16:32 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 16:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame D488 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
28816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 16:16:32 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 16:16:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5E32 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 551B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:51:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:48 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 551B 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:37 GMT
x-content-type-options
nosniff
age
18731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 19:04:37 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 551B 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:52:46 GMT
x-content-type-options
nosniff
age
19442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 18:52:46 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 551B 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
49555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
14359709190881042667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 10:30:53 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 551B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:23:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
35610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 14:23:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C888 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
expires
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 578D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 578D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 578D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 578D 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 578D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6bPgjzCafq6HM41zTFsgTye1k_fF5EA8Q4yF7ApTwFTRf9L-MRZywVp14tPxbqtgL5L261JU_FnaRQ4nsT-edAQWyQ3WjriqBouza6YXdKnu6tcA
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 505F 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
expires
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame ED95 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame ED95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame ED95 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ED95 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED95 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B71hAE1i4V-l7OPSJp4a5mbqMXwacoLzhsnJ6ZRm555rDqr3vpPAqWaJPmit0GQKxRNrlHvTPFs6VL_eoruCv8p2S9LJGUOlwyRC3Qt91i3kqWmpc
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
73134fbfa16854d24caf7cd541ab86d9.js
www.gstatic.com/mysidia/ Frame D488 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4097
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 19:16:56 GMT
0a9824a76925f541c4e429981e9065a7.js
www.gstatic.com/mysidia/ Frame D488 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0a9824a76925f541c4e429981e9065a7.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:55:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4782
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 18:55:49 GMT
css
fonts.googleapis.com/ Frame D488 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:52:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D488 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 18:51:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame D488 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:14:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
18144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:14:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D488 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame D488 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D488 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame D488 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 18:57:20 GMT
request.php
hal900026.redintelligence.net/ Frame DC4D
Redirect Chain
  • https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D&documentReferer=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ancestorOrigins=http%3A%2F%2Fforum.guiadohacker.com.br&random=212680113987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
HTTP/1.1
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
78647f85f3d99e64eaa005de1bc2708502c564d6c610c07970abdd34d4af6840

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
30629900004884704444450012586026
Connection
close
Content-Length
1056
Expires
Wed, 31 Jan 2024 00:16:48 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D&documentReferer=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ancestorOrigins=http%3A%2F%2Fforum.guiadohacker.com.br&random=212680113987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 31 Jan 2024 00:16:48 +0100
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5E32 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
rum
dsum-sec.casalemedia.com/ Frame C888
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZZcvcaHuokc2qhAg%2Fwh8yqravvKhW23w5p2L3alAzST7XXicXNqe5EMmFcrILrdk0%2F%2Br0GE9n4bvTuWgaCP%2F61xP7s7SX72Av4Fx46TfLuigmw2g6XcThizlUHX9uiv%2FvA1D%2BPUUESccw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ddc49f0c83655d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C888
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbmRcJI0Rsg8.lioodsWBQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la9cSAQda8K2yuGkv35UDFz6RI8Dzp%2BRG2foNYvAhVVLpVUyyf15BNcLiBdYpUd6lSiLEVcEiNId45VTk%2FRJ1VnMHodcWeHlnVZnts2uNkYVbCR3PtBI1WGJQ9IWNHAjYHs%2FIm9SGGlE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
84ddc49f5caf655d-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB90dQI4aqVitaJekckeCn8&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C888
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
an-x-request-uuid
7ae68bcc-d9e8-4489-9d45-5581059e72f5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECkAtatMAHWWO0e3WTJzi94&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C888
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWFe4ulmwHoqiI76Gn09xWBynB_A9ABD4Yxl3i9wmuAt5HNe9nLdOrRwWwA1B-84LJYbZWes50OUS09835nahTbkD7Of1ECSrfcgm2p1bVbu5xpVYVkwSt3t38rE73hZHOQNmdKfaUvMqSUgg4cSvPF_Rlyhf28g4ZmaVdT8eQqe0_sh30
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
an-x-request-uuid
05234a90-7e7c-4f6a-b6ff-fef7ab33615d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxMTUzNTg4NTE4NDA5MTc3Mw%3D%3D
x-proxy-origin
31.204.153.193; 31.204.153.193; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 0438 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:50:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 0438 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
19548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 18:51:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame 0438 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:14:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
18144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:14:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 0438 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 0438 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0438 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 0438 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 Apr 2024 18:57:20 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1946975254834226284/ Frame D488 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1946975254834226284/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4ce59d4673867de22aed6871b9ba29dcd5f7295f31859394b330afb48c4a132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 08:16:16 GMT
date
Tue, 30 Jan 2024 08:16:16 GMT
x-content-type-options
nosniff
age
57632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1360
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 13:49:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame A41B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
2757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 23:30:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 578D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7076820916783&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 578D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7076820916783&version=m202309260101&ct=77&x=1&cor=18058479983389321000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 578D 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgDUES9JixcoXP7lQ4a5Sv-FK2cjmj6mREP8aTNqqtSuJ5gIB6nf6guru1lhIFSTegYHbYC93E7OCKDchgu0qh6805vGhSL5p_I5qcAnEQ79jvdar1Xn0mt6PWMDr17xBojGNTj7HvXupdoG8fMI0bB1q7Sw7XTzr7xGlVPpZGrko5lYs&cry=1&dbm_d=AKAmf-DF5qmleR5mekcaIpKTyOR7gzs4-naPHRSNCd1GNdtMETqrpBRiD3w1FYEQ2jM9x5bQAm80zXVAjkX467-ikG2DLejERJydCiXWND8x5w5f0-JKWFOYNkSp1TPcj1yl6jPJ_ysn9HrnnGCsXknoDA5NOnVSStxS2iOIIylMde1b-QKuMD52Qtu1ASVCdHyXONwkQ6q8NaxLn9_ukuXnbkF00SAsmIXg2zTwyyGEPC5NcPIHgCZUf_DYgpiqiQGnkfjrXbp9wmpDzjPHEzqRXDIb42b-3ZqpVVchp04noFoPrLKRW3Q6sUmTESbkEWx_9WdeCHtluE6zE5QMbNktNaYA5Zmz1Y4VdLCYvk_vtBawKi9rKKuNeWhv8c25T1SbSQGzWI-c5-ANZBrXbY_Uk60kLQw8EQ8ns50ijMLAJI9LfYKiVIV7-WhfuXcFHGHX5W4Ycw_olEXnL24GuF_DPWKuxTuGhfe0ULT9asVmeJxo1ha9OAsLOWUSkyn6bIQCza0rznKTGgPE9JrQVo3iyMdym4yiEHT4T8NfYRQp8hYJ_URsUNBwAxI32VtomFgDIPMXZfrS6FXXmrM7PHCzPRTyRc-ipiTGLwrs9wrQBOBDa0HmnxGMiAnYADP4mUYSwpiRDhzIIusd2yhMuX9XMvDmJlPGEH9owV5l9xlBNPaFG_YhGFLQjut8nV2d8lcK1RrzSmTu8vVdlGxofI10CeSC8vxSR51HlzcLJmi_8R8r4blpOVYY977qKqfTvBRkHm1pNoAJE2yCm8dLtjh0OUOEoS3H1GPvVgEjJYtL7G7uje0EdubRZPx_7NAvALDqVlJQNej0lGc_DBWw9-i6Waw1MQv5ErV_2C4bS-xJdgdee68wcgwKV9K2L_8_94ZDgBLXkZ-eRVj1oYyGcVRVxbdzEhIWHBCIeArA76jI0kFqABomr9S8xJP6E2mExZWzMq7YAQzNNdzcPSblqzKyY4a9sVliI2XjsQTgFrNzMIFpnwoUCmwYq7AHRSBNIq-GOxX4APn9jaPw69HyvteEOZjCIjOQ9j6HChB4o30PGSPaAJZmbH8Q90FsEjfd3xDP-msnLgFys2HMZF6mv20FN0EGlPoMVZLxYC1qHDsGXarpOVWi3jMbO9fHkTFxB2rfyBizVOgPnLSi0wN-JpMXgC6qrVZcjdi92yDuN2GUIx1ZUm-QPInUuP505BRW3cBAWu7bOPEqpGFMaosZisCWtzdSN8869PKAnLIqDZhZ_IIMHhmy7jGSfbwuTWLHn3F0y8tULFrFTJaP5EfexUsAKamBdNYv5zQT8lIwAmusIwRdGFNmYOyLw9vouR3l2KOgP3KTQE3VpTxVWlQa7wh8IOlIo6DYI3bpB8xizlMfo3AtQ9t8v940wv0xwkyIUqwLDoVcixJCZFPAUMedI3NKnm75h-coeupGO18gNjfYoLdIuRelbaskDkMZGPxwdyQbs9r-Gm_W1AZNDH3l8DiBI5mtNU-VM6jpwjhYkxLMMere9HnMRGxCsyeEgRYwC10DcKkbwdrFRl_3ZioR9OoTa0DisDLblqFPHCLuEC1qmzthF-qvnkqxsIgAJJT--WgYC3CAhDxgvBjqHteoM9gVVrPRAGrsuzUaqSnGkCtby5XrsT0Y2--M-kUKfSrM4oiR8JgAB3rNBqcoWOFc2TVyWtE_WgKi8lUkDxMLgEZoFimNWZKlV8CzqkJm7XhZrbPf1NdVBiTR_q4fDOlXYlqQbizmruEukX9zH6llmdRpvuEH1vHU9WzR9BGSoQIabGyPYDycnV6jW1uFxeEqEne2rcrPo4L7ljY6UtCes2ilj419NdoVc3n9_fA1jTpahp_Oy-mdRjUFWriSuluRtMnQo3HYgCjkaP9gjNBxGLYSm0zL2Wl5_vCicyTmcgapFHwNaSwcab6cAoq8K3VidIo7sooPrFolD-1K9s_cxFiCMTISPOqR3PIrmsxOdWgdiiaqo5Os2P_OUNevHrsKCibi1cO1vv3pwGFg0znrSD5Abue2L35B5GH0WBwHqDjBRpiaPCDk1nvuKYe2K2_FfCxLthkr3h0AZzaB5AjHRvFg-vd1brk02pQOVXKKe-9FGlI8ZWyTi-oswngyGArXlC5uOISpNlTRA-KHvpi-do9u0z7lMHudiTG2etfgwN829rGNSeUR8uvdZCEIqVVJNd3t3tlY5Ubo7IaK7nYSmDkKH6VUPo7WSjFMkt1velMLhwu_IkvUiaDZPSPjyB0RM1SI7DXycwc6NmCiLeHs1sJ1c9u_ify4uavjelQ73hRBPuitxAUgOhMccQk8SZS2-UOk14EDwq5C9bxpktcf6-KyZEu3NHr0xxstsqkSAkP86JFWiAjUuc-ovsCTQ48zj38E3iyQXx8Dgrs-XBfAmxAeu-kE9A4e0SYWfxaF4DXaMqUQ76YCbIVH-BUcAwx1KiFfbWnBtwLxi77Eh0EUxpSFiCtVwplmAWhDQw1q79hmmCOMks_tVaSAcJCxqJIHo-rp8dUkd_DL38JsNhasr3DESqjb58YnNvU7wyeEFJebbUF4TmVAv7qFjqcE2EGnc7o-L9U3BDJqpAQB9EtwRP4wAzAm5P6b1-Xmkrup8pyDh6eQtPKm8LphQ1v3iC-Cwmu24oKAzDBvWeu6oT6cJc4OQIB7gXx3hQsVd7XIfjnDordB_O7XjyCRlLGRfCTpOtDXOZb88r14gji5qiA4-brX8FbL1rRpHQkXOufdbZ9qa7dJgRw-xkjOQsv5rSt4rSE5Mh0-_t_P5unV_675LPavuuPyeyATrTQPOMiczg5HCjhysT0txHT4i_lvwy-iUeLX_qBfTPlwoqP6U7Q_DOo57PfAf4wjSyI9EBFk4h2b3UtExFBUNjedGahUxKGBzOpYJPZLiM6qYuxwlA88b9uixuJcV1IiplWqxBBzBO2Z3epjPR1iz8_rsj51RtNo45tXjkWhGZoJGYpLlhy8PyDVA5NpQutKDw-OwKcnDzEt0E73sEW7eyE3059tsGjfbn8ePw5Ov3jXm4o0z4M3Dwng4rwReZZxYEWfcLlfTzPvDuOnPiNZRuQ2uzw2qFpyyjlJ-Ctugep-oPGjGyGpfgpwmUFdsYj64YIxMYvoI3pmHjHxqQMe2PwMU9UX4L5hbYRCyhxvAqL4jUYJZU4-FLj9_GMaSn1TlSebI0Pgevx34tkfkI9TY52XGN7nrlo1xb_a5zie6xCPfudkvXl-jmJ_wnW54JTJ1S0cp1VHTe4gNeE8cZ6IrxzIy5D3dPiQc7jPY9widt1k8hIvRNatgJe91f8O9SYsgQTsUcUo-uXCThQmYXD72hMzKIBncNl-jnbqUJdw9Ia5QxefQwKoh3xukiD7UXnwHfT-7bJXZxeO4qurszH6UvdYTVWPCLB5rWkvcMlGRpmrTnAzPg64YHld1Zvkg-Vro8Pql4KCLcPvjVZe1abIvdxqB9I_zl2NYIMqj0n1WJ6ZiTk7iuDXpp1t0q-RBH5g85hFz3q67VUKh6qLM3voP6130ydnXiYbNEyKVl5Sja4gHMJKPlr_LtLNQUUPP72tJlv4HF2iIa14VPZwirfMpg1v14vkUaYFjsFAcrJJAmxjnvuzCfrDc1Pz6ZtrVjNUCPGy4UHxlmitfd-9vb3oeCZpPPUg_NJDe4IxshUoCjME7vJTclRL81RQwnPdL6k0HsNmAzg-zEopzRPDG-k_qV98NEQ28HFLxPAgaR4PRkB64Rqne15j9in_ni79xEqrWI2EY2kQkIolCu7uvqZTh7QpkaAFANLUsln57ZZGDEnYkQ&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=18058479983389321000&adk=1877897942&idt=91&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ada3d698f1571251ecb4d241596259d4371bd8987f61e190c06ea96c23682425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13584
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 505F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 505F 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 505F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 505F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNXA7EiPGcXchI9HGu2i6HYuxtT6javn7U5TpZH5u6wXihvk-zJDuxAsDaD0NXD6mkcK9abDnKGSI-CPbtyhbZyDZLzhnnavkVw_74WjqpU2iOO1czOgTBRGg6kLQ5ZL2oj0SRQZkiTUlXOcv8FfL7ETRNEBXrA_X52Brj5zEDAHEq8Yn7E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
truncated
/ Frame D488 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b15849b6dc680485e71f0a6f6ec6b4f3f969cf3ac6b368a70db2883f3ac72bc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7ED4 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 968F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 968F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 968F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
l
www.google.com/ads/measurement/ Frame 968F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaZ54NCZhUzaAPtJdELtW2up-V925xq-YdXS7ipCDIRqlNz_6EOHIGASpDmu2SuiX4eyRsRA3q6dGiHcw0YDBQ1Myjvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 968F 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 968F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoyaDlTl3mNKgq3dGie6mUyc5YqHCkAmY2R9YSP-wbFGpYx4RjZKDXbbRWI27bQeYuB3jq13eoEocIasCuHnXuTTMahW2U437HBD0qLJg3Lk1io8U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A41B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
expires
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame CFE1 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3CD9 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 3CD9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 3CD9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
l
www.google.com/ads/measurement/ Frame 3CD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWR-vvpgMXmkaVeLRw2m_hpL9BT6PPdC7aYRugXkCMkHRV2LVyD4gB6aLUWwL8RYzeJ7eb_ZDj9Vc98gbQD0kGhaotow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3CD9 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBGPvRb3HcxlyvP0paRVlJtilCf4NgmAjw6htZJzGX629o0X16LaYYbUOi2P3tZwJVWBCsCMAdt1BZq-EK2poSTtpB79a1s5fEkoAK6iToacz_Uzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6920261234150&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6920261234150&version=m202309260101&ct=77&x=1&cor=4396192399568019500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame ED95 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnluhnMF2BlTn3g46qG82bf1CnxJMOs3xZE7_KrySwCAenRRwDlS9qsCopOKFmzJ8QnQywMwEBtHngyj_nqgPkgg74-GuPWL3k63nFz1MSREFZrJLlfGAF_t7r98EtKbm1-PniTzbvCDRVfBAk046gRqxQxtj5hC42HpxmxmHwrbISFIE&cry=1&dbm_d=AKAmf-B5XavpN6OJ-f1d1uE-1Nv9WuNU2v_4Lo3dD8Lwc3s0Ov-Rk7CkEBxN--W1HbbupSTmII3f-tFAeTRUfPZ4WdRLYMIbKsrz3SHQBHWFIMQ1xRSq44TUHqh8zjrRIQ2BL66Xdy19pMS7C7wqsEmA2d6AoLVc9pE1FS5N-a0xw8iVnJ-ym0wCQFZ_GpNtF0wGoR8tJCDgUQIda00PPAsH96-P_eyA473FSbhhWba36THzQs7A4TkE1weh2kT2cigAYWc8IeW8S4FZqyJZMEF3VHB8mDJayIS5ZGy03pxiIf2sya7L5VT_yEEsXJjo6tECoPENz-qj-yWRWDsCm5Jhzy1eHSoooI8T8Qzxdq5lRN1C95fXdoIkMcCBmuD-zHtaJEDPfK2FYu05p2upGorCedntG-rke5z3JmSM5wy4A9pHGyt23LPNe27gJwJYx2NFLKiTY5WS14ivlKGmLlMs2j5yL6aCRqo38WRhizrPJ1dqKBCxfobpISCAQHvx5NR4LMgyAsjFmzoqxEvIFesA3B97y-qN8pbgwxP74jq3AfKikcI1IbJ7Osl-RlAylwa3jGO-qX4AbC7viwvsk3Idpd9tw5gOVrUevIH3qdLXKLvyoGPIqj5grawjOFmoO5Eo1h-JUwxI5kM6DqAWoAerJtKo4Ygo7XN5aa_2m9ji9h50OY4YKFc9XXPZyCnwBe0SJX1KDPiO0yriWqKwn6kLGjhkmRJyf-Q1Ek8hCIO4c92niADFKFQ4q75RYUhbiV8D6aKKP89E2YrrEqy4KJJG7vruImKBJK7WUpDFGhYo65clySE7Ia4ATpj2B0cMMiq81GGp5EQTgjKgIP9aF2nnvo42NZaaWU4nETPMeE4YebyTzyPMXMu7JLIInmLH30NYDtijLSnqHMytWqWLNAJOOeVMmxBQsivgykeVfFEM0dk6sTaPX2bZ6Yypu9601IA40F6sbc7-f0GkajQrjfwezzKD3Jz90sf9yfTWhYP7EvQI-SSYqwkgnlSYPLsF3qBDWEZEr8OJSJgYpdre6WIOronm6dARHS66yHisCo67FEREc1whQ9Q2FUJfGJAprCAKW8oR_fpTZcGgn7xZvl3km7LxjxUFRYsl-maGaR-o49NnVvbTthPEInsJDde8u0tdYTPBtJNhP3IlU0g7aWtM0maQsuvc6SCYnFien8oi4wnV0kyyad6mFcpgYXvJlDwxfsGtlyXGJ70lGk5cDOFT0luKf4dHSUQmpFwYg1E9sxjgNZGVMXgJiU_7fEMsh4mgDe0K1dwXG6AGqIF8BvnRRLaLyaBLI-m-MjQf5X2dM_RUrg7gYKm0zqjvUEZ3tKCuNMs2SkWD0t_lLBS_Az3hLbpi5-l0-NZWsnLaov4bf-FikqaBxpPaumabmsPh7Sr8pS5gmQEtoOK9sOzYmsoPD_BwhaCoiRF1WsVgfyEvUz6Nd6X2TqSBQgNMFe7Ili_eKpXKMor-z1na698s2eNQyKhAMR0e9yRbCbdEGa5JXPBOYAZ55mE25JfHpCCGuJKJXqAz7_lTqCIe1rjkpKMazh2ZenzUON_Oho_rkTWV-7NXKCa4_ycSOUynUkHNvtCk5VBh7IjAhBV4pv5MAg5mzv1beemus3A0kU7pC2Z_eUBuK23qfQAayf0l1GfDlzf30aNARp3XR3gsF4753iqCI6VWGq5XzvhwdUXXnZcgW6oFv5Cv4RdsaBcC7h3zIXflzF9Rxjgbta9LTCDII_Ax2IVIeD5eDsJod6bxcJ9_ltEoDw_J9_Kgn92D1QhHHppZvdxzPsOL2wyjWv1tJXZJSrqw104d3U9iZKfPo_rRKmvzOh8vbxkMC1btwcJP3Nx9pWWrCrLNLuDu3vkjZ7olRdMiLLc6dtMoj6L8rn15vKzRtnMgpfr1B79RWm5lOtBniUM3W2fABnX0Va8ixSebnQVOsbVuuOzeWpDJVspuo4ciLHWybNf2e8B1oSKWYr1bRohSj280_3yPMRzr0fSWOFA_OhUpuq6Sdv6DdPoxvWGezKCocxxchIB-Ji-C-JjBpz24BgHyC7qecWhfexZERvIfHY2_jLFmUrO9CVbTGh4BiqDv-flSiqpNjSafNXB8Ftw8Mr-IO8vuSkDVZodIfCGTTWZkamrRxcpVTOglgnBfhCHqKEs2IxJl_7fCMdWp1TYlqSpb0uyncN1k74Ko2lLBXwYX8b6-JKM0AapyhoZOxG0A4IlIFhV1GTqx93ZeI0omSHqnV05IOTevvowO9kcxZhuYXUcd_koJoitMxGML8puBqmIXKCm2EZcS3Nbc24BhgJssa37f60Qrmy9ThY28iCsyDuKm4On4UWb6TN7-K13jAqi2-1OHj-FD8M83NntX5PCdoRyJ7rSE0y8vZ6vlMmaRwgMkDvnEKAWNeZUFKRQHjdmSrn5opTRDZ-_NU3jGxPWG2e0CRNRLeAnn_xiaFHK_JnOWltg8orQjsVaJoHv7PXGUsW4tILe0Tsiz5T6Cd-6YSEzEIdaD-4UiLPnmKXvQyPNNl4AFY8WRpaFjwb0vKFpKYfLS4IP2jfZcphF3DaB0lziSyt1YL29v2oPqoyJCfDC7ol94uQA5bjvo8-kjEHaJ9A-zrCcEq0crp9dEsVKRoS0HLCCRpZUfI27pcdJAju2eS12hkRFdjUeRU5bav1TEE2ga_WpiGBCY1-rmcrI1xxRcTrrIqhk4PUTz5yARUFSAnMiHT3_Ohfq8dw8Sy-IWz_6lWGKC2-VoM38mhLKaBcuDUe0ubAvUNffry1UTeBHHVu24nTRR7rWL0NsylZGtqfKcYI3joc-2oP1cRp6AV4Q1bYVPvYAlwqq_M7VJfDgnhjVsHuOiuPiScw3uP6xuObv7SpWut6BuS8uEUI1tYyD-rzXraXe2OjZuramu1sCcuqzm4H-LStioH22aKFzn6OfKUeYPRlIdSZKraS1a4G9DKmIrrIy10Zw5wbH27xXCeW1TNYZ_S6B2FodtR8AvZ-FBQofdntzQ0kunWLq9WHWXkvvQ3MR0YteYfXdJAx9fRZr4fTluIQLhlJEElOY_hw-yZLVxG_Y2cgo2G8RIhGB59xduTtmT8MGOfgVBfnjoBgHUaaIOcZE-x0f3UIj2cgBi_YkBrFTk07-mAjxwbwO98T_QNeL2p-3yM8ew9yV9QTrGpfzzme90kHbrrzJbXpX_1A9QRdxKo9eae10zUFBIWKhZ7pUP3kEULOT1tLOK1pcOIBglgtNn4s75BC40QfwAoKgUgUdhQxNpDX8G8wowZmESONKieHSpzik4u1QyPuf397ziPvhoR0OYwlq-ksAPzbDZQOcY_322UTylQtZhYXvQ7GVwcNpkAWggfL33ocZ5idX7onLxCj5thpzUXeeVt4XtuZ6ODSL5T11prxHSUyWQHnlMo85_ybRikCHEYyK882pOV6nOwglVWIGezcdGn0fdNH92Ogatu1g_mIDn7pe3p0taYQGpgq5HkD2cwD5ELi5cpX5TeMAH3ZjwCGvW4K7mW-iwHlhX44WEAgMw714CDLpt6xg9RTCvzidiVvNKm33t8IxjozT5z7pMGt1C87DgdqFSHIaQK7oQndNq40Q4QPb0YkhBoalJg9oJ7v1gaO4jG_xgxGOJ7l9lYTp0DeZTUCRNmSmVdPYN8UJeNIU3HFQwc1B6Pb5tMwkBGzsoMUNYYa-LNDd-zODvu-16DHIetCTG0ck4xTMqxCWGY3X8795nAtUDOq1TR21XFJFq9KiqeDOof7bYfh2rATQ1dJAYO_JF2uNdiALjTpaNuk7pzsQM3zRrfnnMLQ&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=4396192399568019500&adk=929882888&idt=133&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
139f85b6037980e1ef805918b51e68e705f1ef2ad6cc7a7a367e17cbe929eac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 578D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CgDUES9JixcoXP7lQ4a5Sv-FK2cjmj6mREP8aTNqqtSuJ5gIB6nf6guru1lhIFSTegYHbYC93E7OCKDchgu0qh6805vGhSL5p_I5qcAnEQ79jvdar1Xn0mt6PWMDr17xBojGNTj7HvXupdoG8fMI0bB1q7Sw7XTzr7xGlVPpZGrko5lYs&cry=1&dbm_d=AKAmf-DF5qmleR5mekcaIpKTyOR7gzs4-naPHRSNCd1GNdtMETqrpBRiD3w1FYEQ2jM9x5bQAm80zXVAjkX467-ikG2DLejERJydCiXWND8x5w5f0-JKWFOYNkSp1TPcj1yl6jPJ_ysn9HrnnGCsXknoDA5NOnVSStxS2iOIIylMde1b-QKuMD52Qtu1ASVCdHyXONwkQ6q8NaxLn9_ukuXnbkF00SAsmIXg2zTwyyGEPC5NcPIHgCZUf_DYgpiqiQGnkfjrXbp9wmpDzjPHEzqRXDIb42b-3ZqpVVchp04noFoPrLKRW3Q6sUmTESbkEWx_9WdeCHtluE6zE5QMbNktNaYA5Zmz1Y4VdLCYvk_vtBawKi9rKKuNeWhv8c25T1SbSQGzWI-c5-ANZBrXbY_Uk60kLQw8EQ8ns50ijMLAJI9LfYKiVIV7-WhfuXcFHGHX5W4Ycw_olEXnL24GuF_DPWKuxTuGhfe0ULT9asVmeJxo1ha9OAsLOWUSkyn6bIQCza0rznKTGgPE9JrQVo3iyMdym4yiEHT4T8NfYRQp8hYJ_URsUNBwAxI32VtomFgDIPMXZfrS6FXXmrM7PHCzPRTyRc-ipiTGLwrs9wrQBOBDa0HmnxGMiAnYADP4mUYSwpiRDhzIIusd2yhMuX9XMvDmJlPGEH9owV5l9xlBNPaFG_YhGFLQjut8nV2d8lcK1RrzSmTu8vVdlGxofI10CeSC8vxSR51HlzcLJmi_8R8r4blpOVYY977qKqfTvBRkHm1pNoAJE2yCm8dLtjh0OUOEoS3H1GPvVgEjJYtL7G7uje0EdubRZPx_7NAvALDqVlJQNej0lGc_DBWw9-i6Waw1MQv5ErV_2C4bS-xJdgdee68wcgwKV9K2L_8_94ZDgBLXkZ-eRVj1oYyGcVRVxbdzEhIWHBCIeArA76jI0kFqABomr9S8xJP6E2mExZWzMq7YAQzNNdzcPSblqzKyY4a9sVliI2XjsQTgFrNzMIFpnwoUCmwYq7AHRSBNIq-GOxX4APn9jaPw69HyvteEOZjCIjOQ9j6HChB4o30PGSPaAJZmbH8Q90FsEjfd3xDP-msnLgFys2HMZF6mv20FN0EGlPoMVZLxYC1qHDsGXarpOVWi3jMbO9fHkTFxB2rfyBizVOgPnLSi0wN-JpMXgC6qrVZcjdi92yDuN2GUIx1ZUm-QPInUuP505BRW3cBAWu7bOPEqpGFMaosZisCWtzdSN8869PKAnLIqDZhZ_IIMHhmy7jGSfbwuTWLHn3F0y8tULFrFTJaP5EfexUsAKamBdNYv5zQT8lIwAmusIwRdGFNmYOyLw9vouR3l2KOgP3KTQE3VpTxVWlQa7wh8IOlIo6DYI3bpB8xizlMfo3AtQ9t8v940wv0xwkyIUqwLDoVcixJCZFPAUMedI3NKnm75h-coeupGO18gNjfYoLdIuRelbaskDkMZGPxwdyQbs9r-Gm_W1AZNDH3l8DiBI5mtNU-VM6jpwjhYkxLMMere9HnMRGxCsyeEgRYwC10DcKkbwdrFRl_3ZioR9OoTa0DisDLblqFPHCLuEC1qmzthF-qvnkqxsIgAJJT--WgYC3CAhDxgvBjqHteoM9gVVrPRAGrsuzUaqSnGkCtby5XrsT0Y2--M-kUKfSrM4oiR8JgAB3rNBqcoWOFc2TVyWtE_WgKi8lUkDxMLgEZoFimNWZKlV8CzqkJm7XhZrbPf1NdVBiTR_q4fDOlXYlqQbizmruEukX9zH6llmdRpvuEH1vHU9WzR9BGSoQIabGyPYDycnV6jW1uFxeEqEne2rcrPo4L7ljY6UtCes2ilj419NdoVc3n9_fA1jTpahp_Oy-mdRjUFWriSuluRtMnQo3HYgCjkaP9gjNBxGLYSm0zL2Wl5_vCicyTmcgapFHwNaSwcab6cAoq8K3VidIo7sooPrFolD-1K9s_cxFiCMTISPOqR3PIrmsxOdWgdiiaqo5Os2P_OUNevHrsKCibi1cO1vv3pwGFg0znrSD5Abue2L35B5GH0WBwHqDjBRpiaPCDk1nvuKYe2K2_FfCxLthkr3h0AZzaB5AjHRvFg-vd1brk02pQOVXKKe-9FGlI8ZWyTi-oswngyGArXlC5uOISpNlTRA-KHvpi-do9u0z7lMHudiTG2etfgwN829rGNSeUR8uvdZCEIqVVJNd3t3tlY5Ubo7IaK7nYSmDkKH6VUPo7WSjFMkt1velMLhwu_IkvUiaDZPSPjyB0RM1SI7DXycwc6NmCiLeHs1sJ1c9u_ify4uavjelQ73hRBPuitxAUgOhMccQk8SZS2-UOk14EDwq5C9bxpktcf6-KyZEu3NHr0xxstsqkSAkP86JFWiAjUuc-ovsCTQ48zj38E3iyQXx8Dgrs-XBfAmxAeu-kE9A4e0SYWfxaF4DXaMqUQ76YCbIVH-BUcAwx1KiFfbWnBtwLxi77Eh0EUxpSFiCtVwplmAWhDQw1q79hmmCOMks_tVaSAcJCxqJIHo-rp8dUkd_DL38JsNhasr3DESqjb58YnNvU7wyeEFJebbUF4TmVAv7qFjqcE2EGnc7o-L9U3BDJqpAQB9EtwRP4wAzAm5P6b1-Xmkrup8pyDh6eQtPKm8LphQ1v3iC-Cwmu24oKAzDBvWeu6oT6cJc4OQIB7gXx3hQsVd7XIfjnDordB_O7XjyCRlLGRfCTpOtDXOZb88r14gji5qiA4-brX8FbL1rRpHQkXOufdbZ9qa7dJgRw-xkjOQsv5rSt4rSE5Mh0-_t_P5unV_675LPavuuPyeyATrTQPOMiczg5HCjhysT0txHT4i_lvwy-iUeLX_qBfTPlwoqP6U7Q_DOo57PfAf4wjSyI9EBFk4h2b3UtExFBUNjedGahUxKGBzOpYJPZLiM6qYuxwlA88b9uixuJcV1IiplWqxBBzBO2Z3epjPR1iz8_rsj51RtNo45tXjkWhGZoJGYpLlhy8PyDVA5NpQutKDw-OwKcnDzEt0E73sEW7eyE3059tsGjfbn8ePw5Ov3jXm4o0z4M3Dwng4rwReZZxYEWfcLlfTzPvDuOnPiNZRuQ2uzw2qFpyyjlJ-Ctugep-oPGjGyGpfgpwmUFdsYj64YIxMYvoI3pmHjHxqQMe2PwMU9UX4L5hbYRCyhxvAqL4jUYJZU4-FLj9_GMaSn1TlSebI0Pgevx34tkfkI9TY52XGN7nrlo1xb_a5zie6xCPfudkvXl-jmJ_wnW54JTJ1S0cp1VHTe4gNeE8cZ6IrxzIy5D3dPiQc7jPY9widt1k8hIvRNatgJe91f8O9SYsgQTsUcUo-uXCThQmYXD72hMzKIBncNl-jnbqUJdw9Ia5QxefQwKoh3xukiD7UXnwHfT-7bJXZxeO4qurszH6UvdYTVWPCLB5rWkvcMlGRpmrTnAzPg64YHld1Zvkg-Vro8Pql4KCLcPvjVZe1abIvdxqB9I_zl2NYIMqj0n1WJ6ZiTk7iuDXpp1t0q-RBH5g85hFz3q67VUKh6qLM3voP6130ydnXiYbNEyKVl5Sja4gHMJKPlr_LtLNQUUPP72tJlv4HF2iIa14VPZwirfMpg1v14vkUaYFjsFAcrJJAmxjnvuzCfrDc1Pz6ZtrVjNUCPGy4UHxlmitfd-9vb3oeCZpPPUg_NJDe4IxshUoCjME7vJTclRL81RQwnPdL6k0HsNmAzg-zEopzRPDG-k_qV98NEQ28HFLxPAgaR4PRkB64Rqne15j9in_ni79xEqrWI2EY2kQkIolCu7uvqZTh7QpkaAFANLUsln57ZZGDEnYkQ&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=18058479983389321000&adk=1877897942&idt=91&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODQ5MDg4NQogIHNlcnZlcl9pcDogMTM5Nzk2NjM0CiAgcHJvY2Vzc19pZDogNzU1MzM2MjUyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 578D 		0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODQ5MDg4NQogIHNlcnZlcl9pcDogMTM5Nzk2NjM0CiAgcHJvY2Vzc19pZDogNzU1MzM2MjUyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDU0ODY0MTEyNTg1OTU1NDY3NzYKZGVidWdfa2V5OiAxMzkwNzUyODk2MTU4NTA3OTAzOQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMzEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI2MzU2OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA2MjgwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x78d40ffc22dd737b0000000000000000"},"debug_key":"13907528961585079039","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5486411258595546776"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbrkb4s8ehf6
hal9000.redintelligence.net/zone/ Frame 578D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKcVcb5G5ZfnVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_Qra5ytFAGQsGMfOJFqyHUTs2MBtTYQcOu7imsJIMuoLBcxw8rXXzxFjO7QlwM2YIXwF2b0k676vbalOG_LHfuNk2BH5D9sgQiKKcQcqDXK5ebySRVOchP_7_niX1sjWy5WojpTarc9BgZdzK7jvz4fcttDtXv_HJ_T8XrjUEMH4hY0sts2jcTqRPtjGjQ01mFIl9BKiFAfSDy--IOyS2cu7VfmCbxbVsMemQ2RG8Nz5F0b2Odx-4RNc8P-FuGJtelbRlIhixtEZlBkjRBldCyzqKUjjzw6-T44Iy3I5qWd5uvyTrqAwQMPurSC3iFL7NDh3TABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3x_jjD7OIEd-B0WfX89cyQaMaw7g%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-CJ29sbE22OM72yWXpYf2pkiC2eG-QRIvvJQg1uoJPbwD2VIBeDqMM5XbbXPn_LjXZmhcUnsnYSkixDlasqTqW48ImfFNVl68fRT0nXCudJ31J9K6E1t7KSYAK_BXw11za9eIim7KuDBIiutSL0n2u6w2kSTUOIVuxJ7XSu2bgEwJ-UaO8%26cry%3D1%26dbm_d%3DAKAmf-ATqEvK0XLKsouAiY8XmayPNMVQwQwn1vw3TRWteuDVjlRV4UauBnOPQLcgFyvBAJB1KcNwE1Y9tlroWZUC-cYiuQkiOJRiB4Zw0GNeQGZkEdTSYFj8kO_R1kpYQMyEjJWNEbl2KqttHuFlQc6Ct5vhZxBZXmcIc5gOT_gfAlCC3PYLrutSm1fGRsgk-MCUxrNvCZ1h619YMPgmXm7-NoTBGx_R0o0wGZR5XXcgrjilbJceXSsV9bfj-rG9b-C3qD9Kz9K5GvEOCXIPxAVTBkoUGlNtBPP8DCQiw9yQqPGIB1jra1SziSvvN6kiD2M6CcXnBsxD2OmsjRf7Kn9aNd_EoFnWE0eo0g_R9vdaOw5WuypqFhv48kleXpPr51Ke6Apt18AO-UPBx5iavaXmXH2Lg4VzUzhIfoDJlADZXJvEa6ORYq8XrNglvrv2GC3FjPFaGGHAgfBxSKmxynq5reWEqGQoO4-1sEvQZVS9TTQF5vKB6vx63WGpfgZ2svmMYRf-uY717H1jss376pgqUZuHqF9vYPQPbdVW5SGGvpcyP953SKDHNa-bFiZsXTlf5bOJ2VId%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
7e86bdafdaa97c44a4447de8f2b78968392a7c71276d46cf0771958cff584b05

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4158
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 7ED4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7ED4 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7ED4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7ED4 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNX3n6QCIxtYZ490TGjHI5Fhv9nXx0ObLqthGrO3pXFLDCq0yKWkWoviMBUuyCV5r1w8dZ8w2UEkVCTxAdemiR4bB4VCO6hwm2oNIcpjFGLBgi7FQf8lKi1gvHme63Z9WVO8N1kGUqbJgCAjK8vOgR-dKGBqRpBtj0irJ3pbF4kJ7k7t-nM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame D5A0 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
18923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 19:01:25 GMT
sd
us-u.openx.net/w/1.0/ Frame CFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGFUZfbsbpXgtcsq5jqpTzg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame CFE1 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame CFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEI2BilgAxvdIUvcWnwu8cXE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame CFE1 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWKtkUNAiXNDKpHNegdQz6iytGDfEGpXxaVZBQZPUpd9QNSODSOe_okrafR0mPGPlfY9WMho0EzsOcjHaTh8uh_VyJsu1LjxKfwiFDR6vvmm6ZOVEb6kY3KdsP4x2Rk_OHmwM5HfAUlKtIs3amveIS8iz6QbP6IDkwnaSN7Msk8PXcoPr8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:48 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D488 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 00:19:40 GMT
x-content-type-options
nosniff
age
86228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 00:19:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C899 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWyngnzIY4UKYkCD6NAsB7DLpN77NezRDrXZIN785xpmqWcChTPiA6Ymr5ef7RmwBe9clKIzef5-6GCh3MgCgyrvf_Xt0xMoZzQHh6YRXy00oIB2AKTmVVyPxDLt3pw8qjYicLTZYDsjjrlZrdde-4s_8n5AVHj3HLIehbP6_ZJSbhchQY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F5BB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame F5BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
18968
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:00:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame F5BB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
18742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 19:04:26 GMT
l
www.google.com/ads/measurement/ Frame F5BB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7nrsP_dIbIvEEVUKtAtFYxxnGrobEfBVp9pLlVgGTTKQAN7MPQ5ZAhtvYUAqzra2ddflIbDjQdwh8vQDfRwA0SJZKVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F5BB 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706532320618808"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 00:16:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5BB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeC7nD8-Ub9XrGZbc45H3w52nKvneUa7PheTh1DopKcwFzbLziuJbBCWnksxf9S7r3SDAa9KvpTeMleKESZjFr9pVWM3m7Cb4mukc3LTHmflgYbl4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame ED95 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnluhnMF2BlTn3g46qG82bf1CnxJMOs3xZE7_KrySwCAenRRwDlS9qsCopOKFmzJ8QnQywMwEBtHngyj_nqgPkgg74-GuPWL3k63nFz1MSREFZrJLlfGAF_t7r98EtKbm1-PniTzbvCDRVfBAk046gRqxQxtj5hC42HpxmxmHwrbISFIE&cry=1&dbm_d=AKAmf-B5XavpN6OJ-f1d1uE-1Nv9WuNU2v_4Lo3dD8Lwc3s0Ov-Rk7CkEBxN--W1HbbupSTmII3f-tFAeTRUfPZ4WdRLYMIbKsrz3SHQBHWFIMQ1xRSq44TUHqh8zjrRIQ2BL66Xdy19pMS7C7wqsEmA2d6AoLVc9pE1FS5N-a0xw8iVnJ-ym0wCQFZ_GpNtF0wGoR8tJCDgUQIda00PPAsH96-P_eyA473FSbhhWba36THzQs7A4TkE1weh2kT2cigAYWc8IeW8S4FZqyJZMEF3VHB8mDJayIS5ZGy03pxiIf2sya7L5VT_yEEsXJjo6tECoPENz-qj-yWRWDsCm5Jhzy1eHSoooI8T8Qzxdq5lRN1C95fXdoIkMcCBmuD-zHtaJEDPfK2FYu05p2upGorCedntG-rke5z3JmSM5wy4A9pHGyt23LPNe27gJwJYx2NFLKiTY5WS14ivlKGmLlMs2j5yL6aCRqo38WRhizrPJ1dqKBCxfobpISCAQHvx5NR4LMgyAsjFmzoqxEvIFesA3B97y-qN8pbgwxP74jq3AfKikcI1IbJ7Osl-RlAylwa3jGO-qX4AbC7viwvsk3Idpd9tw5gOVrUevIH3qdLXKLvyoGPIqj5grawjOFmoO5Eo1h-JUwxI5kM6DqAWoAerJtKo4Ygo7XN5aa_2m9ji9h50OY4YKFc9XXPZyCnwBe0SJX1KDPiO0yriWqKwn6kLGjhkmRJyf-Q1Ek8hCIO4c92niADFKFQ4q75RYUhbiV8D6aKKP89E2YrrEqy4KJJG7vruImKBJK7WUpDFGhYo65clySE7Ia4ATpj2B0cMMiq81GGp5EQTgjKgIP9aF2nnvo42NZaaWU4nETPMeE4YebyTzyPMXMu7JLIInmLH30NYDtijLSnqHMytWqWLNAJOOeVMmxBQsivgykeVfFEM0dk6sTaPX2bZ6Yypu9601IA40F6sbc7-f0GkajQrjfwezzKD3Jz90sf9yfTWhYP7EvQI-SSYqwkgnlSYPLsF3qBDWEZEr8OJSJgYpdre6WIOronm6dARHS66yHisCo67FEREc1whQ9Q2FUJfGJAprCAKW8oR_fpTZcGgn7xZvl3km7LxjxUFRYsl-maGaR-o49NnVvbTthPEInsJDde8u0tdYTPBtJNhP3IlU0g7aWtM0maQsuvc6SCYnFien8oi4wnV0kyyad6mFcpgYXvJlDwxfsGtlyXGJ70lGk5cDOFT0luKf4dHSUQmpFwYg1E9sxjgNZGVMXgJiU_7fEMsh4mgDe0K1dwXG6AGqIF8BvnRRLaLyaBLI-m-MjQf5X2dM_RUrg7gYKm0zqjvUEZ3tKCuNMs2SkWD0t_lLBS_Az3hLbpi5-l0-NZWsnLaov4bf-FikqaBxpPaumabmsPh7Sr8pS5gmQEtoOK9sOzYmsoPD_BwhaCoiRF1WsVgfyEvUz6Nd6X2TqSBQgNMFe7Ili_eKpXKMor-z1na698s2eNQyKhAMR0e9yRbCbdEGa5JXPBOYAZ55mE25JfHpCCGuJKJXqAz7_lTqCIe1rjkpKMazh2ZenzUON_Oho_rkTWV-7NXKCa4_ycSOUynUkHNvtCk5VBh7IjAhBV4pv5MAg5mzv1beemus3A0kU7pC2Z_eUBuK23qfQAayf0l1GfDlzf30aNARp3XR3gsF4753iqCI6VWGq5XzvhwdUXXnZcgW6oFv5Cv4RdsaBcC7h3zIXflzF9Rxjgbta9LTCDII_Ax2IVIeD5eDsJod6bxcJ9_ltEoDw_J9_Kgn92D1QhHHppZvdxzPsOL2wyjWv1tJXZJSrqw104d3U9iZKfPo_rRKmvzOh8vbxkMC1btwcJP3Nx9pWWrCrLNLuDu3vkjZ7olRdMiLLc6dtMoj6L8rn15vKzRtnMgpfr1B79RWm5lOtBniUM3W2fABnX0Va8ixSebnQVOsbVuuOzeWpDJVspuo4ciLHWybNf2e8B1oSKWYr1bRohSj280_3yPMRzr0fSWOFA_OhUpuq6Sdv6DdPoxvWGezKCocxxchIB-Ji-C-JjBpz24BgHyC7qecWhfexZERvIfHY2_jLFmUrO9CVbTGh4BiqDv-flSiqpNjSafNXB8Ftw8Mr-IO8vuSkDVZodIfCGTTWZkamrRxcpVTOglgnBfhCHqKEs2IxJl_7fCMdWp1TYlqSpb0uyncN1k74Ko2lLBXwYX8b6-JKM0AapyhoZOxG0A4IlIFhV1GTqx93ZeI0omSHqnV05IOTevvowO9kcxZhuYXUcd_koJoitMxGML8puBqmIXKCm2EZcS3Nbc24BhgJssa37f60Qrmy9ThY28iCsyDuKm4On4UWb6TN7-K13jAqi2-1OHj-FD8M83NntX5PCdoRyJ7rSE0y8vZ6vlMmaRwgMkDvnEKAWNeZUFKRQHjdmSrn5opTRDZ-_NU3jGxPWG2e0CRNRLeAnn_xiaFHK_JnOWltg8orQjsVaJoHv7PXGUsW4tILe0Tsiz5T6Cd-6YSEzEIdaD-4UiLPnmKXvQyPNNl4AFY8WRpaFjwb0vKFpKYfLS4IP2jfZcphF3DaB0lziSyt1YL29v2oPqoyJCfDC7ol94uQA5bjvo8-kjEHaJ9A-zrCcEq0crp9dEsVKRoS0HLCCRpZUfI27pcdJAju2eS12hkRFdjUeRU5bav1TEE2ga_WpiGBCY1-rmcrI1xxRcTrrIqhk4PUTz5yARUFSAnMiHT3_Ohfq8dw8Sy-IWz_6lWGKC2-VoM38mhLKaBcuDUe0ubAvUNffry1UTeBHHVu24nTRR7rWL0NsylZGtqfKcYI3joc-2oP1cRp6AV4Q1bYVPvYAlwqq_M7VJfDgnhjVsHuOiuPiScw3uP6xuObv7SpWut6BuS8uEUI1tYyD-rzXraXe2OjZuramu1sCcuqzm4H-LStioH22aKFzn6OfKUeYPRlIdSZKraS1a4G9DKmIrrIy10Zw5wbH27xXCeW1TNYZ_S6B2FodtR8AvZ-FBQofdntzQ0kunWLq9WHWXkvvQ3MR0YteYfXdJAx9fRZr4fTluIQLhlJEElOY_hw-yZLVxG_Y2cgo2G8RIhGB59xduTtmT8MGOfgVBfnjoBgHUaaIOcZE-x0f3UIj2cgBi_YkBrFTk07-mAjxwbwO98T_QNeL2p-3yM8ew9yV9QTrGpfzzme90kHbrrzJbXpX_1A9QRdxKo9eae10zUFBIWKhZ7pUP3kEULOT1tLOK1pcOIBglgtNn4s75BC40QfwAoKgUgUdhQxNpDX8G8wowZmESONKieHSpzik4u1QyPuf397ziPvhoR0OYwlq-ksAPzbDZQOcY_322UTylQtZhYXvQ7GVwcNpkAWggfL33ocZ5idX7onLxCj5thpzUXeeVt4XtuZ6ODSL5T11prxHSUyWQHnlMo85_ybRikCHEYyK882pOV6nOwglVWIGezcdGn0fdNH92Ogatu1g_mIDn7pe3p0taYQGpgq5HkD2cwD5ELi5cpX5TeMAH3ZjwCGvW4K7mW-iwHlhX44WEAgMw714CDLpt6xg9RTCvzidiVvNKm33t8IxjozT5z7pMGt1C87DgdqFSHIaQK7oQndNq40Q4QPb0YkhBoalJg9oJ7v1gaO4jG_xgxGOJ7l9lYTp0DeZTUCRNmSmVdPYN8UJeNIU3HFQwc1B6Pb5tMwkBGzsoMUNYYa-LNDd-zODvu-16DHIetCTG0ck4xTMqxCWGY3X8795nAtUDOq1TR21XFJFq9KiqeDOof7bYfh2rATQ1dJAYO_JF2uNdiALjTpaNuk7pzsQM3zRrfnnMLQ&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=4396192399568019500&adk=929882888&idt=133&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODU1Njc4NQogIHNlcnZlcl9pcDogMTM5ODAxMzk0CiAgcHJvY2Vzc19pZDogMzIwNDg4MDg0Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame ED95 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODU1Njc4NQogIHNlcnZlcl9pcDogMTM5ODAxMzk0CiAgcHJvY2Vzc19pZDogMzIwNDg4MDg0Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyMTY2MjE5NzEyOTc4OTU2NzIxCmRlYnVnX2tleTogMzM1MzMyNjE2Njk4MjY0NDIzOAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMzEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI2MzU2OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjM4MzAyMTAxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA2MjgwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x78d40ffc22dd737b0000000000000000"},"debug_key":"3353326166982644238","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2166219712978956721"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbrkb4s8ehf6
hal9000.redintelligence.net/zone/ Frame ED95 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
6c0aac9321e797bc17900995c31d9d3e7344d512ee5abe09826b4b6259b27991

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4158
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E221 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 968F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8050423860490&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 968F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8050423860490&version=m202309260101&ct=77&x=1&cor=17910811709961826000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 968F 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANlW9pT_nwJsiDttOOEKJvoT44VNuBURxTO0b7jtnAfsaVh9Iqoz_2m6RsOYmdHFLXh-SUS2UWvWDkCRWSbbj4ta8dKeeFeZ_kabTgObUtWzg6N-ZNYR8RTlrGCcbOAujSH_fcnsZv_y11HCkMMNcuCNknH81m8xgG53TXW42xkj2zcKw&cry=1&dbm_d=AKAmf-Bw2SbQsZNO2j5yBYDHRZImrAydWig8lUeF5Dk5OQa7h17jnJSBStECwW7J9sSaa34aMQaNC5RP0WJfhQJPtCATp9-qgN_mBAUKpXyvB4c1l81kJr4VYXhGim3-ECuvPKWczh8xmalhF3DCmGMazCiHWeie3e5GJrP9Un5i-LqOje7wFLBqLqj6uMsRdez5YzuCPR2J2tUkPhl1S8WdiUwrkf2P6ui3KjKuIql1TmOZ__dYAmOXjsO8Ii4gnAdNXe7VdCz_uAHXEShw-aBgX0P9J6p_CclNDgNlUVmrCL6u-gEClYKnfOXK4nm8qK_LVbOR-Vi1ZO77juFBub_4j-BbmjxrtK5H884IhitI03C5mHhGsULcjD0ZYS1S476RpSMzF2hx6xwJDn86qGSa0fqxvUmApkaESU4QXjign-j50aeYivw0H4xXpck3F2FY6fxXCwbVg0248SA-2K5iwB5nr1tS6q25QIWFrvEp813STuFXeVifs19tibLszmgizQ5JZXyQb2NoVTVIcgdSvcCTFR90PO8abFHrILy0n0QPAf2Sn1W1xWgwYMqfiekbqEskbO6S8VsW8TyWjG-c6epfVIlyLrinV66IzZTwXzAK9ONOZvaLRpbnm2CBBfcsghxAHwGDtp2TPDIsMtBGJa5WwKIDnvXqVhJ-bLIl9NNQMgIqdCO_qscdEAAQ5MFMzzjwRVoAf8LO88rCB3igbCSVZHgkl6RunrKi2eVuivmmn9mg8IPRQvR3ef-KSRmcOqw854YwilCpxqFgKrN_xyn8uvchci9PBPs3lB1rq0bxbedH5_FhmWOb6ccdZhi3p83x9zg_00BeK_RQ8-9TmjoobAjvTgOYB5tAiI1Jy1kviFzvSpLKsPvUmPxOB3CxqHOKgUWXALc1EJ7h1_ABbjokWtYVrrvzF_Kaj3CNhqxtNuYHzPCw2Wj3YKsNBIXpHDUUiUcwAcjpbJ854WA2M1KTJxZgQHdHYDE8AxfOWB6eRTMP780oMfbe9tKhAeas8NiPXMXk0SlNx3fAIkK5wKl6nTs0RBYiCHtyuLQDWOhizsakWy5GZQ-2Cpc48AreM4tw0i-wWTlnaqMydaYS3KTthEcgDHliSvCgMrMYCVaIQUWXKp7EwgcbUPWnlA9KSij47vj8roMnZOB0zAAZiRhs39xXICotXWrF19_4G_trP6N9n1a7iYZH9oehk9LJbJDUI1F93bOhHMYARizS4M1rpsRqa9L43GZklphCMbKQGI2HXXDbH3fV5SMyJcammMoVwqGQcJ8UWYSuzo82RokfmyBOKXOjGJ8E3qnOgvki9py3xivDqne1ZCIArkmxi6VxKUyhb0xebl771gIMFzypNgaef-2Ze9cN_x57RXwV6CCxYhddbJ6n_GKvt6TOLaYMbLYSNJl94EHV1ZYJMSvNoy9rtzruD61VQJJAWylmLqZzA_FPN2NNhwz2oWKzV-j3jPSlcYhGX482UQiwd_M3NgOp94FerlwYXZFRN7NyKc5D01q1xkWBobzYzq4eQtOFJ2p1_lXu0qnwi3sEnn9Av8Sp4kiunfHorBtqJaBMymjDRGdGI1ZP6_TUPSuUuf1M4LcSnde1Jq7LBDSLQVkV2ntZvGTFPs92U2nYIUZn3XS90NKPggEEG61QMj-rfk3HZD8bsLIDFbAnPiW8vBWsxsZc6edz5IHoBEwChTTACybMoJCWx8_xLitv32Ei3UPSgShi6PaOhd8VQX5p8Sc16RQiezQTm5ogI0cbmjAk_h3Vn-ebk1odaBP56EXKRSzSD1CwoT0H_W3hjR-_WxKslo5GSX-tphPTOpsY6NMMFLwy5QEhjvPBqmgTZXMG9-fPpklxZIv0376qGydYp_EcSlacwFDHN02uipClQUuacARn6ARyhKij9mJlRBFUALWrNt-zrx68r2ZNFwRNGSEtBAjH1RdOnX_w8fabJWiUWbCuV4dGtKXhWSSnD0eTMnCrelzwLDsaovV9G-9bFfomT1lnBnVyWCk2ib5u6fgjI0bXaSfnv3mjkfDMOtPhi6LhuJ7MLSzEeb1oIFXsr-pJSGFLITORfaT-TTjMOksuGDhNdalyPzX-VWK3fLFg82YdqNQCSiWM8MtDv1mTF5YlfJw21xqqkuiAtSXliiKKuJfXPJ5Of_4ywFxkivsOu1LMEjig-LSPvULrn_-dxd2uisFsjmvhDc957_MnFTMpUGU3WiHv2iDP8j5j4PpM1aY--p67xErNy2kX8antQYqlEsAQhKYbPEVs4rAN092n1Jogkk4X5HmJsXCfWgXYvy1b_RKNzIsoYmDW2tE1_sDUiniuFDxQYQw7wRj5CN_EWnQs3XPq-inomgcoEufe7l90ALQ9KgS8JOo4vulimqUwaCOHi1eRi15PfqOgcWCfzT2hAUSRP_0ShzqIjD6a8admHeF54Zu5JiB-hEj6Z8FFEXLK9CKEa7o42YMmDeFKWfntwJcmFvdC4lFT_v0FnKDfOKpUhutbzy6lGx0V6uRfEgTycBP7CjErWWwQZsflCX8GCpS6vdo7HGUNfic24xFX3_ZhjsyY1sKBFl97RKy4uHsuS_YAhzNm7m04sR9UEx4Zm9THbvHA2Zm7MffLwxYoUOQjU9z8fVzbpQPzkQ5ZxzDmtm_JhiB11rp0bCOV-z3wagYKQLZ5RTltp4yMgcTU5beHpn-Kxsskx8jNZ--V2uEj_5GgkPbCML7_jr7WUSXAbIIgs2eDK9Sx99RCkPe8tE-UZvUPVjvpUVF89g13K3_fZ4iaY1LOsqgbAPBXTOwtTQWQNFWb0WoMwHSxh_C3pyke2QDmy5T_wRDIj64PHpKjKfCPrNQkfDWCe5T2vExbwrWeFR4hCHy5mbP9R1SN9KX1LiaSTcY3kJLhmPiobtkIjBYZA4HldzAOWS9EdS5NEO8Pcqz6G-fNCrmu4MwCgFH_F-KtVJ62FVbjjlidfF9A3ps5BWkpe3sjyAZdAgnuVBxX3IgZwLmWSgDHXx3266pCC-pe_Th30jQAIlWNj4t5nqadlgZGnPyvWqpQ680_NuiTaNion8Ghrb_21fuLtxjM2oP_c6rhymT7JMmG3UlPRWzYYtqwsloFu7Dh7W3RGnQYxvA1s-c4sumyoQSnKXP5ey37pqvoFYlEKcjKedWXLFnMkXfColjPXbs52PnVQBTQuE2qYQ1HxHYB7it5auASBUMTBlCdb4EOlFsr8kqhoR_08u8QLX6Uz8i6mp5L1fW5dBYk1etZqsrVq34-kvt-eMqzkMQx7iW-X8yb7VGSFNqpmA2cbFne02Tjc7qmHIivfzmHahOO7FrITIifmoVSHfjK3R4vjnJpE5NhWTK76TieIkl-g_mJxpX5q17eBf4ib8LNwILu9vPHaLBIIKiIFsxye8HOaLUTk6oad_hGKz8E2TaWQaKgG9EHdObaGMUQiQgOoKP9UgiMRxf-02PoTJAT97ZOmGkzXy2cM-eHPk48kri1C_HCbojlYpItCLfDTqtNBHV8bWc9eyRAY1QXHKjA551JlqwyFXK3TjaR2bTlC6TyQqEHFEaRsfaerDPRqBE9zP_7jYnx1jJGBmy-qtR_U2f9_ZYzqiy6dgdO5F7vJL_y1I6xO10wUAXIsZhvlWEZOcBhgA1f8pVbOd-xopPdZ_ZaPl_AhvtJ9SD3iXaJzgOBg26tIQJsR6u3kL1Ms5viP9d9wyZUiA7PM2m277AtES3sdhe6qNMT1Q-imZZruW4_jynnhh6jHdn_ErKcNHjJjDXCNYQIZ2k3gwoXF1I9UkaD9wdbLZUCe5sIrNzirAOU3mb-KG9LjAJhkU0eZ52DDmUwFAlIdg6YSRP4z1tfkE2LP5MJC5SE0_yy_g&cid=CAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=17910811709961826000&adk=1726166463&idt=91&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3476fd255d18ca78ef2077c6927a62d4c920efddeb9ac9cc2cb7911e34a18278
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13800
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E32 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bjm6ccJG5ZaaUC42Xx_AP--mkmAEAAAAAOAHgBAI&bg=!o6CloO_NAAa8BdJLnAU7ADQBe5WfOJTURiQVU0EKzsnnfIQ_cOUbUGdrfLwoBymqc-2eiapVVfehNpwEHp3wB6GQH2sWAgAAAJFSAAAAAmgBBwoACbEFqhyAka8jSZkC7Of1a8V2xaIgdUUcy2AaoZ7OzR9eangFY4BGV_Csc_S30xiWzfavQzkMRKlfVNlEj_HwX_r-cD6RZWprg48wx1qaNja-90GSg7O1xkmSu75WwzCMDvVDFDumgH5ex3BT33psJ1D5voY7bIxW1Tpo-3dhDDRLkOM6nR3EA2G02hxZ4W66VBHpmv3uc2VO_G2YID7ujaFuvm6X3-Ya2A-LxxyagHMIcwAPOieN3ytWejcNX1HVXD3k2zY053bSg9pzqS_Jb1_HR1z6lUA8OuEcRvxfWQpaOzqY-08jAIWAthczuq76o2N31-x9f1RdRDMw5b6-YcOJDbur8f1IVeil5NMtxLzgNx6tWHfXDf7yecF8PBwNsa74MB5pOjhdtXcPoLUwcV5VwM-FneFJ3l2Iu2BrUANm8nO63owyX8kADMOLPQ1AuJ4WWYtm7WKC_Dt3PbeCJKtCuxnBhP3l0r2hXxPbAOs6DONq7XUMbXhOCEp7NfkVSB16EQsDHcmC5U5HBgYcwiadCQhD_vNs--BL_VDQnySk0dbV71kCq533YxXzEFfN6S-Lq3qmTPMdhHTyWYDHSnjnIrkSO6Od7CLYx_ooYGR4lXsVioX_hQTkS2TGH80eoHbjaHo2DZpH03t6ZxtR5fcd_WIgA_RaXhgY2xaLGqrQpsFNS5IrqfxOWTWiW2FN9DeYQoyugZHpCOb1jTc27nN7QP0oUm73Ksu6EFz-vX2b5uD9CvuL5Pd6Ammoz_q682nyvDl3JS3XD7n6GLYWcD7bKy0vobZ4vKUC-SdJk0xe7Muk9ySEkOSAS2REfNLvHwy5hlSTurycO6pNkAuAv2rdMsTxi8hLotufvkFxac_LkPV2iCqF1Ij0E0D4iym_93oEsKTOIcbRGltk1gzmwidIMHJSsd6y4Dqsh_Fja5i3PbcUS9Lsl-fIwgTwP0ulJiEKWk7HkXxyKr8zzrfECXngwfbk3eLgr3O-BGiHV2ulekfcIuBn340
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame C899
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChDgAutxv17UQuzm_MpcDE&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame C899 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame C899 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjIm7vGATAB&v=APEucNWyngnzIY4UKYkCD6NAsB7DLpN77NezRDrXZIN785xpmqWcChTPiA6Ymr5ef7RmwBe9clKIzef5-6GCh3MgCgyrvf_Xt0xMoZzQHh6YRXy00oIB2AKTmVVyPxDLt3pw8qjYicLTZYDsjjrlZrdde-4s_8n5AVHj3HLIehbP6_ZJSbhchQY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4CEE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900015.redintelligence.net/ Frame 578D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=ed7b75594c&subid=&uid=4f96b933e07ba2a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKcVcb5G5ZfnVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_Qra5ytFAGQsGMfOJFqyHUTs2MBtTYQcOu7imsJIMuoLBcxw8rXXzxFjO7QlwM2YIXwF2b0k676vbalOG_LHfuNk2BH5D9sgQiKKcQcqDXK5ebySRVOchP_7_niX1sjWy5WojpTarc9BgZdzK7jvz4fcttDtXv_HJ_T8XrjUEMH4hY0sts2jcTqRPtjGjQ01mFIl9BKiFAfSDy--IOyS2cu7VfmCbxbVsMemQ2RG8Nz5F0b2Odx-4RNc8P-FuGJtelbRlIhixtEZlBkjRBldCyzqKUjjzw6-T44Iy3I5qWd5uvyTrqAwQMPurSC3iFL7NDh3TABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3x_jjD7OIEd-B0WfX89cyQaMaw7g%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-CJ29sbE22OM72yWXpYf2pkiC2eG-QRIvvJQg1uoJPbwD2VIBeDqMM5XbbXPn_LjXZmhcUnsnYSkixDlasqTqW48ImfFNVl68fRT0nXCudJ31J9K6E1t7KSYAK_BXw11za9eIim7KuDBIiutSL0n2u6w2kSTUOIVuxJ7XSu2bgEwJ-UaO8%26cry%3D1%26dbm_d%3DAKAmf-ATqEvK0XLKsouAiY8XmayPNMVQwQwn1vw3TRWteuDVjlRV4UauBnOPQLcgFyvBAJB1KcNwE1Y9tlroWZUC-cYiuQkiOJRiB4Zw0GNeQGZkEdTSYFj8kO_R1kpYQMyEjJWNEbl2KqttHuFlQc6Ct5vhZxBZXmcIc5gOT_gfAlCC3PYLrutSm1fGRsgk-MCUxrNvCZ1h619YMPgmXm7-NoTBGx_R0o0wGZR5XXcgrjilbJceXSsV9bfj-rG9b-C3qD9Kz9K5GvEOCXIPxAVTBkoUGlNtBPP8DCQiw9yQqPGIB1jra1SziSvvN6kiD2M6CcXnBsxD2OmsjRf7Kn9aNd_EoFnWE0eo0g_R9vdaOw5WuypqFhv48kleXpPr51Ke6Apt18AO-UPBx5iavaXmXH2Lg4VzUzhIfoDJlADZXJvEa6ORYq8XrNglvrv2GC3FjPFaGGHAgfBxSKmxynq5reWEqGQoO4-1sEvQZVS9TTQF5vKB6vx63WGpfgZ2svmMYRf-uY717H1jss376pgqUZuHqF9vYPQPbdVW5SGGvpcyP953SKDHNa-bFiZsXTlf5bOJ2VId%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D3969420673%26client%3Dca-pub-8735081706059215%26fa%3D3%26ifi%3D7%26uci%3Da!7%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=955480971544&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKcVcb5G5ZfnVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_Qra5ytFAGQsGMfOJFqyHUTs2MBtTYQcOu7imsJIMuoLBcxw8rXXzxFjO7QlwM2YIXwF2b0k676vbalOG_LHfuNk2BH5D9sgQiKKcQcqDXK5ebySRVOchP_7_niX1sjWy5WojpTarc9BgZdzK7jvz4fcttDtXv_HJ_T8XrjUEMH4hY0sts2jcTqRPtjGjQ01mFIl9BKiFAfSDy--IOyS2cu7VfmCbxbVsMemQ2RG8Nz5F0b2Odx-4RNc8P-FuGJtelbRlIhixtEZlBkjRBldCyzqKUjjzw6-T44Iy3I5qWd5uvyTrqAwQMPurSC3iFL7NDh3TABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3x_jjD7OIEd-B0WfX89cyQaMaw7g%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-CJ29sbE22OM72yWXpYf2pkiC2eG-QRIvvJQg1uoJPbwD2VIBeDqMM5XbbXPn_LjXZmhcUnsnYSkixDlasqTqW48ImfFNVl68fRT0nXCudJ31J9K6E1t7KSYAK_BXw11za9eIim7KuDBIiutSL0n2u6w2kSTUOIVuxJ7XSu2bgEwJ-UaO8%26cry%3D1%26dbm_d%3DAKAmf-ATqEvK0XLKsouAiY8XmayPNMVQwQwn1vw3TRWteuDVjlRV4UauBnOPQLcgFyvBAJB1KcNwE1Y9tlroWZUC-cYiuQkiOJRiB4Zw0GNeQGZkEdTSYFj8kO_R1kpYQMyEjJWNEbl2KqttHuFlQc6Ct5vhZxBZXmcIc5gOT_gfAlCC3PYLrutSm1fGRsgk-MCUxrNvCZ1h619YMPgmXm7-NoTBGx_R0o0wGZR5XXcgrjilbJceXSsV9bfj-rG9b-C3qD9Kz9K5GvEOCXIPxAVTBkoUGlNtBPP8DCQiw9yQqPGIB1jra1SziSvvN6kiD2M6CcXnBsxD2OmsjRf7Kn9aNd_EoFnWE0eo0g_R9vdaOw5WuypqFhv48kleXpPr51Ke6Apt18AO-UPBx5iavaXmXH2Lg4VzUzhIfoDJlADZXJvEa6ORYq8XrNglvrv2GC3FjPFaGGHAgfBxSKmxynq5reWEqGQoO4-1sEvQZVS9TTQF5vKB6vx63WGpfgZ2svmMYRf-uY717H1jss376pgqUZuHqF9vYPQPbdVW5SGGvpcyP953SKDHNa-bFiZsXTlf5bOJ2VId%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
35b34b1e408204f25d737391355f1847be494cdc24c04c354d4b2f458d27e1ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40455400004329204444456012586015
Connection
close
Content-Length
826
Expires
Wed, 31 Jan 2024 00:16:48 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3304082201146&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3304082201146&version=m202309260101&ct=77&x=1&cor=17445533050738540000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F5BB 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2evPc1-AG6_zpWFW0wn0EYiPPA6zxZYVjkXcj7NLLoMw6ycKOF04lCTJNydhWgLnB4XjZnqSNEnVi2noxs9WXLn6uUITzLIZNmagLjb7lhfd54nqUFyZE73qTDxEHHW2GpRejlrHlmndWLzme_Fj33n3QhGaIxR25YT9FYSM3odM7mxs&cry=1&dbm_d=AKAmf-CXIdpOsr8VXhPhLQuoGUrAZibjnPXPB5Ph3ynJCSPqBAc3TagVQHEHb0mjjDR-qH2zMyNHWloto5-XAlwsbzdnHfr8AG-WZzQI80mxK4Pp7EM4GSQMyr8FCvKygbejII0gwtnK8NmNH_FhMsAIH2V_0UjY3p30OW3phnRvWiEPDsE_d5JPMUjuY4SsA-L2d6oPfytRnDDmTbkPrDXfiPrTA8SXN4a0ioG9Ac1oV8ia3E3czfEw4wvu2XYCZK_r01AAvMo6XkCBBNsE7Ss5dS96NpxBBKw8Y58JAmf8-gA9bUxopi1ufH4Dfe-Xl9KiMR_AC_UlHSyNpMKg9WbB7qY0hFXS_UCxcgPPc4jmz5XM2tH4epHXNHWjz4ENuAHVocbJGgt8xN1dgYigE-3fLqer6gIfHuCg5D8U1CDw_UYW5LlbYqI6ohSiNG1WGl9pkhl54eLaswgTsCbDWPTHgd9AtCBf9_wHWwMQmgK9IH8pAM5fV8f2igR24G1XgNMGGreLT2VER0h7T6I9XLSZdlioOqoHfwGC73mGGtHM8ymylbrgKuh03ly5vh60IE3H1Q7cwqVvT8cEuZWUKkngnJzlLUPrrAfRtSVViuMRO-hbYiwD4FUq2vqb840P5sKiYxsWUMZ7ITul5WgcU7gtAV8eGq6jwyUrP08R-t5Uan374LZ-P1IN7pFwqzZ5M9u30_dW5hh1scFZ-reQqk_4NJ3RWEICe-sXiXdZ1bfp4kA2PE984blWkoPO8YtVkEOayzbQyN_UzjdaScnqt5hgWyJLI-5yuGGfkpouys6UQ1Hby5J5bE6djR1ERIJ8LmdC0on_i4GWbd43P1bMUXZVl4bdttCS2OdxajKL9dP8hSbRLt_9UYnmseDbgqGeQ4XRgqUV38VCGXnfdoDyG52ngumS2cy5BmoiG4kdGBb6QFC3QdmoSR5J2Dib9C7FQXWgAUHTLK1JbT3OfYKyojlgGNioUnnS9CozdFBF3CXnRTBFz_L2iBqOuzMApOJKJAI-34ZFs2MGC0GwK_scPfh_k0mM3nkAye-4yyyaYS06FjPUuEPK0CBw6uTF2la0fDbwTP6OBpGVbG_CCanG4t5g4-8IvcN3ZmI8ulq3YedUhfemTP688Uw-EGnLfN1ZA9Lm_apIKq7A1b_GMj38clz-IerTzCt2-8w4LSNOuf1CFX-vdabCGIKhlyRyJ9oxsMsG5jcVhK3JFPBdeG57t-MSTHo0CevIBpLnDjGK8R8hmUfdP4xu6--KJ8quhFHRBuQsbKgB404lq5MldtUQMkxZf69BV4TdjP4TtWZ_YwIkfXEoY0vykZd--jmQhddZnSE3CjKeI3eJYFVM_TjW6p7QdwUVANpAuhKjy8uXoZPuJbv0bZIwdBhgM1V7HZmGwFSCb0SkKGO8eTls446alGdLlDpkCjKDBmI556lSifrjhKOQw6AfaG3f6HHiTUyJyTTY_lN5xKB53g0lydAflhsIftfIrdw7V35pkqfVG6XQfHD91Ln5fSTD0bp4uHuf2ZzT7r3_WsL1-GODC1vZZmtZn592lt6erhjz3j1EYf2x5OLaodY6hIu7Pn5xi9VbxQjIcCUckH0ARe3HfDsvyB8imiAJewA9hpCDh1UyAZCVink8PrUasTzQE5EXr4lZn_PPsyA-nd8ROivzeHdKiMYAevRWZ0Q1a5_6H29Wqx5F1en1qK1HP9NRJ97dmPifodLdeHEFiDnNrMCWucv8lSpTb7C1qQmKlCubRrpF_cEkfQFXXPk8X1bBIpqpcVktHVtJ9Izyce-gLz5C2_OgWn_6AxBh79hNOVcwY0BczMHrLdZe5IahsUA2Og1tOslLGz08Gz7nT29DaprfQQ7RjNHYKC6w5MxqrjJRM5zxverCuLH562HBCA2BaVpvASbPC0W-HXJXoK32jkanwP39P_UlnHNliYQAiyKt3LTl9BiXD-dZ6kRligRiAYqpUYAKZEmri-SUSP8tbug5h5B2hOU8lhXmSMhOJNdPvMVlpJk1iKZIwDTPZ_98MOSQirktFqkrheoInbsiNOiHj88-aLGaUmuJ9m6-4mS5IZ3IOAdM_JAcH55Yt7yACiyUhyD-4GUsHeCZwT0I34jXyT2-reTZJq7_FCnOjroLiLo3pBFSj_r6k7wICB7rTMY6N0L1iX_vMcCJz6bppbj5Ie0c7KPT4vWIST6RB7qEIIAFNctGifpcglv2jMGgziSg2D8NCFu0B_6rdDAqlUz0-QvH-VvZ9XMEaI6Fx7mGaH2pP9rBRoNiPwbBlihKQ4QnZZiEuco2smt-DBVSs3LNPb8nfofmFUB7IpFYP0DFa5KB0_X9LqsxH_0_wYY9n3k7hxq4TC8xXFkUx16dMNOggLWpr8EC3q3K1dJb0IvDDnuIMQGtdgruZyvp7uIMLjK13SlwwYM7HSBSyOD8E9JohCuze_rek4xc0hPL4jthTZwA3BGlyhhPdVa5aTUlwVyPXEmyBqwshSx91z9q2sU2bPv8_E6rwozDbCtc3w4zN1XwkQZ41HGn47h9JaF2JD91ZyuITWiNBC7mETk1yaN1Kmx8llGoJ28IQmCaSLrh4Fcg5_sNdSWuiuXsMHjMqvN5o9d-m4xlUuHi54a88zRh7ss9-c1k6UpvDg5G5ipL5quDxR8Y3Ux__AANPFYKFLXz7ynt8yGkrLCb8wmuVkps6AUBQ95soRcxRxDsjI4onn_iItYOZBHdqfQ44AAWHQtRRCSEyRzwZsKoig2CJUwJ9BCSl4pngAKv1tmYkc4Jx5qKFbH8MqdJQDADLa_riqkgFZ3zIkjirWUJklvC8TW09qR68KXMqSe_ktxMWzvmmFOcvE1qlBZtVzdeoKvDdMoTgGO3-sOcfcMFJQ9MWQTAsKg2xGtfR5iNyvBvEKcaQJaKCobRvL7G3JDTZfbigpObbEPS1LcAVcAErzo5roMeVxQeejAnwpMXdmCSP3iG5g-h8vqn4El-z9f52_4tb3-guKrR9RhcadPUt6BBY_Krfd2dNOtNaBglDnXTzRzq3ck6jjAb4y5ClqEdCYFpkF4WENaWrYXkrb6n3ReMxypwqDrbScLP3TuAujAHy-Am_ox9UBTCe7uFy6f6F1_Bc3FEMMyWMH5woELsqGPP1b8E-MdzyEDY1exzuDXBiKtun_2IOj-i_wM-Ulu86UK6Ss5JMKj0kdrfz_OFd1ZtKFwHtx65HfMX60x-PBza6NVsadtZhgwwRFFvtMTlyOx-GObJSjyIMVArVGxU5mRHgdtiLSLGyQmexa8Ni_QBRW4AApdeN3Lc4naAFza6Q0sreq4_PgN1J_znfUZraF6_3TlJOPNjzMDetJxAsx4m7FstM2zxXQEHoZ4NREzMFTcsAc2o9aEEzB3wU3_qzzPzQhSmL3wsK_gW3Xh0tUQ1VrxYWAvnQUM39LwCzrs8bbFtMXV7j8cmI3q9Jx479cmPbeMespWy_aFmg7BqcfZYdssNHL5p_h9fDAK9DJlTwwhWkEnwRNvUwgo66N0X2bEL8WHVCI7jh4ix-iAIho5bGT2fIW2_7TOahMtsb_icibsqXcyBQbM2YOq7DIldLS2UnfwII01ccbeFha1qjYYb85ZqQbNkg1yNg-LvxaxZVziPy3rTZ-lv2nCD_zI83dou3zc1zS3oxSMney1EI6CnIUd4lB9ht2i7rmcH3M1AKG7jidPTXTkhNnuT8ytYytczdeJrR8IL4YjtKZdp9H7__2Xzcdi5yqD7izAMHlR-DDs6dtaNhAuk5eX9hV-dhy1ej6bTBHM-jZ7qzkEsNdb7n_YP8sAcwSTU8lw8fmiW8gE&cid=CAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=17445533050738540000&adk=1761367584&idt=70&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8265e6eeb632ddecf179337b706bcbff059808abaaf37fbacbfc78458cc98a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13714
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E221 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2113340163012&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2113340163012&version=m202309260101&ct=77&x=1&cor=3387904843446929000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3CD9 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeV_Cmiq3F9leEQNBLEJe0otRy_5IWFpC3oMb1HOyJCamBvSq_qhskGflue-1xWh38iio5XFEIaB-kNK01qmSEdMzLn_VNBdOn-9CskAXHEDmBDRx4Kwg16OJdtfSGP4q7xQQjTgM7XkeAVHTdUsCWBs2bVp4DENvYcYdU3-5wYxeSPBM&cry=1&dbm_d=AKAmf-AQC2EhRXsqzxYSgLFiI1bQSf4k8VtdqcogpH2HZiChBx0jNkoUQl-Jd1xCwLn0ySTiRJOQ_OS-M1-_xqsXrq_t7ljC_6I2KThjrE3uPGVYLGAYjyL1wednXWeeykhy4IqKx6yF-1qHLLb3YB-eLre1axNkLxxkXcCjfIV38FpcoIyzuBKF4amiAYUNZ5MZoprdBWfYIF8Ozj4et5lLAuB6fJJCuPNagK6o1KFer0XA0Cjd517z5rEbOvfbQyqRxwRCc7qV7J-Kp_eSP_kCFddxbkMPPym_ODSVhE9u7AXUH6DrDuIHaZ_2WvlcIH16buJ6JyaRLLKqnam-7P0hAoUNcM61OGEAByQXkeIxDv3EbNpVqjxlyUtcrHTSIxVV-fzH45MRGkOZX1kpY2LcLrCFEQrQg8WHiVMUzHK2qqSxjJuTj5ZtUQhTp5UAc0PnYnin6Am8tHYKY99u5aCjM62DciG7kKSyaxIRojTPXTVYHj-9qLMe_kPP4nCYWBe1Yh4AqCiTbxua1_RLqnfh7QLtIvgs1MMq196zhEd05WVSF6L-iI8NblRN0GuIJa6yi40Wfan6gFwGzelCoK5fxZcdsXKJmJOqIMKESB8N5iG6COYZhpsnDKKRSKI5UzTAP7l9_RlbZ9tM221fo37WbguFk8R5TVxaialoaT0yPs3R_PDx35BlihYTvDikmdJLiaj_xWW4D1QInNlME1pT1dXjjbfrCMeCrHAWEfJS-NjkJSeNGAXOvWj35W4F_j0zSdg42A7CbKZxfT9nGhAUbmaICk3ZlCxOzVs_qCAQCBUoS5GA8LuW7WY7QEggVJTmr4by5_jXwltdb3INgZQF80XYaanl9P0Ytx0Z6hmKC_a9tWdwXGTSJ_3B5WMvj3nDsORBYZlHjr_NUrTWgrbH_1lUxXIorJWRtUV1QHi5sRHXzUdBg7lEHd0at8nEW_mId3r25fwB7RuQQIC4zH-hncZlY8QKO2omiI6isu2FOGA3wq1sGqPROKLkk5JrnlYYAG1DF6KXw22UZIqdITMZvENJDkPASwZqnehJLWHs9Kf9CeHcjB3rVxm0lKvidsWNxp9RzDkYaw4bjPcQaDPmt_rLmeCShMCaw7QBf93MxqYyWzC_6bISkiojaTgL8ngWhej9OHUyFn_HPm9wi_UCgfYHAmHNqiF4wDmQnTgLRNwMQJLHo7ewDzs1__nOkdmUcNcKVqJEdjPnDq747omBwvT44iAuVqpcLaaA8opmvvGly3L5XrQRcfy5WmTlv4qQ4xqAHAJET0tAEpNPcKA6Xbjr3ntd9pkc7uEa9PqSeG7sMDjq3q5kNTjmfGyb5EzsgaeOFfHmSBEHsoxzOvuyY0cPx3aX-i_PNke0AtweikNwXqvC8g3i-XkcMFvkMWAoCLFrPF5dV5U758AXttQduVurq4IsS8rA31FYNxPQeHILU79NZ0uwwcsIlv5dXmUb3lOKMObZfNjbAzxxpSz6K3AKJws8ks6sHMVEUwXrMHMzc_IjWKxfMLKTV9gLBgWAagLBk6nCR2-u2oSc5xjxFp7t1gGbNMMD3RdbejL222RO0YF9dOq8qFmZ4DrYMCPE3MxIv-jGRPJl1QJnSZ5UuLRKfBASogjIpsrgbw8Gn1koztQDgmIVt35M55-KGp7fpsyN7CaMpBDHNQ3Nw6_FResXR9ut9JK6sXEhGVWvCCtUsBIBTdDjVcTT6lffTqe9o0i3OKmZCV_e6lIFtGq6HFpZXY-hXWdKsiXDcoE_6p5CJwV_PyLvx9bj5LwqK9EGqZwEkyWcEYdHyZctFZHCt9noF5oWpNqkxRJYbQxJ17clj7llPk7t1D7f_t8OBLA1D3lh73tX8Esz5dTiH-lZfRK23D8wt9qQUK9vluicvdjDVwsbNUWlcogrM7Js0ZNO_WVV9fitksJOLU97uIUueXcfogsTMRFtXmYgcZodZkMtChao5mR_FpUf8UIWVs9CjzK0RDPTmRU8bNb4kHh0FuMb3poFFljg86IvpEEnvGKWHUi-a2i2nR-ebt4kM-Diffzs4--46pIkEnAdbaX591bjKuheUDFAXpmLsOu9otk4g360wV-wRti6wCnxX6Dp2wWuYo4wIpGt_82IbKxqYhaLqtGVLB4-f2LqJzFge5-HIpLWg6fg5toRRsQm1wNPZDwtR09iowsOULJxGMRy441Cnodm3NcKjxHrA7yaRNM3gbmzVArlYeMqRy1YMlqOt1wzZenI2liSkOIaXvKLabsRwVgEcfMourSuhmArQefJEPMxekE2UxIuc-11zi9ESxNTYUi5ffivxezIQaSxJxE9uJ8L8f0mf0qFaWf4KfqHmX2Lk1rtAkbYreL58W8F2B_terRdvGW5R_uu3elmdrIZFj_hzkghx0Ydmt-t5r71k-I3nlVFfn8v68eSlsmw_po5jzMq__6wS3_e8_1-j7bYrlsNrVdd6SJn14DIYAbZAmlAh7OvzsU1XHoLfyP0e-5xNXXGtB1mWcwAd9_xPl147TiQlfdLvmRGb1m_zKbSelCEOGNublyQdNrZDxIV1NbNRDbwlFUnwN1xeYfH7GIXYe3MiJ_abfkj_n1d0gFUO3pC3CGgIqRRWlszAc2xVcq4aeMedbaDx81f6dOSEyLCerV5lj2IKMkJ17RwnwsSgaEdpR8SyxaSEdk8sqC0q7im7yIQG-w60L9ckeQVMcqf-ZQJDK4elDK2iE0gVUYwKUUBxV56cXiwtG-xEOr75gAcDyWUW7PwbQFdEAxSAJBBUXpSUyuJurQ2hqrA_ixj7XyfgjMve5474AmucfTr4A15zEG533vrfBFQ6DlTIxV_GOlPQYLz35XUfD39YfvLgvGVo2VsB4RFylEFJqXZ8vJ-w6NhU4OYC0K69NpU6RIBU6iD9AH129Kusg1aCx7q5TjM6XfwKrfJreBH_78efDqLkzStLEaQ06ehpbkjFECfCCmvcZMRfQvT4qe1GkrDYO0z4F8AuHB8pX_MSC36e3uQkYVFExQISDdlGQ9m-E76N_CdpbdbSgLrrT_LJ_asaMB-LsL59jOKysAWB2tL1jLK5AFntf_SSg-mhbRoHVpye-uQnvLmMd0Q7ReQvcH6_3KAOd-wcw7hxQWpC9V9pPy9cOeCRvSz7GICdHVYxTK6_KbwrUVU-G_iwuElpMlMR_mVWPbpiZwXUHpbfRB0fMycMvzQowqJmNPrfVLy_QYMxXhBcDiVl1UBlLXa-kPp53l_V7_ekDw3B4Q2DihejIMVhs-DBX3mLFj7_zEe4PdQsqgRg969hiYXKI8JF1yQX749ReG28VIL131NQMYs7y6E-BS0zidgJo1fSK6KtX9ukb8mMMKbMF4P_InbX4kZVf0EwIAsFtYaFEoyNn_CFpin3QgEEH8YAVddorMD5UojRvp1IAhQrZNQh5gUNTgstq_AY1owESxYRgkDXhyU_-eORvare5rzRYuEuid3d7myw-fnRTPcvALQDGs46gXCkv_eBQiJkcQl8mGfre3cXRpjPyc2NRD1I4LcuSegyuOP2kG8IdxlyXPN5y3zRF0y-A4-20bSmRmrB9DmFUnYolqmFD-eIyFSNfomesGoPYkuVc3YnMRXYe7f6IL9gSw2cj21s4bub6SsdNsW25Bd-f62NjpWGHL5hpp1vOKrSxbTsnvqbGFqKgnVuh4MigbUnGPqePZkuukv1NNrIXzw2kBNah7DBsnTmDrTHqNDIZ_st7JS-2tyvsPi29rqli3nhyBN0hHll93RyIa2CPRauIC0XtArtDcncy2_LgdEf3_gcfgpNwX-lrYIRTXGU55BQ36ZGww&cid=CAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=3387904843446929000&adk=497053792&idt=156&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e674d47b5c3a4397b5946fc5c72cfb57ca400b97f2f08673d831e467cad8c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13495
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4CEE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 968F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANlW9pT_nwJsiDttOOEKJvoT44VNuBURxTO0b7jtnAfsaVh9Iqoz_2m6RsOYmdHFLXh-SUS2UWvWDkCRWSbbj4ta8dKeeFeZ_kabTgObUtWzg6N-ZNYR8RTlrGCcbOAujSH_fcnsZv_y11HCkMMNcuCNknH81m8xgG53TXW42xkj2zcKw&cry=1&dbm_d=AKAmf-Bw2SbQsZNO2j5yBYDHRZImrAydWig8lUeF5Dk5OQa7h17jnJSBStECwW7J9sSaa34aMQaNC5RP0WJfhQJPtCATp9-qgN_mBAUKpXyvB4c1l81kJr4VYXhGim3-ECuvPKWczh8xmalhF3DCmGMazCiHWeie3e5GJrP9Un5i-LqOje7wFLBqLqj6uMsRdez5YzuCPR2J2tUkPhl1S8WdiUwrkf2P6ui3KjKuIql1TmOZ__dYAmOXjsO8Ii4gnAdNXe7VdCz_uAHXEShw-aBgX0P9J6p_CclNDgNlUVmrCL6u-gEClYKnfOXK4nm8qK_LVbOR-Vi1ZO77juFBub_4j-BbmjxrtK5H884IhitI03C5mHhGsULcjD0ZYS1S476RpSMzF2hx6xwJDn86qGSa0fqxvUmApkaESU4QXjign-j50aeYivw0H4xXpck3F2FY6fxXCwbVg0248SA-2K5iwB5nr1tS6q25QIWFrvEp813STuFXeVifs19tibLszmgizQ5JZXyQb2NoVTVIcgdSvcCTFR90PO8abFHrILy0n0QPAf2Sn1W1xWgwYMqfiekbqEskbO6S8VsW8TyWjG-c6epfVIlyLrinV66IzZTwXzAK9ONOZvaLRpbnm2CBBfcsghxAHwGDtp2TPDIsMtBGJa5WwKIDnvXqVhJ-bLIl9NNQMgIqdCO_qscdEAAQ5MFMzzjwRVoAf8LO88rCB3igbCSVZHgkl6RunrKi2eVuivmmn9mg8IPRQvR3ef-KSRmcOqw854YwilCpxqFgKrN_xyn8uvchci9PBPs3lB1rq0bxbedH5_FhmWOb6ccdZhi3p83x9zg_00BeK_RQ8-9TmjoobAjvTgOYB5tAiI1Jy1kviFzvSpLKsPvUmPxOB3CxqHOKgUWXALc1EJ7h1_ABbjokWtYVrrvzF_Kaj3CNhqxtNuYHzPCw2Wj3YKsNBIXpHDUUiUcwAcjpbJ854WA2M1KTJxZgQHdHYDE8AxfOWB6eRTMP780oMfbe9tKhAeas8NiPXMXk0SlNx3fAIkK5wKl6nTs0RBYiCHtyuLQDWOhizsakWy5GZQ-2Cpc48AreM4tw0i-wWTlnaqMydaYS3KTthEcgDHliSvCgMrMYCVaIQUWXKp7EwgcbUPWnlA9KSij47vj8roMnZOB0zAAZiRhs39xXICotXWrF19_4G_trP6N9n1a7iYZH9oehk9LJbJDUI1F93bOhHMYARizS4M1rpsRqa9L43GZklphCMbKQGI2HXXDbH3fV5SMyJcammMoVwqGQcJ8UWYSuzo82RokfmyBOKXOjGJ8E3qnOgvki9py3xivDqne1ZCIArkmxi6VxKUyhb0xebl771gIMFzypNgaef-2Ze9cN_x57RXwV6CCxYhddbJ6n_GKvt6TOLaYMbLYSNJl94EHV1ZYJMSvNoy9rtzruD61VQJJAWylmLqZzA_FPN2NNhwz2oWKzV-j3jPSlcYhGX482UQiwd_M3NgOp94FerlwYXZFRN7NyKc5D01q1xkWBobzYzq4eQtOFJ2p1_lXu0qnwi3sEnn9Av8Sp4kiunfHorBtqJaBMymjDRGdGI1ZP6_TUPSuUuf1M4LcSnde1Jq7LBDSLQVkV2ntZvGTFPs92U2nYIUZn3XS90NKPggEEG61QMj-rfk3HZD8bsLIDFbAnPiW8vBWsxsZc6edz5IHoBEwChTTACybMoJCWx8_xLitv32Ei3UPSgShi6PaOhd8VQX5p8Sc16RQiezQTm5ogI0cbmjAk_h3Vn-ebk1odaBP56EXKRSzSD1CwoT0H_W3hjR-_WxKslo5GSX-tphPTOpsY6NMMFLwy5QEhjvPBqmgTZXMG9-fPpklxZIv0376qGydYp_EcSlacwFDHN02uipClQUuacARn6ARyhKij9mJlRBFUALWrNt-zrx68r2ZNFwRNGSEtBAjH1RdOnX_w8fabJWiUWbCuV4dGtKXhWSSnD0eTMnCrelzwLDsaovV9G-9bFfomT1lnBnVyWCk2ib5u6fgjI0bXaSfnv3mjkfDMOtPhi6LhuJ7MLSzEeb1oIFXsr-pJSGFLITORfaT-TTjMOksuGDhNdalyPzX-VWK3fLFg82YdqNQCSiWM8MtDv1mTF5YlfJw21xqqkuiAtSXliiKKuJfXPJ5Of_4ywFxkivsOu1LMEjig-LSPvULrn_-dxd2uisFsjmvhDc957_MnFTMpUGU3WiHv2iDP8j5j4PpM1aY--p67xErNy2kX8antQYqlEsAQhKYbPEVs4rAN092n1Jogkk4X5HmJsXCfWgXYvy1b_RKNzIsoYmDW2tE1_sDUiniuFDxQYQw7wRj5CN_EWnQs3XPq-inomgcoEufe7l90ALQ9KgS8JOo4vulimqUwaCOHi1eRi15PfqOgcWCfzT2hAUSRP_0ShzqIjD6a8admHeF54Zu5JiB-hEj6Z8FFEXLK9CKEa7o42YMmDeFKWfntwJcmFvdC4lFT_v0FnKDfOKpUhutbzy6lGx0V6uRfEgTycBP7CjErWWwQZsflCX8GCpS6vdo7HGUNfic24xFX3_ZhjsyY1sKBFl97RKy4uHsuS_YAhzNm7m04sR9UEx4Zm9THbvHA2Zm7MffLwxYoUOQjU9z8fVzbpQPzkQ5ZxzDmtm_JhiB11rp0bCOV-z3wagYKQLZ5RTltp4yMgcTU5beHpn-Kxsskx8jNZ--V2uEj_5GgkPbCML7_jr7WUSXAbIIgs2eDK9Sx99RCkPe8tE-UZvUPVjvpUVF89g13K3_fZ4iaY1LOsqgbAPBXTOwtTQWQNFWb0WoMwHSxh_C3pyke2QDmy5T_wRDIj64PHpKjKfCPrNQkfDWCe5T2vExbwrWeFR4hCHy5mbP9R1SN9KX1LiaSTcY3kJLhmPiobtkIjBYZA4HldzAOWS9EdS5NEO8Pcqz6G-fNCrmu4MwCgFH_F-KtVJ62FVbjjlidfF9A3ps5BWkpe3sjyAZdAgnuVBxX3IgZwLmWSgDHXx3266pCC-pe_Th30jQAIlWNj4t5nqadlgZGnPyvWqpQ680_NuiTaNion8Ghrb_21fuLtxjM2oP_c6rhymT7JMmG3UlPRWzYYtqwsloFu7Dh7W3RGnQYxvA1s-c4sumyoQSnKXP5ey37pqvoFYlEKcjKedWXLFnMkXfColjPXbs52PnVQBTQuE2qYQ1HxHYB7it5auASBUMTBlCdb4EOlFsr8kqhoR_08u8QLX6Uz8i6mp5L1fW5dBYk1etZqsrVq34-kvt-eMqzkMQx7iW-X8yb7VGSFNqpmA2cbFne02Tjc7qmHIivfzmHahOO7FrITIifmoVSHfjK3R4vjnJpE5NhWTK76TieIkl-g_mJxpX5q17eBf4ib8LNwILu9vPHaLBIIKiIFsxye8HOaLUTk6oad_hGKz8E2TaWQaKgG9EHdObaGMUQiQgOoKP9UgiMRxf-02PoTJAT97ZOmGkzXy2cM-eHPk48kri1C_HCbojlYpItCLfDTqtNBHV8bWc9eyRAY1QXHKjA551JlqwyFXK3TjaR2bTlC6TyQqEHFEaRsfaerDPRqBE9zP_7jYnx1jJGBmy-qtR_U2f9_ZYzqiy6dgdO5F7vJL_y1I6xO10wUAXIsZhvlWEZOcBhgA1f8pVbOd-xopPdZ_ZaPl_AhvtJ9SD3iXaJzgOBg26tIQJsR6u3kL1Ms5viP9d9wyZUiA7PM2m277AtES3sdhe6qNMT1Q-imZZruW4_jynnhh6jHdn_ErKcNHjJjDXCNYQIZ2k3gwoXF1I9UkaD9wdbLZUCe5sIrNzirAOU3mb-KG9LjAJhkU0eZ52DDmUwFAlIdg6YSRP4z1tfkE2LP5MJC5SE0_yy_g&cid=CAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=17910811709961826000&adk=1726166463&idt=91&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODY1ODM5MAogIHNlcnZlcl9pcDogMTI2MDYyOTQzCiAgcHJvY2Vzc19pZDogODM5NzM0ODQyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQz...
ad.doubleclick.net/ddm/activity/ Frame 968F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODY1ODM5MAogIHNlcnZlcl9pcDogMTI2MDYyOTQzCiAgcHJvY2Vzc19pZDogODM5NzM0ODQyCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDExODY4OTQzCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDI4MTQ4MzI5NDg3NjMzMjgyNDQKZGVidWdfa2V5OiA3NzUzODI5MzMxMjExMzc3MDI0CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0zMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjYzNTY5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDYyODAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x78d40ffc22dd737b0000000000000000"},"debug_key":"7753829331211377024","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2814832948763328244"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbrkb4s8ehf6
hal9000.redintelligence.net/zone/ Frame 968F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj2LScJG5ZdfiEJfkkdUPxoyJqAPM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GU92AoqMbWmhDNLvCgpeJ9ZZ5GwKT1J0S73YpfgKEd2L3iJzA-6_FNpuzJjgwjKV0w_sFJNq_6ANnso1mUsl6LJTJKxIoq_qbQRTC11lK_6vp0q522jZQEFaagsNJ03GhFxrXQl7VkMD_FB99jc7yZ0mHDnXlZ4J7n31tS8Ah5olHVxPB3gv-UTaQga4XwW27LDAPfGLG6d6a7FdZ3S6HnUHPDipWBQC1YLrvnzPyfH_rZBy1qEgEmbM5IAj7ij2KUf9mTExEqxllaq-iBa3yyC3HCvTUqwnrfEisgbpxTUqTgx6pEMWnDB-zpMVe_nUDRgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCi3dushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB%26sig%3DAOD64_108TuHkCHPYxHKaD8Csv1xotTQvA%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-C7Qob-TvQ1kbBavYTeRWGAOJihkivXlzmOZOFfNMsSU_5zeqB6YSekYxLOBFhjsu0G1ajYneehWI2oV6KsXghjlbSPjk1cMdWESBr5mvrthAymx26-vjgWxn6E_OEREwYi4m7wlFxxoUqle_mYkZGbZV6hthOuzQP7D6LH4OC5xu-rkSI%26cry%3D1%26dbm_d%3DAKAmf-A5UoA7ZJYuPraZtGo8EfKP2Qn6yw1DbfHRZ9ZnEQcsivbzIf7p_e1Wt13G6vSx8hTz9Mmq7QSegfXL-nUsoZH18cF1cFrC7CEpLgiK-UcabK2mkCuGqGAnr_N-GQSv3rTTMdV4k4EaHlZWoaw72Dfppdhy6NBNK5_5HUV2qNVDTxZjcDSgSQEwDhQEvm_gIxY3AaW62zZKAPliFBphNPNfRnuTQaySMhXtKWH9uJXKZlsfjby3rBgjGFB2Z0Kvs2ko3gWpo8o_L2sZfHILzt7yY2TsKUxY2wjPno9ybIlsgnmfP2Ru0cazzan9I_oKa-_ixoYk25BRj3RGGR7GrI6rZZNV-DknffiMHiLLqSf5FfiYRKnlty4_eimqiF4iQ6JqjS-g4XQl_VqHYuV1hAhXMsRTbfeFqlt7iyvXFFX2kydU3yLk8gRsRtaI4_kztnxYOVkPr39vkk1ngGRMzCYxT8E4fnHj8RbShiIVdV76EjMYatkhcWwMLfwe3u-YlV0rkESw03O65bwq541c7QicY8R4YKu2MBsWc_CYSN89tNtU8ldnvmI1BjI9FvQmNCZJlK-E%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
154b11ce382d3367fac3656bb8ba63cdb7668e7383ef084c5b81267740f90317

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4158
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
www.googleadservices.com/pagead/ar-adview/ Frame D488
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ChnN5b5G5ZfvVK7eGnsEPuem-YJHeiIFvvauAof8Q29keEAEg0bGHJ2CRhKCFjBigAer5o7YCyAEBqQKhwvBC-yeyPqgDAcgDywSqBNUBT9AqyqK29Uo_eoEIYHcHavtCIJkerp3dGyIB3UM...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216089488192301914002%22,%22debug_reporting%22:true,%22destination%22:%22https://comarch.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216089488192301914002%22,%22debug_reporting%22:true,%22destination%22:%22https://comarch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650706154%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227858276822895631185%22}&andc=true
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"16089488192301914002","debug_reporting":true,"destination":"https://comarch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650706154"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"7858276822895631185"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 31 Jan 2024 00:16:49 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16089488192301914002","debug_reporting":true,"destination":"https://comarch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["650706154"],"22":["true"],"4":["01-31"],"6":["true"]},"priority":"500","source_event_id":"7858276822895631185"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
request.php
hal900012.redintelligence.net/ Frame ED95 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=744567d6a7&subid=&uid=c396c3648b33fa19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D3969420674%26client%3Dca-pub-8735081706059215%26fa%3D4%26ifi%3D8%26uci%3Da!8%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1371391622562&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
4519d44f81136789630fc14cecd43b5e004c8cda43ee4a434dffdb5268bde7cb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
36178700004364004444456012586012
Connection
close
Content-Length
832
Expires
Wed, 31 Jan 2024 00:16:48 +0100
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 0D51 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
18923
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 19:01:25 GMT
/
ti.tradetracker.net/ Frame DC4D 		435 B
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=2005487&amp;a=70002&amp;r=30629900004884704444450012586026&amp;t=js&amp;wid=tt-47a8ea
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92e93defe9954b7d99eab18db2e99f951f97c3d9f71938e4711374d25bd065c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900026.redintelligence.net/ Frame BBC3 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request.php?zone=8e4hjwsd4phy&nw=20&renderingType=javascript&namespace=c36c33b9fd&subid=&uid=efd403a7ceaf3111&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCTGcdb5G5ZauqKsTgnsEPnMG46AvM-Yagafu5x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObhICABKoE8AFP0JYmi2fjv3HDNrTGM2VOrXyo4SHbUCRGlPihQmsFJMgDe3xTON2UPtmQfxzwIQz52cnJEclX10eDycf1rchSKOiiHYbJqrxOCPvMLQRvF23AUaTOXzxXre_QN8WPnwRPmOIwiNVfsRed4G4IMuqrTqBHOmXSfGHUq46tG1zg0lce304FO5IaDGTYEbKk5iLnOybWEIqk3a6dviDXUifY7jwRL67UAxJMlv4eDh2FGKkkpvOAFSYXhL-iUz3ZNv0CLLWCbhlSk7LkUNEIUeFtdYSXOM3Mf9f4Xs7DlbZV_BXpqQW4cn0Nx-Nc7Qezn1HABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY9Oi526yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB%26sig%3DAOD64_3-xjhDo1lE6qwShNVsBXa5enXTqg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-Bvn_EhVq_UkkRD60sYJkJrbfk1Nw_D0kNibR-iYAq142VQcDiIx6L85zGmuE17fA8fQEtcwFX6y2TMwIgZGST6KwVvxzxx-bF3vpbnJ5NYsZTElgWzeQT-_vFoyLpFEpMZZGvR5YDw411ESLfM6OZJ4sPtgYcG3-3K1qwhsDzDgguVwVM%26cry%3D1%26dbm_d%3DAKAmf-DynN-5pbZQukkKWt3g3OXFQo3q9xD4P4AqI9R_CtGZgiO7WbFMIUk6XTMnLCumlOaU7vzhh0iTut4Ge9vKEKien_EfM2Zq644vPNzHHSZ8pSOjTlBUnQqncC5os0Is1m99jt1oOZm8NhYA24lMOq7N7QWqWVI3UrxEKffW_S_S2sh2lKWFIJ1josWY817pTGWEO46R1vCz4NpoXIEOqpLVOhbLfr_nus-WxT1v6T2QR1d6JXYRHxNaGJErEz5m1SuFlEL4Xk95201AHwsRHvwCOOn61x-KNKSGFzR3JWvHU4CWOBVknc0MR9x2K8UHcnP_Bc7tTvnL2AaqOz3SbUe6z6dDB3x0Jxkc8oPIAdWwvj6INle4xa4LscZAhYIWbYpep2TJpm-2XYoLEOwsP3EkEeVqkKbnHcc-p_1mkgbjwW4RhUtoQ2Vt1OYK4_UWcn_Lb8aSyFg0pvt5ibAmFuXQkryoVXanInkc9v35Iq-aSmQ5Od_dRClFEEY0dYifSx8RSalXRJ90coVeBvBc6274koilU6ZP-YCUkwIgmAr5BuEtN5T01rQ3poCstiWU0KEFmOrh%26adurl%3D&documentReferer=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ancestorOrigins=http%3A%2F%2Fforum.guiadohacker.com.br&random=212680113987&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
c7307fafe3f1108e118621d6f04137fd35b00e4f95789aba33d8c652649e08cb

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2383
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:48 GMT
Expires
Wed, 31 Jan 2024 00:16:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame DC4D 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446776&v=57629&q=470847&r=235229&pref1=30629900004884704444450012586026&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame DC4D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eab38f03997f8fa7c502dc3b333f81b7c69c014bd4be2e7839605c486c6aa671

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DAE2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F5BB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D2evPc1-AG6_zpWFW0wn0EYiPPA6zxZYVjkXcj7NLLoMw6ycKOF04lCTJNydhWgLnB4XjZnqSNEnVi2noxs9WXLn6uUITzLIZNmagLjb7lhfd54nqUFyZE73qTDxEHHW2GpRejlrHlmndWLzme_Fj33n3QhGaIxR25YT9FYSM3odM7mxs&cry=1&dbm_d=AKAmf-CXIdpOsr8VXhPhLQuoGUrAZibjnPXPB5Ph3ynJCSPqBAc3TagVQHEHb0mjjDR-qH2zMyNHWloto5-XAlwsbzdnHfr8AG-WZzQI80mxK4Pp7EM4GSQMyr8FCvKygbejII0gwtnK8NmNH_FhMsAIH2V_0UjY3p30OW3phnRvWiEPDsE_d5JPMUjuY4SsA-L2d6oPfytRnDDmTbkPrDXfiPrTA8SXN4a0ioG9Ac1oV8ia3E3czfEw4wvu2XYCZK_r01AAvMo6XkCBBNsE7Ss5dS96NpxBBKw8Y58JAmf8-gA9bUxopi1ufH4Dfe-Xl9KiMR_AC_UlHSyNpMKg9WbB7qY0hFXS_UCxcgPPc4jmz5XM2tH4epHXNHWjz4ENuAHVocbJGgt8xN1dgYigE-3fLqer6gIfHuCg5D8U1CDw_UYW5LlbYqI6ohSiNG1WGl9pkhl54eLaswgTsCbDWPTHgd9AtCBf9_wHWwMQmgK9IH8pAM5fV8f2igR24G1XgNMGGreLT2VER0h7T6I9XLSZdlioOqoHfwGC73mGGtHM8ymylbrgKuh03ly5vh60IE3H1Q7cwqVvT8cEuZWUKkngnJzlLUPrrAfRtSVViuMRO-hbYiwD4FUq2vqb840P5sKiYxsWUMZ7ITul5WgcU7gtAV8eGq6jwyUrP08R-t5Uan374LZ-P1IN7pFwqzZ5M9u30_dW5hh1scFZ-reQqk_4NJ3RWEICe-sXiXdZ1bfp4kA2PE984blWkoPO8YtVkEOayzbQyN_UzjdaScnqt5hgWyJLI-5yuGGfkpouys6UQ1Hby5J5bE6djR1ERIJ8LmdC0on_i4GWbd43P1bMUXZVl4bdttCS2OdxajKL9dP8hSbRLt_9UYnmseDbgqGeQ4XRgqUV38VCGXnfdoDyG52ngumS2cy5BmoiG4kdGBb6QFC3QdmoSR5J2Dib9C7FQXWgAUHTLK1JbT3OfYKyojlgGNioUnnS9CozdFBF3CXnRTBFz_L2iBqOuzMApOJKJAI-34ZFs2MGC0GwK_scPfh_k0mM3nkAye-4yyyaYS06FjPUuEPK0CBw6uTF2la0fDbwTP6OBpGVbG_CCanG4t5g4-8IvcN3ZmI8ulq3YedUhfemTP688Uw-EGnLfN1ZA9Lm_apIKq7A1b_GMj38clz-IerTzCt2-8w4LSNOuf1CFX-vdabCGIKhlyRyJ9oxsMsG5jcVhK3JFPBdeG57t-MSTHo0CevIBpLnDjGK8R8hmUfdP4xu6--KJ8quhFHRBuQsbKgB404lq5MldtUQMkxZf69BV4TdjP4TtWZ_YwIkfXEoY0vykZd--jmQhddZnSE3CjKeI3eJYFVM_TjW6p7QdwUVANpAuhKjy8uXoZPuJbv0bZIwdBhgM1V7HZmGwFSCb0SkKGO8eTls446alGdLlDpkCjKDBmI556lSifrjhKOQw6AfaG3f6HHiTUyJyTTY_lN5xKB53g0lydAflhsIftfIrdw7V35pkqfVG6XQfHD91Ln5fSTD0bp4uHuf2ZzT7r3_WsL1-GODC1vZZmtZn592lt6erhjz3j1EYf2x5OLaodY6hIu7Pn5xi9VbxQjIcCUckH0ARe3HfDsvyB8imiAJewA9hpCDh1UyAZCVink8PrUasTzQE5EXr4lZn_PPsyA-nd8ROivzeHdKiMYAevRWZ0Q1a5_6H29Wqx5F1en1qK1HP9NRJ97dmPifodLdeHEFiDnNrMCWucv8lSpTb7C1qQmKlCubRrpF_cEkfQFXXPk8X1bBIpqpcVktHVtJ9Izyce-gLz5C2_OgWn_6AxBh79hNOVcwY0BczMHrLdZe5IahsUA2Og1tOslLGz08Gz7nT29DaprfQQ7RjNHYKC6w5MxqrjJRM5zxverCuLH562HBCA2BaVpvASbPC0W-HXJXoK32jkanwP39P_UlnHNliYQAiyKt3LTl9BiXD-dZ6kRligRiAYqpUYAKZEmri-SUSP8tbug5h5B2hOU8lhXmSMhOJNdPvMVlpJk1iKZIwDTPZ_98MOSQirktFqkrheoInbsiNOiHj88-aLGaUmuJ9m6-4mS5IZ3IOAdM_JAcH55Yt7yACiyUhyD-4GUsHeCZwT0I34jXyT2-reTZJq7_FCnOjroLiLo3pBFSj_r6k7wICB7rTMY6N0L1iX_vMcCJz6bppbj5Ie0c7KPT4vWIST6RB7qEIIAFNctGifpcglv2jMGgziSg2D8NCFu0B_6rdDAqlUz0-QvH-VvZ9XMEaI6Fx7mGaH2pP9rBRoNiPwbBlihKQ4QnZZiEuco2smt-DBVSs3LNPb8nfofmFUB7IpFYP0DFa5KB0_X9LqsxH_0_wYY9n3k7hxq4TC8xXFkUx16dMNOggLWpr8EC3q3K1dJb0IvDDnuIMQGtdgruZyvp7uIMLjK13SlwwYM7HSBSyOD8E9JohCuze_rek4xc0hPL4jthTZwA3BGlyhhPdVa5aTUlwVyPXEmyBqwshSx91z9q2sU2bPv8_E6rwozDbCtc3w4zN1XwkQZ41HGn47h9JaF2JD91ZyuITWiNBC7mETk1yaN1Kmx8llGoJ28IQmCaSLrh4Fcg5_sNdSWuiuXsMHjMqvN5o9d-m4xlUuHi54a88zRh7ss9-c1k6UpvDg5G5ipL5quDxR8Y3Ux__AANPFYKFLXz7ynt8yGkrLCb8wmuVkps6AUBQ95soRcxRxDsjI4onn_iItYOZBHdqfQ44AAWHQtRRCSEyRzwZsKoig2CJUwJ9BCSl4pngAKv1tmYkc4Jx5qKFbH8MqdJQDADLa_riqkgFZ3zIkjirWUJklvC8TW09qR68KXMqSe_ktxMWzvmmFOcvE1qlBZtVzdeoKvDdMoTgGO3-sOcfcMFJQ9MWQTAsKg2xGtfR5iNyvBvEKcaQJaKCobRvL7G3JDTZfbigpObbEPS1LcAVcAErzo5roMeVxQeejAnwpMXdmCSP3iG5g-h8vqn4El-z9f52_4tb3-guKrR9RhcadPUt6BBY_Krfd2dNOtNaBglDnXTzRzq3ck6jjAb4y5ClqEdCYFpkF4WENaWrYXkrb6n3ReMxypwqDrbScLP3TuAujAHy-Am_ox9UBTCe7uFy6f6F1_Bc3FEMMyWMH5woELsqGPP1b8E-MdzyEDY1exzuDXBiKtun_2IOj-i_wM-Ulu86UK6Ss5JMKj0kdrfz_OFd1ZtKFwHtx65HfMX60x-PBza6NVsadtZhgwwRFFvtMTlyOx-GObJSjyIMVArVGxU5mRHgdtiLSLGyQmexa8Ni_QBRW4AApdeN3Lc4naAFza6Q0sreq4_PgN1J_znfUZraF6_3TlJOPNjzMDetJxAsx4m7FstM2zxXQEHoZ4NREzMFTcsAc2o9aEEzB3wU3_qzzPzQhSmL3wsK_gW3Xh0tUQ1VrxYWAvnQUM39LwCzrs8bbFtMXV7j8cmI3q9Jx479cmPbeMespWy_aFmg7BqcfZYdssNHL5p_h9fDAK9DJlTwwhWkEnwRNvUwgo66N0X2bEL8WHVCI7jh4ix-iAIho5bGT2fIW2_7TOahMtsb_icibsqXcyBQbM2YOq7DIldLS2UnfwII01ccbeFha1qjYYb85ZqQbNkg1yNg-LvxaxZVziPy3rTZ-lv2nCD_zI83dou3zc1zS3oxSMney1EI6CnIUd4lB9ht2i7rmcH3M1AKG7jidPTXTkhNnuT8ytYytczdeJrR8IL4YjtKZdp9H7__2Xzcdi5yqD7izAMHlR-DDs6dtaNhAuk5eX9hV-dhy1ej6bTBHM-jZ7qzkEsNdb7n_YP8sAcwSTU8lw8fmiW8gE&cid=CAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=17445533050738540000&adk=1761367584&idt=70&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODcwNzA0NgogIHNlcnZlcl9pcDogMTI2MDU5MjMwCiAgcHJvY2Vzc19pZDogMjk2OTU3NTMxOAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame F5BB 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODcwNzA0NgogIHNlcnZlcl9pcDogMTI2MDU5MjMwCiAgcHJvY2Vzc19pZDogMjk2OTU3NTMxOAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMTM5NjA1MDc2NjE0Mjg3NDY0NwpkZWJ1Z19rZXk6IDExODEzNzc3MDI3ODY0NzAxNDE4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0zMSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMjYzNTY5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MzgzMDIxMDEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDYyODAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x78d40ffc22dd737b0000000000000000"},"debug_key":"11813777027864701418","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"11396050766142874647"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbrkb4s8ehf6
hal9000.redintelligence.net/zone/ Frame F5BB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxZbIcJG5ZYCSEJOAkdUP8P2H8A3M-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GJSDzsrAqPGby0brnZE4uvNeQ-o_TZBYmimTkWatPYPHy6SwEGJRYIpskTNiPN8Xx1-ZrCfGdmNn3Rd-hSlxZ4BXR1Hg9em5RH_b5wcz_Lulz_Ecw2rtBd9KZ_3gTXSAsNtvsDJAoBy0lIc6-Ay-I9yYL4UCe1-EvseUvDBTd-TDppFESUYa0fV4aAJrnJRH_OyV0jG3tr0iSq02nzJRHw6JXU5vvDSxfQaUCvwVPCIJCkBeRPWKz1fw1Hwf3gClXf-Z11A8Tv9Aj0Qx6PagRSgVnvkyz-Thk326LNKaKLA9oDkl_aQgJsiflGn886XltJOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3N3NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB%26sig%3DAOD64_1_ZK1bq4ggnIcDgrY2BsURRj-2qg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-DKYpr2hJdXqy5w5R8oVQAIoEkvattNVYT6bI8quIZ5T_xGH6DZ5YRN8eQwAoES0rrsq_8xUtKu7J-K3dX-94VAjDhcF1rDMb-MTroYB5DiUFHokPvxAzbw93_5vetuntDQ9V72NthcVOqOCehnES3ps1OR63KU5vva3ZEdoBVV51m9XUs%26cry%3D1%26dbm_d%3DAKAmf-D2lBft_Jypqth-x6HB0snjPqoiZe5GQ2pw93mPjjcddZMVMIkP48w21ZSxRGyRZfnOUnxjAqLDuQVaBbZACbKdAvTleDmJV4qPyNeZkzx3rr75PeV6K6aT7ZFVHj7dgkQPS8sUqxQyFTZxcyxXdUkjFm8A3M5f9gEBqrN_Vb7AMibcNCdOtaobH7kDzFM_KsIDgm7Ho66MlXjqhEfkLdz0HOWUc2_-_N2U8Pbm6X02aQ0m-MQWCFwm2SY9tYu47FqlX0HOhEP0m9hgFbssI1ywWafNJuIKe4Q-ediAJ_02zBg-yeFJ4KWvhLC7G4jZCWccWQb0ipMiJ7lQruvWQ4EWJ4ioou1bJcDBqNGhR8OqJk_ibk6-muIYGA7dwugUNNf-130YRc-p8oeQL9bTcH1qcjn6xlQk8OlW7kVZk4YH4HYvuZLFCh02HdacZz7ugUrBsa7pALfNL3ykG3BI62ugUkvFlJGBTMu-pgH84EsMYhh-jCij5yUmqmTm-Jafuip90rI6h8O7bktOcu8qdkgcrSO3wla_UDxzrG7PSPgq2RkeMMmI2uIN8Q2HiCq9Tvzw7f2F%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
f096cea72d2a27beeefcb29bc62583a8bf2db673a1972e1dfc6de8d63d9fec25

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4144
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216089488192301914002%22,%22debug_reporting%22:true,%22destination%22:%22https://comarch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22650706154%22],%2222%22:[%22true%22],%224%22:[%2201-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227858276822895631185%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 31 Jan 2024 00:16:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3CD9 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AeV_Cmiq3F9leEQNBLEJe0otRy_5IWFpC3oMb1HOyJCamBvSq_qhskGflue-1xWh38iio5XFEIaB-kNK01qmSEdMzLn_VNBdOn-9CskAXHEDmBDRx4Kwg16OJdtfSGP4q7xQQjTgM7XkeAVHTdUsCWBs2bVp4DENvYcYdU3-5wYxeSPBM&cry=1&dbm_d=AKAmf-AQC2EhRXsqzxYSgLFiI1bQSf4k8VtdqcogpH2HZiChBx0jNkoUQl-Jd1xCwLn0ySTiRJOQ_OS-M1-_xqsXrq_t7ljC_6I2KThjrE3uPGVYLGAYjyL1wednXWeeykhy4IqKx6yF-1qHLLb3YB-eLre1axNkLxxkXcCjfIV38FpcoIyzuBKF4amiAYUNZ5MZoprdBWfYIF8Ozj4et5lLAuB6fJJCuPNagK6o1KFer0XA0Cjd517z5rEbOvfbQyqRxwRCc7qV7J-Kp_eSP_kCFddxbkMPPym_ODSVhE9u7AXUH6DrDuIHaZ_2WvlcIH16buJ6JyaRLLKqnam-7P0hAoUNcM61OGEAByQXkeIxDv3EbNpVqjxlyUtcrHTSIxVV-fzH45MRGkOZX1kpY2LcLrCFEQrQg8WHiVMUzHK2qqSxjJuTj5ZtUQhTp5UAc0PnYnin6Am8tHYKY99u5aCjM62DciG7kKSyaxIRojTPXTVYHj-9qLMe_kPP4nCYWBe1Yh4AqCiTbxua1_RLqnfh7QLtIvgs1MMq196zhEd05WVSF6L-iI8NblRN0GuIJa6yi40Wfan6gFwGzelCoK5fxZcdsXKJmJOqIMKESB8N5iG6COYZhpsnDKKRSKI5UzTAP7l9_RlbZ9tM221fo37WbguFk8R5TVxaialoaT0yPs3R_PDx35BlihYTvDikmdJLiaj_xWW4D1QInNlME1pT1dXjjbfrCMeCrHAWEfJS-NjkJSeNGAXOvWj35W4F_j0zSdg42A7CbKZxfT9nGhAUbmaICk3ZlCxOzVs_qCAQCBUoS5GA8LuW7WY7QEggVJTmr4by5_jXwltdb3INgZQF80XYaanl9P0Ytx0Z6hmKC_a9tWdwXGTSJ_3B5WMvj3nDsORBYZlHjr_NUrTWgrbH_1lUxXIorJWRtUV1QHi5sRHXzUdBg7lEHd0at8nEW_mId3r25fwB7RuQQIC4zH-hncZlY8QKO2omiI6isu2FOGA3wq1sGqPROKLkk5JrnlYYAG1DF6KXw22UZIqdITMZvENJDkPASwZqnehJLWHs9Kf9CeHcjB3rVxm0lKvidsWNxp9RzDkYaw4bjPcQaDPmt_rLmeCShMCaw7QBf93MxqYyWzC_6bISkiojaTgL8ngWhej9OHUyFn_HPm9wi_UCgfYHAmHNqiF4wDmQnTgLRNwMQJLHo7ewDzs1__nOkdmUcNcKVqJEdjPnDq747omBwvT44iAuVqpcLaaA8opmvvGly3L5XrQRcfy5WmTlv4qQ4xqAHAJET0tAEpNPcKA6Xbjr3ntd9pkc7uEa9PqSeG7sMDjq3q5kNTjmfGyb5EzsgaeOFfHmSBEHsoxzOvuyY0cPx3aX-i_PNke0AtweikNwXqvC8g3i-XkcMFvkMWAoCLFrPF5dV5U758AXttQduVurq4IsS8rA31FYNxPQeHILU79NZ0uwwcsIlv5dXmUb3lOKMObZfNjbAzxxpSz6K3AKJws8ks6sHMVEUwXrMHMzc_IjWKxfMLKTV9gLBgWAagLBk6nCR2-u2oSc5xjxFp7t1gGbNMMD3RdbejL222RO0YF9dOq8qFmZ4DrYMCPE3MxIv-jGRPJl1QJnSZ5UuLRKfBASogjIpsrgbw8Gn1koztQDgmIVt35M55-KGp7fpsyN7CaMpBDHNQ3Nw6_FResXR9ut9JK6sXEhGVWvCCtUsBIBTdDjVcTT6lffTqe9o0i3OKmZCV_e6lIFtGq6HFpZXY-hXWdKsiXDcoE_6p5CJwV_PyLvx9bj5LwqK9EGqZwEkyWcEYdHyZctFZHCt9noF5oWpNqkxRJYbQxJ17clj7llPk7t1D7f_t8OBLA1D3lh73tX8Esz5dTiH-lZfRK23D8wt9qQUK9vluicvdjDVwsbNUWlcogrM7Js0ZNO_WVV9fitksJOLU97uIUueXcfogsTMRFtXmYgcZodZkMtChao5mR_FpUf8UIWVs9CjzK0RDPTmRU8bNb4kHh0FuMb3poFFljg86IvpEEnvGKWHUi-a2i2nR-ebt4kM-Diffzs4--46pIkEnAdbaX591bjKuheUDFAXpmLsOu9otk4g360wV-wRti6wCnxX6Dp2wWuYo4wIpGt_82IbKxqYhaLqtGVLB4-f2LqJzFge5-HIpLWg6fg5toRRsQm1wNPZDwtR09iowsOULJxGMRy441Cnodm3NcKjxHrA7yaRNM3gbmzVArlYeMqRy1YMlqOt1wzZenI2liSkOIaXvKLabsRwVgEcfMourSuhmArQefJEPMxekE2UxIuc-11zi9ESxNTYUi5ffivxezIQaSxJxE9uJ8L8f0mf0qFaWf4KfqHmX2Lk1rtAkbYreL58W8F2B_terRdvGW5R_uu3elmdrIZFj_hzkghx0Ydmt-t5r71k-I3nlVFfn8v68eSlsmw_po5jzMq__6wS3_e8_1-j7bYrlsNrVdd6SJn14DIYAbZAmlAh7OvzsU1XHoLfyP0e-5xNXXGtB1mWcwAd9_xPl147TiQlfdLvmRGb1m_zKbSelCEOGNublyQdNrZDxIV1NbNRDbwlFUnwN1xeYfH7GIXYe3MiJ_abfkj_n1d0gFUO3pC3CGgIqRRWlszAc2xVcq4aeMedbaDx81f6dOSEyLCerV5lj2IKMkJ17RwnwsSgaEdpR8SyxaSEdk8sqC0q7im7yIQG-w60L9ckeQVMcqf-ZQJDK4elDK2iE0gVUYwKUUBxV56cXiwtG-xEOr75gAcDyWUW7PwbQFdEAxSAJBBUXpSUyuJurQ2hqrA_ixj7XyfgjMve5474AmucfTr4A15zEG533vrfBFQ6DlTIxV_GOlPQYLz35XUfD39YfvLgvGVo2VsB4RFylEFJqXZ8vJ-w6NhU4OYC0K69NpU6RIBU6iD9AH129Kusg1aCx7q5TjM6XfwKrfJreBH_78efDqLkzStLEaQ06ehpbkjFECfCCmvcZMRfQvT4qe1GkrDYO0z4F8AuHB8pX_MSC36e3uQkYVFExQISDdlGQ9m-E76N_CdpbdbSgLrrT_LJ_asaMB-LsL59jOKysAWB2tL1jLK5AFntf_SSg-mhbRoHVpye-uQnvLmMd0Q7ReQvcH6_3KAOd-wcw7hxQWpC9V9pPy9cOeCRvSz7GICdHVYxTK6_KbwrUVU-G_iwuElpMlMR_mVWPbpiZwXUHpbfRB0fMycMvzQowqJmNPrfVLy_QYMxXhBcDiVl1UBlLXa-kPp53l_V7_ekDw3B4Q2DihejIMVhs-DBX3mLFj7_zEe4PdQsqgRg969hiYXKI8JF1yQX749ReG28VIL131NQMYs7y6E-BS0zidgJo1fSK6KtX9ukb8mMMKbMF4P_InbX4kZVf0EwIAsFtYaFEoyNn_CFpin3QgEEH8YAVddorMD5UojRvp1IAhQrZNQh5gUNTgstq_AY1owESxYRgkDXhyU_-eORvare5rzRYuEuid3d7myw-fnRTPcvALQDGs46gXCkv_eBQiJkcQl8mGfre3cXRpjPyc2NRD1I4LcuSegyuOP2kG8IdxlyXPN5y3zRF0y-A4-20bSmRmrB9DmFUnYolqmFD-eIyFSNfomesGoPYkuVc3YnMRXYe7f6IL9gSw2cj21s4bub6SsdNsW25Bd-f62NjpWGHL5hpp1vOKrSxbTsnvqbGFqKgnVuh4MigbUnGPqePZkuukv1NNrIXzw2kBNah7DBsnTmDrTHqNDIZ_st7JS-2tyvsPi29rqli3nhyBN0hHll93RyIa2CPRauIC0XtArtDcncy2_LgdEf3_gcfgpNwX-lrYIRTXGU55BQ36ZGww&cid=CAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE&dv3_ver=m202309260101&rfl=http%3A%2F%2Fforum.guiadohacker.com.br%2F&ds=l&xdt=1&iif=1&cor=3387904843446929000&adk=497053792&idt=156&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 19:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 19:07:58 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODc1NjA4MAogIHNlcnZlcl9pcDogMTM0MDY5ODM4CiAgcHJvY2Vzc19pZDogMTA5MTMxNjY1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 3CD9 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjY2MDIwODc1NjA4MAogIHNlcnZlcl9pcDogMTM0MDY5ODM4CiAgcHJvY2Vzc19pZDogMTA5MTMxNjY1OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA2NzY5MjQwNjQyMzQ2MzQyNTY3CmRlYnVnX2tleTogMTU0MzYwMTg0ODY4MzMxMzEzMzQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTMxIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIyNjM1NjkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYzODMwMjEwMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwNjI4MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xe46fcef55b5dcd770000000000000000","13":"0x8b9d5c78845f2d7d0000000000000000","14":"0xccb70404b476ca110000000000000000","15":"0x78d40ffc22dd737b0000000000000000"},"debug_key":"15436018486833131334","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"6769240642346342567"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xbrkb4s8ehf6
hal9000.redintelligence.net/zone/ Frame 3CD9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh40UcJG5ZdWDEPf6nsEP1Muv8APM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0N-yQNG_hZwUYXzrJ_z7OG34jsgVtbapX5GiFMjAYEUJ7SVaaoB9WuObXSpY-1zjrjzRjANAE_jak5Of603W8e22i9QchMUkTP3664edmx8Y3utrjAXOCAZm4elcqi0LomUuPd9s4lKBrcE9ip_oBaar0k55kLonn_7jP0avVgaPH1VTj4fSOrQhteKgmCNNtUV1U3Q8rizWeTQACAzXANz5-OWtzZW-rHQCXs2YeX51di40Blm8WDlJA5pjDf1yDHCIM_D-Pq_7gxtA4y7-iC3a-D3zbtarXF_cfsWjS6k7SqAg7mxLSWB0VOZmbCufD4vxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNK53NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE%26sig%3DAOD64_0opOWVV0WDg-fC0h2p5gUOdGXDWQ%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-B2X3WlBlBnviRwhTXa3DfuIOsepYlQExNIG5f-5gA2kCBBxi1sZTDZ7omyiBqk05NEj9ZjJdh_c0XuubPMJAlGAX0rqa7uph4hnp2HRKQeenutwSNwtBn0c08GAtDoZoDD-PMw_pZ2oH0xDlWgeN7qtLmIFu0FFbrJw831BLZaxHmXWUk%26cry%3D1%26dbm_d%3DAKAmf-COqKdyCADiHGQxStnRncdL5-EpNd6vVIIsvgMaXOUwdGosOcgCEnaIjdDR7n76RGmCvY46fj2156BbNJJ4cfNgZo1KUF9zWuXS-Q88YyrM8vKsahaP-Su4E0jOjmTbt-QhXxi-GMmd6Fjdhb2wg0hWufdKQjD5XPK7doa5FgSPeffyWkNR7JPG868SDSKjkEOL-r66tuWdJ_xzE02HpL6uPWWcnQW2_a_i_Iv9jXYI6Uiei_cKi1LB2LjrzJBzapxqwDdr_pLyiOwwJHQHx2o6-0z5kn67jQli2MSVPXQmmCubbj-q3s42B-zrJPyponI4oxBY4JTpKA9ljCbgzHlXArmx352KEBTbHqwrwnrYG9qLcCX0pd0wd9vyVMdxdGW32mh8p-7SuhwU905t_A8xKbdfEfe9VyMhIQwzf88UdmYxttzRKRcCb2K9yYSR2WG5kBVhZ9_Vf-BHdeZ5N7OQOgJbi3o-3Hy5tOELrhjUSFZKjZ52rfVGOvENEzRsCqiHPlIhtW-IW9Z-P52rYU_VTYwDWyvczQgDXXYa7rwDBFT6-Ool6WXxnSLwhJCUgO-q4R9g%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
8de882b54bf5427cbe24f36a8454b0df3418fdc327c601a3d1fdafe380105381

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4146
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900010.redintelligence.net/ Frame 968F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=37742ded26&subid=&uid=245f3731d9573700&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj2LScJG5ZdfiEJfkkdUPxoyJqAPM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GU92AoqMbWmhDNLvCgpeJ9ZZ5GwKT1J0S73YpfgKEd2L3iJzA-6_FNpuzJjgwjKV0w_sFJNq_6ANnso1mUsl6LJTJKxIoq_qbQRTC11lK_6vp0q522jZQEFaagsNJ03GhFxrXQl7VkMD_FB99jc7yZ0mHDnXlZ4J7n31tS8Ah5olHVxPB3gv-UTaQga4XwW27LDAPfGLG6d6a7FdZ3S6HnUHPDipWBQC1YLrvnzPyfH_rZBy1qEgEmbM5IAj7ij2KUf9mTExEqxllaq-iBa3yyC3HCvTUqwnrfEisgbpxTUqTgx6pEMWnDB-zpMVe_nUDRgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCi3dushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB%26sig%3DAOD64_108TuHkCHPYxHKaD8Csv1xotTQvA%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-C7Qob-TvQ1kbBavYTeRWGAOJihkivXlzmOZOFfNMsSU_5zeqB6YSekYxLOBFhjsu0G1ajYneehWI2oV6KsXghjlbSPjk1cMdWESBr5mvrthAymx26-vjgWxn6E_OEREwYi4m7wlFxxoUqle_mYkZGbZV6hthOuzQP7D6LH4OC5xu-rkSI%26cry%3D1%26dbm_d%3DAKAmf-A5UoA7ZJYuPraZtGo8EfKP2Qn6yw1DbfHRZ9ZnEQcsivbzIf7p_e1Wt13G6vSx8hTz9Mmq7QSegfXL-nUsoZH18cF1cFrC7CEpLgiK-UcabK2mkCuGqGAnr_N-GQSv3rTTMdV4k4EaHlZWoaw72Dfppdhy6NBNK5_5HUV2qNVDTxZjcDSgSQEwDhQEvm_gIxY3AaW62zZKAPliFBphNPNfRnuTQaySMhXtKWH9uJXKZlsfjby3rBgjGFB2Z0Kvs2ko3gWpo8o_L2sZfHILzt7yY2TsKUxY2wjPno9ybIlsgnmfP2Ru0cazzan9I_oKa-_ixoYk25BRj3RGGR7GrI6rZZNV-DknffiMHiLLqSf5FfiYRKnlty4_eimqiF4iQ6JqjS-g4XQl_VqHYuV1hAhXMsRTbfeFqlt7iyvXFFX2kydU3yLk8gRsRtaI4_kztnxYOVkPr39vkk1ngGRMzCYxT8E4fnHj8RbShiIVdV76EjMYatkhcWwMLfwe3u-YlV0rkESw03O65bwq541c7QicY8R4YKu2MBsWc_CYSN89tNtU8ldnvmI1BjI9FvQmNCZJlK-E%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D1086052384%26adf%3D2026986284%26pi%3Dt.aa~a.2691208339~rp.2%26w%3D253%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D253x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2906%26idt%3D1%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C283x600%252C253x600%26nras%3D4%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D2329%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D11&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1674673736108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj2LScJG5ZdfiEJfkkdUPxoyJqAPM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GU92AoqMbWmhDNLvCgpeJ9ZZ5GwKT1J0S73YpfgKEd2L3iJzA-6_FNpuzJjgwjKV0w_sFJNq_6ANnso1mUsl6LJTJKxIoq_qbQRTC11lK_6vp0q522jZQEFaagsNJ03GhFxrXQl7VkMD_FB99jc7yZ0mHDnXlZ4J7n31tS8Ah5olHVxPB3gv-UTaQga4XwW27LDAPfGLG6d6a7FdZ3S6HnUHPDipWBQC1YLrvnzPyfH_rZBy1qEgEmbM5IAj7ij2KUf9mTExEqxllaq-iBa3yyC3HCvTUqwnrfEisgbpxTUqTgx6pEMWnDB-zpMVe_nUDRgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCi3dushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB%26sig%3DAOD64_108TuHkCHPYxHKaD8Csv1xotTQvA%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-C7Qob-TvQ1kbBavYTeRWGAOJihkivXlzmOZOFfNMsSU_5zeqB6YSekYxLOBFhjsu0G1ajYneehWI2oV6KsXghjlbSPjk1cMdWESBr5mvrthAymx26-vjgWxn6E_OEREwYi4m7wlFxxoUqle_mYkZGbZV6hthOuzQP7D6LH4OC5xu-rkSI%26cry%3D1%26dbm_d%3DAKAmf-A5UoA7ZJYuPraZtGo8EfKP2Qn6yw1DbfHRZ9ZnEQcsivbzIf7p_e1Wt13G6vSx8hTz9Mmq7QSegfXL-nUsoZH18cF1cFrC7CEpLgiK-UcabK2mkCuGqGAnr_N-GQSv3rTTMdV4k4EaHlZWoaw72Dfppdhy6NBNK5_5HUV2qNVDTxZjcDSgSQEwDhQEvm_gIxY3AaW62zZKAPliFBphNPNfRnuTQaySMhXtKWH9uJXKZlsfjby3rBgjGFB2Z0Kvs2ko3gWpo8o_L2sZfHILzt7yY2TsKUxY2wjPno9ybIlsgnmfP2Ru0cazzan9I_oKa-_ixoYk25BRj3RGGR7GrI6rZZNV-DknffiMHiLLqSf5FfiYRKnlty4_eimqiF4iQ6JqjS-g4XQl_VqHYuV1hAhXMsRTbfeFqlt7iyvXFFX2kydU3yLk8gRsRtaI4_kztnxYOVkPr39vkk1ngGRMzCYxT8E4fnHj8RbShiIVdV76EjMYatkhcWwMLfwe3u-YlV0rkESw03O65bwq541c7QicY8R4YKu2MBsWc_CYSN89tNtU8ldnvmI1BjI9FvQmNCZJlK-E%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5b69159ec4b07e75cf3b7e95d1358a38e247a1e6343b0bc7e3cfaddfd531a4bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
35977500004098304444456012586010
Connection
close
Content-Length
1082
Expires
Wed, 31 Jan 2024 00:16:48 +0100
css
fonts.googleapis.com/ Frame BBC3 		2 KB
434 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,700
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 23:23:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:48 GMT
/
hal9000.redintelligence.net/scale/ Frame BBC3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_image__1200x627.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
d1ab93ba7ceabb29cd52ed7e095b1eab3e7148c1f54049b9918df2d2848f1174

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13265
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame BBC3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/74975/creativesup/1200x627_2.jpeg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
1b88f80de32cac0e54c5ee866a361aa885d07baea12a1441a1af40614f21863e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11046
Vary
Accept-Encoding
Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9901 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7F58 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:08:18 GMT
expires
Wed, 29 Jan 2025 19:08:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cshow.php
www.awin1.com/ Frame C0F2 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=40455400004329204444456012586015&pv=1&pref2=guiadohacker.com.br
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=ed7b75594c&subid=&uid=4f96b933e07ba2a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKcVcb5G5ZfnVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_Qra5ytFAGQsGMfOJFqyHUTs2MBtTYQcOu7imsJIMuoLBcxw8rXXzxFjO7QlwM2YIXwF2b0k676vbalOG_LHfuNk2BH5D9sgQiKKcQcqDXK5ebySRVOchP_7_niX1sjWy5WojpTarc9BgZdzK7jvz4fcttDtXv_HJ_T8XrjUEMH4hY0sts2jcTqRPtjGjQ01mFIl9BKiFAfSDy--IOyS2cu7VfmCbxbVsMemQ2RG8Nz5F0b2Odx-4RNc8P-FuGJtelbRlIhixtEZlBkjRBldCyzqKUjjzw6-T44Iy3I5qWd5uvyTrqAwQMPurSC3iFL7NDh3TABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3x_jjD7OIEd-B0WfX89cyQaMaw7g%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-CJ29sbE22OM72yWXpYf2pkiC2eG-QRIvvJQg1uoJPbwD2VIBeDqMM5XbbXPn_LjXZmhcUnsnYSkixDlasqTqW48ImfFNVl68fRT0nXCudJ31J9K6E1t7KSYAK_BXw11za9eIim7KuDBIiutSL0n2u6w2kSTUOIVuxJ7XSu2bgEwJ-UaO8%26cry%3D1%26dbm_d%3DAKAmf-ATqEvK0XLKsouAiY8XmayPNMVQwQwn1vw3TRWteuDVjlRV4UauBnOPQLcgFyvBAJB1KcNwE1Y9tlroWZUC-cYiuQkiOJRiB4Zw0GNeQGZkEdTSYFj8kO_R1kpYQMyEjJWNEbl2KqttHuFlQc6Ct5vhZxBZXmcIc5gOT_gfAlCC3PYLrutSm1fGRsgk-MCUxrNvCZ1h619YMPgmXm7-NoTBGx_R0o0wGZR5XXcgrjilbJceXSsV9bfj-rG9b-C3qD9Kz9K5GvEOCXIPxAVTBkoUGlNtBPP8DCQiw9yQqPGIB1jra1SziSvvN6kiD2M6CcXnBsxD2OmsjRf7Kn9aNd_EoFnWE0eo0g_R9vdaOw5WuypqFhv48kleXpPr51Ke6Apt18AO-UPBx5iavaXmXH2Lg4VzUzhIfoDJlADZXJvEa6ORYq8XrNglvrv2GC3FjPFaGGHAgfBxSKmxynq5reWEqGQoO4-1sEvQZVS9TTQF5vKB6vx63WGpfgZ2svmMYRf-uY717H1jss376pgqUZuHqF9vYPQPbdVW5SGGvpcyP953SKDHNa-bFiZsXTlf5bOJ2VId%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D3969420673%26client%3Dca-pub-8735081706059215%26fa%3D3%26ifi%3D7%26uci%3Da!7%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=955480971544&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:16:48 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal900015.redintelligence.net/ Frame C82C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=ed7b75594c&subid=&uid=4f96b933e07ba2a3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKcVcb5G5ZfnVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_Qra5ytFAGQsGMfOJFqyHUTs2MBtTYQcOu7imsJIMuoLBcxw8rXXzxFjO7QlwM2YIXwF2b0k676vbalOG_LHfuNk2BH5D9sgQiKKcQcqDXK5ebySRVOchP_7_niX1sjWy5WojpTarc9BgZdzK7jvz4fcttDtXv_HJ_T8XrjUEMH4hY0sts2jcTqRPtjGjQ01mFIl9BKiFAfSDy--IOyS2cu7VfmCbxbVsMemQ2RG8Nz5F0b2Odx-4RNc8P-FuGJtelbRlIhixtEZlBkjRBldCyzqKUjjzw6-T44Iy3I5qWd5uvyTrqAwQMPurSC3iFL7NDh3TABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3x_jjD7OIEd-B0WfX89cyQaMaw7g%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-CJ29sbE22OM72yWXpYf2pkiC2eG-QRIvvJQg1uoJPbwD2VIBeDqMM5XbbXPn_LjXZmhcUnsnYSkixDlasqTqW48ImfFNVl68fRT0nXCudJ31J9K6E1t7KSYAK_BXw11za9eIim7KuDBIiutSL0n2u6w2kSTUOIVuxJ7XSu2bgEwJ-UaO8%26cry%3D1%26dbm_d%3DAKAmf-ATqEvK0XLKsouAiY8XmayPNMVQwQwn1vw3TRWteuDVjlRV4UauBnOPQLcgFyvBAJB1KcNwE1Y9tlroWZUC-cYiuQkiOJRiB4Zw0GNeQGZkEdTSYFj8kO_R1kpYQMyEjJWNEbl2KqttHuFlQc6Ct5vhZxBZXmcIc5gOT_gfAlCC3PYLrutSm1fGRsgk-MCUxrNvCZ1h619YMPgmXm7-NoTBGx_R0o0wGZR5XXcgrjilbJceXSsV9bfj-rG9b-C3qD9Kz9K5GvEOCXIPxAVTBkoUGlNtBPP8DCQiw9yQqPGIB1jra1SziSvvN6kiD2M6CcXnBsxD2OmsjRf7Kn9aNd_EoFnWE0eo0g_R9vdaOw5WuypqFhv48kleXpPr51Ke6Apt18AO-UPBx5iavaXmXH2Lg4VzUzhIfoDJlADZXJvEa6ORYq8XrNglvrv2GC3FjPFaGGHAgfBxSKmxynq5reWEqGQoO4-1sEvQZVS9TTQF5vKB6vx63WGpfgZ2svmMYRf-uY717H1jss376pgqUZuHqF9vYPQPbdVW5SGGvpcyP953SKDHNa-bFiZsXTlf5bOJ2VId%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D3969420673%26client%3Dca-pub-8735081706059215%26fa%3D3%26ifi%3D7%26uci%3Da!7%26btvi%3D4&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=955480971544&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
833501cc6610a168e4780cd7f6aaf831542227a38dd521d8afa343c4352aeec0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2153
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:48 GMT
Expires
Wed, 31 Jan 2024 00:16:48 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 578D 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2224451&v=15314&q=344291&r=235229&pref1=40455400004329204444456012586015&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 578D 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3501698&v=57805&q=476435&r=235229&pref1=40455400004329204444456012586015&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DAE2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
viewability
hal900026.redintelligence.net/ Frame BBC3 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=30629900004884704444450012586026&a=31a8c183&vb=m
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:48 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
request.php
hal900014.redintelligence.net/ Frame F5BB 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=21b30f3e00&subid=&uid=6db50661ce2243d2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxZbIcJG5ZYCSEJOAkdUP8P2H8A3M-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GJSDzsrAqPGby0brnZE4uvNeQ-o_TZBYmimTkWatPYPHy6SwEGJRYIpskTNiPN8Xx1-ZrCfGdmNn3Rd-hSlxZ4BXR1Hg9em5RH_b5wcz_Lulz_Ecw2rtBd9KZ_3gTXSAsNtvsDJAoBy0lIc6-Ay-I9yYL4UCe1-EvseUvDBTd-TDppFESUYa0fV4aAJrnJRH_OyV0jG3tr0iSq02nzJRHw6JXU5vvDSxfQaUCvwVPCIJCkBeRPWKz1fw1Hwf3gClXf-Z11A8Tv9Aj0Qx6PagRSgVnvkyz-Thk326LNKaKLA9oDkl_aQgJsiflGn886XltJOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3N3NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB%26sig%3DAOD64_1_ZK1bq4ggnIcDgrY2BsURRj-2qg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-DKYpr2hJdXqy5w5R8oVQAIoEkvattNVYT6bI8quIZ5T_xGH6DZ5YRN8eQwAoES0rrsq_8xUtKu7J-K3dX-94VAjDhcF1rDMb-MTroYB5DiUFHokPvxAzbw93_5vetuntDQ9V72NthcVOqOCehnES3ps1OR63KU5vva3ZEdoBVV51m9XUs%26cry%3D1%26dbm_d%3DAKAmf-D2lBft_Jypqth-x6HB0snjPqoiZe5GQ2pw93mPjjcddZMVMIkP48w21ZSxRGyRZfnOUnxjAqLDuQVaBbZACbKdAvTleDmJV4qPyNeZkzx3rr75PeV6K6aT7ZFVHj7dgkQPS8sUqxQyFTZxcyxXdUkjFm8A3M5f9gEBqrN_Vb7AMibcNCdOtaobH7kDzFM_KsIDgm7Ho66MlXjqhEfkLdz0HOWUc2_-_N2U8Pbm6X02aQ0m-MQWCFwm2SY9tYu47FqlX0HOhEP0m9hgFbssI1ywWafNJuIKe4Q-ediAJ_02zBg-yeFJ4KWvhLC7G4jZCWccWQb0ipMiJ7lQruvWQ4EWJ4ioou1bJcDBqNGhR8OqJk_ibk6-muIYGA7dwugUNNf-130YRc-p8oeQL9bTcH1qcjn6xlQk8OlW7kVZk4YH4HYvuZLFCh02HdacZz7ugUrBsa7pALfNL3ykG3BI62ugUkvFlJGBTMu-pgH84EsMYhh-jCij5yUmqmTm-Jafuip90rI6h8O7bktOcu8qdkgcrSO3wla_UDxzrG7PSPgq2RkeMMmI2uIN8Q2HiCq9Tvzw7f2F%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D2245448972%26adf%3D226508707%26pi%3Dt.aa~a.1130328051~rp.3%26w%3D253%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D253x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2905%26idt%3D-M%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C283x600%26nras%3D3%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D3281%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=6726984182793&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxZbIcJG5ZYCSEJOAkdUP8P2H8A3M-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GJSDzsrAqPGby0brnZE4uvNeQ-o_TZBYmimTkWatPYPHy6SwEGJRYIpskTNiPN8Xx1-ZrCfGdmNn3Rd-hSlxZ4BXR1Hg9em5RH_b5wcz_Lulz_Ecw2rtBd9KZ_3gTXSAsNtvsDJAoBy0lIc6-Ay-I9yYL4UCe1-EvseUvDBTd-TDppFESUYa0fV4aAJrnJRH_OyV0jG3tr0iSq02nzJRHw6JXU5vvDSxfQaUCvwVPCIJCkBeRPWKz1fw1Hwf3gClXf-Z11A8Tv9Aj0Qx6PagRSgVnvkyz-Thk326LNKaKLA9oDkl_aQgJsiflGn886XltJOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3N3NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB%26sig%3DAOD64_1_ZK1bq4ggnIcDgrY2BsURRj-2qg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-DKYpr2hJdXqy5w5R8oVQAIoEkvattNVYT6bI8quIZ5T_xGH6DZ5YRN8eQwAoES0rrsq_8xUtKu7J-K3dX-94VAjDhcF1rDMb-MTroYB5DiUFHokPvxAzbw93_5vetuntDQ9V72NthcVOqOCehnES3ps1OR63KU5vva3ZEdoBVV51m9XUs%26cry%3D1%26dbm_d%3DAKAmf-D2lBft_Jypqth-x6HB0snjPqoiZe5GQ2pw93mPjjcddZMVMIkP48w21ZSxRGyRZfnOUnxjAqLDuQVaBbZACbKdAvTleDmJV4qPyNeZkzx3rr75PeV6K6aT7ZFVHj7dgkQPS8sUqxQyFTZxcyxXdUkjFm8A3M5f9gEBqrN_Vb7AMibcNCdOtaobH7kDzFM_KsIDgm7Ho66MlXjqhEfkLdz0HOWUc2_-_N2U8Pbm6X02aQ0m-MQWCFwm2SY9tYu47FqlX0HOhEP0m9hgFbssI1ywWafNJuIKe4Q-ediAJ_02zBg-yeFJ4KWvhLC7G4jZCWccWQb0ipMiJ7lQruvWQ4EWJ4ioou1bJcDBqNGhR8OqJk_ibk6-muIYGA7dwugUNNf-130YRc-p8oeQL9bTcH1qcjn6xlQk8OlW7kVZk4YH4HYvuZLFCh02HdacZz7ugUrBsa7pALfNL3ykG3BI62ugUkvFlJGBTMu-pgH84EsMYhh-jCij5yUmqmTm-Jafuip90rI6h8O7bktOcu8qdkgcrSO3wla_UDxzrG7PSPgq2RkeMMmI2uIN8Q2HiCq9Tvzw7f2F%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
16c077372ec4548085171cfa1a189dc546f0e6b7adc732bfd14b5d7b9c906ca3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
47229600004328504444456012586014
Connection
close
Content-Length
1083
Expires
Wed, 31 Jan 2024 00:16:49 +0100
/
ti.tradetracker.net/ Frame BBC3 		434 B
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=558&amp;m=24180&amp;a=70002&amp;r=30629900004884704444450012586026&amp;t=js&amp;wid=tt-8b7f18
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2d869a8a90f0eaa973ca4de8cb259dae9261e2f845c67b1958c9fe933492d198

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request.php
hal900015.redintelligence.net/ Frame 3CD9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=d904f51e3b&subid=&uid=9d6e3fdbb359c0da&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh40UcJG5ZdWDEPf6nsEP1Muv8APM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0N-yQNG_hZwUYXzrJ_z7OG34jsgVtbapX5GiFMjAYEUJ7SVaaoB9WuObXSpY-1zjrjzRjANAE_jak5Of603W8e22i9QchMUkTP3664edmx8Y3utrjAXOCAZm4elcqi0LomUuPd9s4lKBrcE9ip_oBaar0k55kLonn_7jP0avVgaPH1VTj4fSOrQhteKgmCNNtUV1U3Q8rizWeTQACAzXANz5-OWtzZW-rHQCXs2YeX51di40Blm8WDlJA5pjDf1yDHCIM_D-Pq_7gxtA4y7-iC3a-D3zbtarXF_cfsWjS6k7SqAg7mxLSWB0VOZmbCufD4vxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNK53NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE%26sig%3DAOD64_0opOWVV0WDg-fC0h2p5gUOdGXDWQ%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-B2X3WlBlBnviRwhTXa3DfuIOsepYlQExNIG5f-5gA2kCBBxi1sZTDZ7omyiBqk05NEj9ZjJdh_c0XuubPMJAlGAX0rqa7uph4hnp2HRKQeenutwSNwtBn0c08GAtDoZoDD-PMw_pZ2oH0xDlWgeN7qtLmIFu0FFbrJw831BLZaxHmXWUk%26cry%3D1%26dbm_d%3DAKAmf-COqKdyCADiHGQxStnRncdL5-EpNd6vVIIsvgMaXOUwdGosOcgCEnaIjdDR7n76RGmCvY46fj2156BbNJJ4cfNgZo1KUF9zWuXS-Q88YyrM8vKsahaP-Su4E0jOjmTbt-QhXxi-GMmd6Fjdhb2wg0hWufdKQjD5XPK7doa5FgSPeffyWkNR7JPG868SDSKjkEOL-r66tuWdJ_xzE02HpL6uPWWcnQW2_a_i_Iv9jXYI6Uiei_cKi1LB2LjrzJBzapxqwDdr_pLyiOwwJHQHx2o6-0z5kn67jQli2MSVPXQmmCubbj-q3s42B-zrJPyponI4oxBY4JTpKA9ljCbgzHlXArmx352KEBTbHqwrwnrYG9qLcCX0pd0wd9vyVMdxdGW32mh8p-7SuhwU905t_A8xKbdfEfe9VyMhIQwzf88UdmYxttzRKRcCb2K9yYSR2WG5kBVhZ9_Vf-BHdeZ5N7OQOgJbi3o-3Hy5tOELrhjUSFZKjZ52rfVGOvENEzRsCqiHPlIhtW-IW9Z-P52rYU_VTYwDWyvczQgDXXYa7rwDBFT6-Ool6WXxnSLwhJCUgO-q4R9g%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D4143898702%26adf%3D2363923002%26pi%3Dt.aa~a.4287829732~rp.1%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D283x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2906%26idt%3D-M%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%26nras%3D2%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D1212%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=5536191408255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/xbrkb4s8ehf6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh40UcJG5ZdWDEPf6nsEP1Muv8APM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0N-yQNG_hZwUYXzrJ_z7OG34jsgVtbapX5GiFMjAYEUJ7SVaaoB9WuObXSpY-1zjrjzRjANAE_jak5Of603W8e22i9QchMUkTP3664edmx8Y3utrjAXOCAZm4elcqi0LomUuPd9s4lKBrcE9ip_oBaar0k55kLonn_7jP0avVgaPH1VTj4fSOrQhteKgmCNNtUV1U3Q8rizWeTQACAzXANz5-OWtzZW-rHQCXs2YeX51di40Blm8WDlJA5pjDf1yDHCIM_D-Pq_7gxtA4y7-iC3a-D3zbtarXF_cfsWjS6k7SqAg7mxLSWB0VOZmbCufD4vxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNK53NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE%26sig%3DAOD64_0opOWVV0WDg-fC0h2p5gUOdGXDWQ%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-B2X3WlBlBnviRwhTXa3DfuIOsepYlQExNIG5f-5gA2kCBBxi1sZTDZ7omyiBqk05NEj9ZjJdh_c0XuubPMJAlGAX0rqa7uph4hnp2HRKQeenutwSNwtBn0c08GAtDoZoDD-PMw_pZ2oH0xDlWgeN7qtLmIFu0FFbrJw831BLZaxHmXWUk%26cry%3D1%26dbm_d%3DAKAmf-COqKdyCADiHGQxStnRncdL5-EpNd6vVIIsvgMaXOUwdGosOcgCEnaIjdDR7n76RGmCvY46fj2156BbNJJ4cfNgZo1KUF9zWuXS-Q88YyrM8vKsahaP-Su4E0jOjmTbt-QhXxi-GMmd6Fjdhb2wg0hWufdKQjD5XPK7doa5FgSPeffyWkNR7JPG868SDSKjkEOL-r66tuWdJ_xzE02HpL6uPWWcnQW2_a_i_Iv9jXYI6Uiei_cKi1LB2LjrzJBzapxqwDdr_pLyiOwwJHQHx2o6-0z5kn67jQli2MSVPXQmmCubbj-q3s42B-zrJPyponI4oxBY4JTpKA9ljCbgzHlXArmx352KEBTbHqwrwnrYG9qLcCX0pd0wd9vyVMdxdGW32mh8p-7SuhwU905t_A8xKbdfEfe9VyMhIQwzf88UdmYxttzRKRcCb2K9yYSR2WG5kBVhZ9_Vf-BHdeZ5N7OQOgJbi3o-3Hy5tOELrhjUSFZKjZ52rfVGOvENEzRsCqiHPlIhtW-IW9Z-P52rYU_VTYwDWyvczQgDXXYa7rwDBFT6-Ool6WXxnSLwhJCUgO-q4R9g%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
2527f241112c404f4bec7ab2aaa702b0bcfbf4af49a267d25f8bf63e3df09c0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
61417200004329304444456012586015
Connection
close
Content-Length
1084
Expires
Wed, 31 Jan 2024 00:16:48 +0100
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 9901 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 7F58 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E221 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6YhocJG5ZYX7HZrB1PIPvIiW6AIAAAAAOAHgBAI&bg=!FBelF1jNAAa8BdJLnAU7ADQBe5WfOPqCKWUF0lIgjznxmJCQtr297A4U4DLrrNRRSaxx8sgsuTasYt1lQ2TaaYJrG5Y4AgAAALJSAAAAAWgBB5kDFhp2RajZk0IWJZ5T7E7Y9Tkw6O0-XehvHBM04hon_ZrWmmLSF09DEScdZYgI1spzLuVMw3JJ1VwRqOetwUQz6aPyIkSgCMSQeSSFz4opIdX5ChKCRtsWSn6VH04SfDf15BkNkXdZNl1HZuMAsfAeu49fpT9QUbmBlBqAgIG4VzXVv_9QDW1dNQhwpntBrMCr2Fzqrhvwz3L_qMg4fkWn6my-lbK8PkZPhdrFC8TZqnpqUMwla7o1NKckmeemWY3drstMra9dPIGfcndzaX_ZZ_jkr2JjFRKlBMTv2bai-dWFeEj7gzZ4tBu46cvhLoXYZYdLXfFQEnGjs6-aAXQYPTIiUUzflGILh-J9PeOLYx9eOo1uBxWgox2WHOpTB2PbUOd5H7MIu1333pTyQmYHsM74DQeqJzgJytsnwoh8Aax1FBWG3P1M4TArvxwqZ5eHw61e7wpDpADHH6IPDW1nz3hiGoyHxsgfWsjkOPJV2bmN0YL1MXS__JSrVamY_M4sTZ38XMig4BVpDN-bnMNpP3sEekgdIj8Y6sgUwaF2rDuyFK8pcgnG02_m12pmxGcmFAkG1dn6gTuMpeChAZQSea5aWgsDSB91qeKIKF-wgY0Y1QpMMjvMYi5nF_iJBt5rJzpg77LtYrcIv1YdpJRUbifYqbW0o_B9tyf8yveQYfMBrn5b36Vtluhix7ukExDHfUj3weL149BbUinxvL-nEMWIooSvTeJJ7dKxHGtQgIuIWSdn-hmIFiGYfD-h0Msz0W_B1nDvKT5ovVXu-ArVOlC2X8GbC_ZxsBCdMnDTgWXqyFpzqigEvm8ZStCjWJYHOxQzwv6rD68Zmyhta0wiszjHx6c1P9gBLvQ0YfG3-Uf-xcYiHnK1d0ff60--fKO5PyRcYKPvUeVClDQ75M5FYUJGRkScnxDi6RUjlXJ4B1X5LHaDumlg3mmIcDrjP0Xv22McUGMKwTl8rls7vVDKLyEmRYxSGET4ecrGQqexc-eRT-EY0lTbwNTWqhC7uFqD3u7gL4m70IR46clbVJ0WcIqJCF8eL8M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
static.tradetracker.net/nl/material_image/70/ Frame DC4D
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=2005487&a=70002&r=30629900004884704444450012586026&t=html
  • https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=90&slotname=2498095280&adk=3412615526&adf=1481771000&pi=t.ma~as.2498095280&w=728&lmt=1706660207&format=728x90&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&wgl=1&dt=1706660207298&bpp=2&bdt=1978&idt=359&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&correlator=1934803728806&frm=20&pv=2&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=362&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=366
Protocol
H2
Server
2600:9000:20b4:cc00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:13:07 GMT
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 13:45:41 GMT
server
nginx
x-amz-cf-pop
AMS58-P4
age
222
etag
"61c1da85-18254"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
98900
x-amz-cf-id
532H_ZT_QMiPZ1Ax0iroSHSV14OC66a2kB9h_81eQo2_ZB6o6Tc2wg==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/70/4d264f3bae6f2b10db14dab5d6f5fef3ae51cc.jpg
date
Wed, 31 Jan 2024 00:16:48 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CEE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcDJVcJG5ZfH9IbLm1PIPyrOa-AsAAAAAOAHgBAI&bg=!_f6l_rHNAAa8BdJLnAU7ADQBe5WfOIlsqffK29L-K4-4gdsYzmuWmkVmAj9koD4kEIeeIiKL9RKcOmW-4Ac778XaxACuAgAAAJRSAAAAAWgBB5kDHlIHSYxwLPaMRCkkLrf39rYGjT5Kq5xeLENbjgXO5DVQ8J0jTN4vEEee4zEPg5Sg7UWRuaQrCeaAwAr3uAceblQN3Z-v-6duZ3rPR7jJsm8O4eZvPtXqsE1p7ERjdiL6pMPr9byQQ7tfxsLcvMFE8GgOPnCbghVkCEG6vCRb_ovXt9t8tcRe_w_K5Qtrizgv27wTbLaFI7CHvs2z_kzX2fKzdme1-8d5pRVeWW-U4SVR_N6kF1PellNGmxN3wph9MQjKUZLCrI5WGft4Dm_ZNpyIql_XJgsrX_ICDoFHnuntwAbjwALBS2ewmeyNXEmyqes4kv5EVq9rz1VFZ1DUyXHHEJ9p23MRrfDZIJZuXazBJE_u9aW_urmbtoZ_G3PbrqIqLRWFy1L75QW7a0UGT2UHLxLoURWFEbNQbKGjY9NvkEcf6d-kq4f3yQO7CfPN2jCNMfBGZFT7WWfWMiqandmhbN4_sdD8tqlSriHYoS09cnv2IoDGTXHsg-gIIPnVwtmcR64nXRNIkel4DFD2hJ4jxwcS1UihBfJVwQwajfg5mEz0cbS3_E5yY4bT8fQS6qFP-9vK_sdb8EJQA1Pr6iKpnnpbV8F3pVL7Sr_yH3VVHAISHNr1I2kekXMCXDJYVNB8SJT0__j236w8LD0WNvcJWjHWsPIXVCsLRcjdAc5EpOQdsaDlJM6jCAPj8O-6mzcPJDW336q3UAvMRIq6WOmJZ0muhhQcKq2a79LL-bXdLrmOySY5IEHLzLxLou44iUDpqi279UPII6L50MFeukgVV4pG2kAX3aPQutebzytKPt5WtYbD0qGTWjxKyw8u8W4SGiP4FW02i04Jhzmpn9FX8gK0kRoDjrJGTD7TogWT7_tzHRNH__TSAXVgR-f9OCv6UNYkLsGBKp5RnDOO1KX9H7vkRa8Amb3NqUZB1-Ymglr7YxQZrTP1zZ3bS_oxvVWRLQD0vmxT0s1Ozx6PVPz5f99fr40xU31uU3ejEuDcQm1paD7tRY5RttlTOc0h9WrRU-srIalCnMjDRB9on5Qn0AD0j3OYuGpkALrdDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cshow.php
www.awin1.com/ Frame E023 		43 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=1031723&v=8472&q=318383&r=235229&pref1=36178700004364004444456012586012&pv=1&pref2=guiadohacker.com.br
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=744567d6a7&subid=&uid=c396c3648b33fa19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D3969420674%26client%3Dca-pub-8735081706059215%26fa%3D4%26ifi%3D8%26uci%3Da!8%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1371391622562&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
cshow.php
www.awin1.com/ Frame 0D5F 		43 B
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.awin1.com/cshow.php?s=2739664&v=8462&q=320784&r=235229&pref1=36178700004364004444456012586012&pv=1&pref2=guiadohacker.com.br
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=744567d6a7&subid=&uid=c396c3648b33fa19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D3969420674%26client%3Dca-pub-8735081706059215%26fa%3D4%26ifi%3D8%26uci%3Da!8%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1371391622562&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
request_content.php
hal900012.redintelligence.net/ Frame 03A0 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=744567d6a7&subid=&uid=c396c3648b33fa19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPG_7b5G5ZfrVK7eGnsEPuem-YMz5hqBps73H__cP8C4QASDRsYcnYJGEoIWMGMgBCakCocLwQvsnsj6oAwHIA5sEqgT0AU_QiAgJf_k40cWmBoAV8kG3zUXbYbJuvxp-jqrcHULoyJU11UK4l0EOyrCbujnu6pp6w3OLK-Sb7WhZDRB8YeqyQ3Y0dSDbfkCix7TecyiRDavFQNJZYx4i6PczdvnRYjt8_3r_OXX-UXP6HMT2GZb4QZYZlznj0iQsvtKQf5aeqU5Vfo8jwTJhTYVFz2d9eDxRtU1cpOGxuBMuH0UN-kl0aQNAiuJPDhgma2OupQj6Cl2EFRmPiYOIGnTvTANJQ6NOKIGSrCo0MEGGnJzLlg0VInUBe86BgkN3TLI1uuLIbvxClaXKT3rcYo09SKHOfrhnXNvABOrrzKPkA-AEA4gFla_h_T2QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY44i726yGhAOACgGYCwHICwGADAGqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB%26sig%3DAOD64_3ibJOLQyHrC1UZueBpaDfkBWS6tw%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-BwkAFTxU8WYkZi_2e94ip8E3NVV9XDBm9iWQI8IztGDjof-V0jqJf8TJDgLpzYW3wKdI_k_FubmjjiIsrPYNW-tKPWLOZ4t5PNevi8LKW2VOsZsOaTi2ja1CBRdR9IJgXife-6Ni0RIZMH8Uqccok2Tli7uQSnCCQKswliFurrEdzQGj4%26cry%3D1%26dbm_d%3DAKAmf-BGdxMO1JCHkhcMm628o3EN4rKon_RhAsCvoHiU8BoYz5PuGcOEsVXBSxtDr8FNfwJhKM7P9Rb3I7cr3AYZQySwe35VikjcZVU47Qo0TfpTzoyvbZ6KKsDjWewOBDPkwqdPpKvsPUB_WCJJSZKTFGkX0V_M4sB28XA4farFGDmwtLFQMo24qHSWzFdPJeHKDh5or0Jmpv67EsqrBXMyGngHxYweePg3-u3SI-IREd4KC__BnCcxIRM1T5dAVEbHc-0euk7vKws6Ig1S5kWHK68csdO_o8vkq7tqvZFEciF1-5maFGkKPjA58-KPtsSFFsZiLiLf1bW3OUcIlc50fjy53mjfKZNSra0IL1lM4PDicbkACNu_HkB4pj44J9MBwrPj5UBTVmWv8sQhqNLBtcjYktEmETt3Px1RHfb30xx4peWu6JLNPGfiXMNdcie8ukyGV4ycrzJ3QFr7mb6WgfnQcgR-7sjpQH-jPIsZRrQ86Tq3IxBl_96XKvurjMvd0Gh21be0D9TXuFsfZEYI4HIofzIz5uNXZgiAWyjTB3JvkkmSoXAlkmuq9TnmLNrHeUBLRDpg%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240124%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D3969420674%26client%3Dca-pub-8735081706059215%26fa%3D4%26ifi%3D8%26uci%3Da!8%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1371391622562&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
a51ab870eab8801ff78db2f86a61595ddc4f1b6b29384858dfe85280cb7fec73

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1999
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
Wed, 31 Jan 2024 00:16:49 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame ED95 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446756&v=57807&q=470845&r=235229&pref1=36178700004364004444456012586012&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
css
fonts.googleapis.com/ Frame C82C 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:49:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:48 GMT
/
hal9000.redintelligence.net/scale/ Frame C82C 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/52703/creativesup/sfeerbanner_1200x672.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
94ed5ad5bbc3af7b016812768d5dff032cd1b6c9a7e59b90e685c60613f3e47a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
28441
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame C82C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74973/creativesup/Costes-1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a12cbd41b420927e81846cfe75d359973ea20fb81d945bcdbd63ac2f790b9b36

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
5897
Vary
Accept-Encoding
Content-Type
image/png
imglaudius-nl-logo-120x60-1576844293931.png
a1.awin1.com/ads/awin/8177/ Frame C82C
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2582325&v=8177&q=316721&r=235229&pref1=40455400004329204444456012586015&pv=0
  • https://ui2.awin.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
  • https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
H2
Server
65.9.66.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-58.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91d149cdc0eba46d8512f56fe0f1312aec78279f103bfd77a415c41d1ddc7236

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
_x3EAs_goRVum4q7VVzSAbzinA_eg4Ee
date
Tue, 30 Jan 2024 02:27:46 GMT
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
78803
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10103
last-modified
Fri, 29 Jul 2022 15:14:21 GMT
server
AmazonS3
etag
"cb129a4dff86158296c0cf089661dd23"
content-type
image/png
cache-control
max-age=43200
accept-ranges
bytes
x-amz-cf-id
xZh6wIyWLv0HBxoK9Im8vS5cVfeq14Pzsy8IKF6ruXt2oNSE5vvvug==

Redirect headers

location
https://a1.awin1.com/ads/awin/8177/imglaudius-nl-logo-120x60-1576844293931.png
date
Wed, 31 Jan 2024 00:16:49 GMT
content-length
0
viewability
hal900015.redintelligence.net/ Frame C82C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=40455400004329204444456012586015&a=3fe8c410&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
static.tradetracker.net/nl/material_image/49/ Frame BBC3
Redirect Chain
  • https://ti.tradetracker.net/?c=558&m=24180&a=70002&r=30629900004884704444450012586026&t=html
  • https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
H2
Server
2600:9000:20b4:cc00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:15:12 GMT
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified
Thu, 16 Mar 2017 08:27:46 GMT
server
nginx
x-amz-cf-pop
AMS58-P4
age
166
etag
"58ca4c82-335a"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13146
x-amz-cf-id
cBePV-9uEnvjD1v45c1Uogqh04L42bnrdSYEvx8nnXCKPGfQAlzyEw==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/49/1f21095a5f4ae3c95070194bad8a5ad919a00b.jpg
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame 03A0 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:51:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 03A0 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/62900/creativesup/NativeAd_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
f71069a6df1a23123d477dd98b1b8c88873752a96d277d9d31854291da570883

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19302
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 03A0 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74971/creativesup/1200x627%20v1.jpeg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ac760158a44f0a3fce5de06d2d4a02a55e7e8de1227bc88330a5d4ab02e26d01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19572
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 03A0 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/56047/creativesup/frauen_highheels_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
2d5e6cd51cba0c9923f495725944bff8b1c15fc0e43ef8f5f0e34b947789bfd4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
23336
Vary
Accept-Encoding
Content-Type
image/png
/
ti.tradetracker.net/ Frame 968F 		435 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=2005488&amp;a=70002&amp;r=35977500004098304444456012586010&amp;t=js&amp;wid=tt-2c225a
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8e67e932b6db2a57556e429aaa27e2efbbb71e0aa734adc0f91145711e2104f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900010.redintelligence.net/ Frame 3F45 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=37742ded26&subid=&uid=245f3731d9573700&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCj2LScJG5ZdfiEJfkkdUPxoyJqAPM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GU92AoqMbWmhDNLvCgpeJ9ZZ5GwKT1J0S73YpfgKEd2L3iJzA-6_FNpuzJjgwjKV0w_sFJNq_6ANnso1mUsl6LJTJKxIoq_qbQRTC11lK_6vp0q522jZQEFaagsNJ03GhFxrXQl7VkMD_FB99jc7yZ0mHDnXlZ4J7n31tS8Ah5olHVxPB3gv-UTaQga4XwW27LDAPfGLG6d6a7FdZ3S6HnUHPDipWBQC1YLrvnzPyfH_rZBy1qEgEmbM5IAj7ij2KUf9mTExEqxllaq-iBa3yyC3HCvTUqwnrfEisgbpxTUqTgx6pEMWnDB-zpMVe_nUDRgwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPCi3dushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAbIYBRhNIgEA%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_fNVOZXC8Hs7G2K0cGZoQNNkIEUfN_hRpHIZJ3CIXasFlG2UPZpLtyb8xxE3dX7x77Wq5R51XVhgB%26sig%3DAOD64_108TuHkCHPYxHKaD8Csv1xotTQvA%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-C7Qob-TvQ1kbBavYTeRWGAOJihkivXlzmOZOFfNMsSU_5zeqB6YSekYxLOBFhjsu0G1ajYneehWI2oV6KsXghjlbSPjk1cMdWESBr5mvrthAymx26-vjgWxn6E_OEREwYi4m7wlFxxoUqle_mYkZGbZV6hthOuzQP7D6LH4OC5xu-rkSI%26cry%3D1%26dbm_d%3DAKAmf-A5UoA7ZJYuPraZtGo8EfKP2Qn6yw1DbfHRZ9ZnEQcsivbzIf7p_e1Wt13G6vSx8hTz9Mmq7QSegfXL-nUsoZH18cF1cFrC7CEpLgiK-UcabK2mkCuGqGAnr_N-GQSv3rTTMdV4k4EaHlZWoaw72Dfppdhy6NBNK5_5HUV2qNVDTxZjcDSgSQEwDhQEvm_gIxY3AaW62zZKAPliFBphNPNfRnuTQaySMhXtKWH9uJXKZlsfjby3rBgjGFB2Z0Kvs2ko3gWpo8o_L2sZfHILzt7yY2TsKUxY2wjPno9ybIlsgnmfP2Ru0cazzan9I_oKa-_ixoYk25BRj3RGGR7GrI6rZZNV-DknffiMHiLLqSf5FfiYRKnlty4_eimqiF4iQ6JqjS-g4XQl_VqHYuV1hAhXMsRTbfeFqlt7iyvXFFX2kydU3yLk8gRsRtaI4_kztnxYOVkPr39vkk1ngGRMzCYxT8E4fnHj8RbShiIVdV76EjMYatkhcWwMLfwe3u-YlV0rkESw03O65bwq541c7QicY8R4YKu2MBsWc_CYSN89tNtU8ldnvmI1BjI9FvQmNCZJlK-E%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D1086052384%26adf%3D2026986284%26pi%3Dt.aa~a.2691208339~rp.2%26w%3D253%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D253x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2906%26idt%3D1%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C283x600%252C253x600%26nras%3D4%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D2329%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D11&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=1674673736108&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0bfa871cc2ccfc9c9750ed5a2a24725e9da19497d37ef1df159dfc50085834ec

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2029
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
Wed, 31 Jan 2024 00:16:49 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 968F 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446756&v=57807&q=470845&r=235229&pref1=35977500004098304444456012586010&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 968F 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446776&v=57629&q=470847&r=235229&pref1=35977500004098304444456012586010&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A12D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
25565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 968F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ed2b588cf5ff8c81f1f2fd16bfbe48424a0b20ba9a89fb7e876d24233771b34

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAE2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlBFBcJG5ZdaXKN-ijuwPuqy1kAMAAAAAOAHgBAI&bg=!p6SlpOvNAAa8BdJLnAU7ADQBe5WfOPmA-yYRI-7-RsYhjq_gbyRce2bBX64LFcGOA69xx1F44BxQskvNvrlfMpotabC5AgAAAGRSAAAAAmgBBwoAcl_xk5CHJ6TEj1oO7-ifcWngL0JhGV4p1KXNHFsIibXAee5rfACF5cijGqxQkKHqhIfkPG1uNaMkuypRjMWnne4G8Mvk07uTW1T7wCqITH88amLS1dCA1zjZtx-84SU7QxP65blzqmVDc3r-4EpjW0hGXZkDG_Gzy84RItntdwolrhbnUgEx7odhfihIldyabEE8nhwGqNkZuc8tsIUrE0UIJ6qcTQOAgJA7WX-OLT9aI1SR2aCFUiuaKe2a-JU1A7oNYooVWAE47SR8YqiqNqiKBH_vY3SHkKCeJPbAQLd7IF7GEpynzv7N5B0X5deTyhaeYBaO9trnkMcP38_-X5c3XC5ilZ7TUXlFZTbBoO5rLk_n6jbuRGA6a7R4powC3ocBGHEw5LwLlW4CN26NQD3e3XNK88dICQ8Ax4FUJSjuXZ9xcjvd52_y-AQ2S9T33FS3nOGL0kHR6r9s6l31SbAnsmYhnpRLEBG7jLQv1FbcPi9xPVqudY3QHLUjzeZCrv-j0EuY1FvufEg2Jw8vp3czznYfDv5aTuQFRS55BlCoz1u0lu2ciOW3pcaklXsBXOKFXQAYSJv5rp4XaHovDGqPN3Rle9fj7iOCzyZMaXwfe69Q5cP1SWZzYHq8vatwo7ebvwZzme0vUNDYFFSX0u6Xi8CLRvdY4APyaJblX9ixJEOLKQvPBSq0WY6_prk_hUb9oDD6ai9WVp0c58vs9_L1Zr8Y3wIeRPNpgYwmbETJJb5cM38fU7n_CXxbW52CqGanpMtjonUPyRdT37VMze0TdHm2VslaETIeWmVtCt9qHex0CqVA0FaIZbgcZCKV-Fyu4OsbtnxhGdcobJ72d4307CCAfZNgyvr8UVEqd01uoTQaNp8KjKk2GwkqdRct_oUktasNZkcjnVVNpy8-rWLpiAzYVxKEvtf5m9axVMDgIQ28mnyCWoX767mDj8dapgOuQHqsKiqcmffluEdnoWchpovmwVy8czZDSiFJB3ARhi0Iy9DA_b7d_tlsyDP2Ug9yhbEpUI3KtGhifllIUV4n5oTXj1DGHXMlXvXDvHQGBP5VKo-9QgagdPrP--xUfM7N4jPRVJ4Rt3Gsjvf7Bi6gGjGxnjYIN4peUTd2tGyr2tyId-D5o27gMfrcoVC6wMTqCmLqbBZ9TUqRpr4V6IeY3xgjeWbYFP7l4tdXmv2-4Aq5joqV0Ye4B0aTyzveLA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900012.redintelligence.net/ Frame 03A0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=36178700004364004444456012586012&a=ea4bfae9&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9901 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BViJhcJG5ZeaTK96FjuwPlr-AiAsAAAAAOAHgBAI&bg=!XV6lXhHNAAa8BdJLnAU7ADQBe5WfOGHHOAbEoiQ4JNDulKSfHgi3zwU8NPBy7wirTcQa77Siqlpn7LO9T3HYGN8NBg2GAgAAAFFSAAAAAWgBB5kDDaQIzE7XBqBvMVD8onNMRQXHDJygIgMLmG433pLi0aCxx_Whlx-1aSb6KBfw3rtOt-j6QOY3OiwZRdD6bix9mnCmkMlv71NHRvR6waW7G64hjrLLmJlwhcrEezYL7SY1dI9GhDXXRInjKMhJMbMzfEV2hXFnNEr_yjKhVkPeE40nwh6PmnuMU1FosN2aAJesihTgjO66nuVYFvXOkAzDW6vkBovjyjyvNsgm1_sXHPwV9kPJPc59bEeAfLmysmjhAyVOMuGbuZ-Pu9fM4qSBv81PV5YHnK2_EBOGeetJ2ATgDyYFozwam5Ds4KEF-XrhP8qTP6kPBD1XfYZrpCv71eDZK2tgdMRbcje_-LaauIQw2CSsohaxCqfFZePtd_GJq-2DfAUbpD6L_yZb83D5N5hP9hPJPmH_JyjwGj1ZYdW8ZOsDwY7VkVGaJ9nyBYKnOYsAOLgjDCMHf17GY0o3bPWXI-JWrw0Ru8dFoMkqKggLi3V6TlbA4P2fA7DoWkX5uwvTgUeTueDBcv86ehnfl606Xk3pzTDUZKflD6LeugAYKcg4I-ryTajW0hleHia7UrrBP7RMTBHHcv3bXvHeycRBRzovI1NVA5f58PHZTSZX_YguobjN-4YM3LERj-roUZEqz1eIhmrJBNvlFCEb3Jbboq5VXursN75Rw7ZvnP1yHISCjyISa3GctTzyks_iyITjeECCZXd74xIVmg0g1M-Dv5QbEOYpdZ9o3tV-BX0OSeP70LQv3K4yFWPWrYe0ZO-smGij_cjqZO70cnqegqIoOUUMUd7NQtfc102LbPLl3eqZt00Zd-Kt-LimieDNhtWffFOnXqKCy36YiSa8dSz9djrwA2es6WW3snKxJG6S_rO1fntjXmQK25Wg0kbGKeOcP2a1ZAH5paxw9wTKbM6RrA1ud3ANN3dfvs9hjawDDsC2-sj-XrQA03XGkeuLXEz6Z20aCB-KSWdsJgmjqrRfac_wGE3WdJ6HxZVpkQVkVu27VApj2z2g4dVACyYXfSo-IZkyUteyF31_25g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ti.tradetracker.net/ Frame 3CD9 		435 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=2005488&amp;a=70002&amp;r=61417200004329304444456012586015&amp;t=js&amp;wid=tt-882fef
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c7712c858c0642bd08c583ca99175a02fe0854c90d59dafa5890db337c7c36a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900015.redintelligence.net/ Frame 9E7B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=d904f51e3b&subid=&uid=9d6e3fdbb359c0da&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCh40UcJG5ZdWDEPf6nsEP1Muv8APM-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0N-yQNG_hZwUYXzrJ_z7OG34jsgVtbapX5GiFMjAYEUJ7SVaaoB9WuObXSpY-1zjrjzRjANAE_jak5Of603W8e22i9QchMUkTP3664edmx8Y3utrjAXOCAZm4elcqi0LomUuPd9s4lKBrcE9ip_oBaar0k55kLonn_7jP0avVgaPH1VTj4fSOrQhteKgmCNNtUV1U3Q8rizWeTQACAzXANz5-OWtzZW-rHQCXs2YeX51di40Blm8WDlJA5pjDf1yDHCIM_D-Pq_7gxtA4y7-iC3a-D3zbtarXF_cfsWjS6k7SqAg7mxLSWB0VOZmbCufD4vxwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNK53NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwAvHhf_R6_gk9fCC6g20M1UN93iExO8b0yve5ztlozW8tZEgL-tWCuilZ2CxAa5dkc72yDWWlUHX6qTGAE%26sig%3DAOD64_0opOWVV0WDg-fC0h2p5gUOdGXDWQ%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-B2X3WlBlBnviRwhTXa3DfuIOsepYlQExNIG5f-5gA2kCBBxi1sZTDZ7omyiBqk05NEj9ZjJdh_c0XuubPMJAlGAX0rqa7uph4hnp2HRKQeenutwSNwtBn0c08GAtDoZoDD-PMw_pZ2oH0xDlWgeN7qtLmIFu0FFbrJw831BLZaxHmXWUk%26cry%3D1%26dbm_d%3DAKAmf-COqKdyCADiHGQxStnRncdL5-EpNd6vVIIsvgMaXOUwdGosOcgCEnaIjdDR7n76RGmCvY46fj2156BbNJJ4cfNgZo1KUF9zWuXS-Q88YyrM8vKsahaP-Su4E0jOjmTbt-QhXxi-GMmd6Fjdhb2wg0hWufdKQjD5XPK7doa5FgSPeffyWkNR7JPG868SDSKjkEOL-r66tuWdJ_xzE02HpL6uPWWcnQW2_a_i_Iv9jXYI6Uiei_cKi1LB2LjrzJBzapxqwDdr_pLyiOwwJHQHx2o6-0z5kn67jQli2MSVPXQmmCubbj-q3s42B-zrJPyponI4oxBY4JTpKA9ljCbgzHlXArmx352KEBTbHqwrwnrYG9qLcCX0pd0wd9vyVMdxdGW32mh8p-7SuhwU905t_A8xKbdfEfe9VyMhIQwzf88UdmYxttzRKRcCb2K9yYSR2WG5kBVhZ9_Vf-BHdeZ5N7OQOgJbi3o-3Hy5tOELrhjUSFZKjZ52rfVGOvENEzRsCqiHPlIhtW-IW9Z-P52rYU_VTYwDWyvczQgDXXYa7rwDBFT6-Ool6WXxnSLwhJCUgO-q4R9g%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D4143898702%26adf%3D2363923002%26pi%3Dt.aa~a.4287829732~rp.1%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D283x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2906%26idt%3D-M%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%26nras%3D2%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D1212%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D7&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=5536191408255&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
830270bd5b8984098a29aca0e2b3f59d979f28a209217090aeb7fa0dc8897d6c

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2026
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
Wed, 31 Jan 2024 00:16:49 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 3CD9 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446756&v=57807&q=470845&r=235229&pref1=61417200004329304444456012586015&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 3CD9 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446776&v=57629&q=470847&r=235229&pref1=61417200004329304444456012586015&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 61FB 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
25565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3CD9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
694bd6e7fe1ab56fdbee9ac99e2f11f64cefdd23c8c78d25a8ce34eea72189e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F58 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bt_MrcJG5ZfCSLs789u8Ps9ewiAQAAAAAOAHgBAI&bg=!QkGlQQ7NAAa8BdJLnAU7ADQBe5WfOBf0DsfG7ZqvgqY7113c7XZQq6yLaCFLNM1uDNH5DXT43aokvj8eIwvaATPJe89xAgAAAE5SAAAAAWgBB5kDDh8zBaLHD7cJfGN-MpPbrH-p5QaJaUYoHyCJePo1DTbZgW6tcUzg30olaO9kOOak4y7DoO9IEplOYQz7jWGD2jxJabDMDu1nCpURvIOPlGNScvqMa2_oZ6UehTdVQe75L8ur_m-ZWoyfRuV_c4qiMM41n-GB98dG1m-fkRvIJpzxVc6UFi3CoN1kB2n6e9k2CvO5PDor9Y9GbHun-8yqFFqmuJ5td95JAtpZK1kGKWx4JLpepUEXkoGj6JLNIJ1d6bV9BnMD8lNWEhZogNx8of2Uge1KYT1QnDF1SxCf6sB8bwFt-qm3Ba9V69lWBeKJsuqqyrREZw_7_9sJa0ZDzt2P0mpwThAMycd2rNf0UFNq4rqZ93Vu29xNXKS1zZjW0oxJ9Qxoq79X8MrSn2DVCsSNFiDlA9RilzpJlDwrIlDAaxRByNcLK9i5O8reD2632e-lZqIX_gVOSmnFikGkX6_XCqNYDp5vfGf7eLSlcR3wsQ_gZDctC39IB77MzCd_tvXTw5qxe2UcErVp_xUyidDqDCbwKotr1ynLHHF3Df9wR7pGBf0rKyU7ecEnM3qFcQqmErYbPm2GvmU5s-Cku7QOr77QggBydeBCe468SXMkpLc0PlV0zX-H-WuAUtJx4nuwVoWZGIIl-2X-Boc0-d4hJLtFrW9zsFQ4sDiv-S-xJXVTtt81D4kNW7p-akm3FAIszoMzYPWmfNHS0xlIpCpEJnLvUEU7ZMU41bkNncq6FbIUE_YqMOpQaH--qqF9nykeLOQFzHEKefemPD-ZyAnHfG6QdvAdILtINH3kG5dVIyj_Ob0c9etmycV2if8bIHaKtWm-tDfFO-8Nxo6_KKH_Jw_yQrA4pUzH8w9JIlWU9u60srkaEG4A_ekruxDrXC0Z5Uh8-ip5MZENDaw7mwllSTQTlyZVRDPPsb3-1gChRPyMlt-ZHzl48dknuwDi2C0_75maF4vUtuYtkOfyPzFOWM9nKhI1E2nPSf9P5VdjMD8N0Rb-8w6JPk4tDTnnpU0Kywu2AYhxM0nq9s6Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ti.tradetracker.net/ Frame F5BB 		435 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ti.tradetracker.net/?c=34211&amp;m=2005488&amp;a=70002&amp;r=47229600004328504444456012586014&amp;t=js&amp;wid=tt-142b9d
Requested by
Host: forum.guiadohacker.com.br
URL: http://forum.guiadohacker.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.227.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-227-52.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
52210a5a5ea6dbc60f787a5b8d70635c4d7907833d1f9af58863eef09e6250cc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/javascript; charset=UTF-8
request_content.php
hal900014.redintelligence.net/ Frame 571C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=xbrkb4s8ehf6&nw=20&renderingType=javascript&namespace=21b30f3e00&subid=&uid=6db50661ce2243d2&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxZbIcJG5ZYCSEJOAkdUP8P2H8A3M-YagabO9x__3D_AuEAEg0bGHJ2CRhKCFjBjIAQmpAqHC8EL7J7I-qAMByAObBKoE9AFP0GJSDzsrAqPGby0brnZE4uvNeQ-o_TZBYmimTkWatPYPHy6SwEGJRYIpskTNiPN8Xx1-ZrCfGdmNn3Rd-hSlxZ4BXR1Hg9em5RH_b5wcz_Lulz_Ecw2rtBd9KZ_3gTXSAsNtvsDJAoBy0lIc6-Ay-I9yYL4UCe1-EvseUvDBTd-TDppFESUYa0fV4aAJrnJRH_OyV0jG3tr0iSq02nzJRHw6JXU5vvDSxfQaUCvwVPCIJCkBeRPWKz1fw1Hwf3gClXf-Z11A8Tv9Aj0Qx6PagRSgVnvkyz-Thk326LNKaKLA9oDkl_aQgJsiflGn886XltJOwATq68yj5APgBAOIBZWv4f09kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WL3N3NushoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJOTLAT4JvNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_XC_oqeTpZHLe1wP9RFntDViuLw07Xw0leGW5NX9N9MHJWzeTHXoGK62Qv8-_Ewf1FGuVTbiIbBgB%26sig%3DAOD64_1_ZK1bq4ggnIcDgrY2BsURRj-2qg%26client%3Dca-pub-8735081706059215%26dbm_c%3DAKAmf-DKYpr2hJdXqy5w5R8oVQAIoEkvattNVYT6bI8quIZ5T_xGH6DZ5YRN8eQwAoES0rrsq_8xUtKu7J-K3dX-94VAjDhcF1rDMb-MTroYB5DiUFHokPvxAzbw93_5vetuntDQ9V72NthcVOqOCehnES3ps1OR63KU5vva3ZEdoBVV51m9XUs%26cry%3D1%26dbm_d%3DAKAmf-D2lBft_Jypqth-x6HB0snjPqoiZe5GQ2pw93mPjjcddZMVMIkP48w21ZSxRGyRZfnOUnxjAqLDuQVaBbZACbKdAvTleDmJV4qPyNeZkzx3rr75PeV6K6aT7ZFVHj7dgkQPS8sUqxQyFTZxcyxXdUkjFm8A3M5f9gEBqrN_Vb7AMibcNCdOtaobH7kDzFM_KsIDgm7Ho66MlXjqhEfkLdz0HOWUc2_-_N2U8Pbm6X02aQ0m-MQWCFwm2SY9tYu47FqlX0HOhEP0m9hgFbssI1ywWafNJuIKe4Q-ediAJ_02zBg-yeFJ4KWvhLC7G4jZCWccWQb0ipMiJ7lQruvWQ4EWJ4ioou1bJcDBqNGhR8OqJk_ibk6-muIYGA7dwugUNNf-130YRc-p8oeQL9bTcH1qcjn6xlQk8OlW7kVZk4YH4HYvuZLFCh02HdacZz7ugUrBsa7pALfNL3ykG3BI62ugUkvFlJGBTMu-pgH84EsMYhh-jCij5yUmqmTm-Jafuip90rI6h8O7bktOcu8qdkgcrSO3wla_UDxzrG7PSPgq2RkeMMmI2uIN8Q2HiCq9Tvzw7f2F%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8735081706059215%26output%3Dhtml%26h%3D600%26adk%3D2245448972%26adf%3D226508707%26pi%3Dt.aa~a.1130328051~rp.3%26w%3D253%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1706660208%26rafmt%3D1%26to%3Dqs%26pwprc%3D9931238805%26format%3D253x600%26url%3Dhttp%253A%252F%252Fforum.guiadohacker.com.br%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26dt%3D1706660208225%26bpp%3D1%26bdt%3D2905%26idt%3D-M%26shv%3Dr20240124%26mjsv%3Dm202401250101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D728x90%252C0x0%252C283x600%26nras%3D3%26correlator%3D1934803728806%26frm%3D20%26pv%3D1%26ga_vid%3D573685954.1706660208%26ga_sid%3D1706660208%26ga_hid%3D913626396%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1111%26ady%3D3281%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31079266%252C95320376%252C95323006%252C21065725%26oid%3D2%26pvsid%3D4394720531986488%26tmod%3D1082340399%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D9&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fforum.guiadohacker.com.br&random=6726984182793&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
743f6606b05e491b29c691c3c17c707cd29367aaff832606d7dd2fbbe64f524f

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2029
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jan 2024 00:16:49 GMT
Expires
Wed, 31 Jan 2024 00:16:49 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame F5BB 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446756&v=57807&q=470845&r=235229&pref1=47229600004328504444456012586014&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame F5BB 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3446776&v=57629&q=470847&r=235229&pref1=47229600004328504444456012586014&pv=1&pref2=guiadohacker.com.br
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 52CF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
25565
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 17:10:44 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 17:10:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F5BB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db056817c7f289cf13549b6e18a8213080284232402f24ee5ade3b16d55da992

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame A12D 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELXSCN6LBzTI-sx3eX7Im2c&google_cver=1&google_push=AXcoOmS3tp5sf6Frwpg6NCXCdxN2oX5HaWs0iCOxun3AhDhD7oEvfEnoyoz_5QG_-Bw-Hv2MAD8oWdpnU1o_Jfxus-J7gxevIMO46Ro
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRxMwzT9q-zwNPhgthJBD3fbQgVuoXP33eAxU-_VxFjRnTCnOetWB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRxMwzT9q-zwNPhgthJBD3fbQgVuoXP33eAxU-_VxFjRnTCnOetWBzkdqfn4vWO-8oG1-l1IftJfkluGj_NcrNr0oUjeB3-4vI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21027-AMS
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706660209.210187,VS0,VE85
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRxMwzT9q-zwNPhgthJBD3fbQgVuoXP33eAxU-_VxFjRnTCnOetWBzkdqfn4vWO-8oG1-l1IftJfkluGj_NcrNr0oUjeB3-4vI
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEISoYvrrYo7iVhB0zDD7YZY&google_cver=1&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDqiKTFESkmUL37Tjyc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEF9CAF3E5B24105BBB4EF1ADCAE9489&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEF9CAF3E5B24105BBB4EF1ADCAE9489&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDqiKTFESkmUL37Tjyc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 31 Jan 2024 00:16:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DEF9CAF3E5B24105BBB4EF1ADCAE9489&google_push=AXcoOmRM-eDIai9MreoMqRgYJCog6jULxiwxKfL9MSvprli4KlywJZajo7fIJQFXFZ_NJMa98Fth-tt4umoKQDqiKTFESkmUL37Tjyc
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 30 Jan 2024 00:16:49 GMT
pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP4AT5-07IVaebmShwYrPwE&google_cver=1&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfI...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDA0OTc4MzA0MzM4OTU4Ng%3D%3D&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfIv8gy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDA0OTc4MzA0MzM4OTU4Ng%3D%3D&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfIv8gy86SqlGPQGDYzc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMzMDA0OTc4MzA0MzM4OTU4Ng%3D%3D&google_push=AXcoOmRpon3KGELpG7f9lRAM9gG4GUvJsUn_qM-LIHv2hGFlW23nLDVmD2TkVn1aBuwwlyJxsf_A0p0Xe0oXfIv8gy86SqlGPQGDYzc
Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27H...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto2...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSQYhwxSAhQBXO1ml5nnkSzz_8NmVB09ijbpkL0aJtfBbpMsTUzoCSzcgiJjD7quIsjZRfBFxusbHHXtIvAlgto27HO68yT5No
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
trk
ag.innovid.com/ Frame A12D 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDDApOqPjdcSen4GYJJlq3U&google_cver=1&google_push=AXcoOmRPzI5lPlATjgOr62tQrjghawfEDZK0nyTlFUlN8yipp3M2A1ybAersKNDoir6hOGg3g87L-lsGR7EwZsWmuio8d027X3ifYiI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:ce35:92aa:dc67:4345 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache
content-length
43
request-time
1
expires
-1
pixel
cm.g.doubleclick.net/ Frame A12D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGG0nKpw0HaEt-NrBG61Mg&google_cver=1&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8-cD6C80a8p0-G5rQyg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8-cD6C80a8p0-G5rQyg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSHE_pEHhPVH_KNum3EJe1rloLzT0KlH3YvpsNdF1Ehx7mazbL4PkKyQQqf70D7NRXlr3aTAlpLvSm8-cD6C80a8p0-G5rQyg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame A12D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrp3eiNKn25Opm-lZzMYaeySfpfPrSiEIRYOJv3BM8Bz_0yPC7oW4y4qsphELNloPHViLk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 61FB 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELXSCN6LBzTI-sx3eX7Im2c&google_cver=1&google_push=AXcoOmQOnyS93cKnic7fs9axokYe_vJYFiZyk0Hjk1yip5okGq2RgOdg07E43cxE-xwvsZm90HvLt0apsrJjmP4sVbAqk3_yqMpQ9wc4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 61FB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66FrAT1X4dSFk1XJhz3y2PyCZdFTvcEAIb39pudDqHLZa6LU0dV3z-5cLhnd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:48 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-05557567c5646faef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmSxBjRDmY9U68hh7fO9G-4MLrVxVaFnU5vA8x4a66FrAT1X4dSFk1XJhz3y2PyCZdFTvcEAIb39pudDqHLZa6LU0dV3z-5cLhnd
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 61FB
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEMxxNkluvWt4ZkeX8p-wM&google_cver=1&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcC...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcCTmWZpFR2OrjjbZA0CRVBs&google_hm=hbCfIlPiRWeZZ9py...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcCTmWZpFR2OrjjbZA0CRVBs&google_hm=hbCfIlPiRWeZZ9py_q1vjME
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPDeQLYXgoukmtmnL3ebaiR4y039qP5Cc6OxRdh04e_dCRgnRF6Gfr7pEXHXT_XSlH94EbaDccFcCTmWZpFR2OrjjbZA0CRVBs&google_hm=hbCfIlPiRWeZZ9py_q1vjME
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 61FB 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEG7iIQFVCoBoT7_66yxbVaA&google_cver=1&google_push=AXcoOmSz8Z6_wp27GBUuGdCMQ8TER485JBNi3fPhSG8gG1m4PU220t_c_DY5YW6RRKBL2WXtfo8IcwZO7d2BBjfKmmdAqF1OZ4zA8iqJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 61FB
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrL...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSxQK6HFKhMLmfJ4PiP6Fk_-BG5BlZgG198Xz56ODA9SOpYMq7XLDuXk0ePz7aEUBejTpH9eE-zDqALbZJRGFOrLE7rydGs1Kxq
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 61FB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJxIVQjszD1b4Be3MUhn1qU&google_cver=1&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJxIVQjszD1b4Be3MUhn1qU&google_cver=1&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1b...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM1MDgwOTAwOTAwMzg3OTMyNg&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM1MDgwOTAwOTAwMzg3OTMyNg&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP5iflrtJPlXcpsNHY87-5cqM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM1MDgwOTAwOTAwMzg3OTMyNg&google_push=AXcoOmTVl4kgbzRj-bvZVo30CZokLheEkC083g4BO3R5UZiKF93OrRQp3te1Wv5XZTAeLYvSV1bz9ffP5iflrtJPlXcpsNHY87-5cqM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 61FB
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHPmiURIf1vR...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS3Mf4CdTZFJETGmIpH5q2eRVlt8-PqG6MFEdWBguSSwwAbf27b60YewzjTDV_gDhQvEGS6sppNW6KAzMM48Tez98YJVeCFgwmZMA
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 31 Jan 2024 00:16:49 GMT
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 61FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8PBtezmnQbZqBeymPRzMrTO46nuG87Mm6T9Q01TM5dK4-LrSIQKU1IYKykq3jaiuqnPZ3mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 3F45 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 00:16:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 3F45 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_2_1200x627.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a97511f106de7330415211f6c2b057a75148dbf7cf4768aa87de7d6ea073a97c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
22164
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3F45 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74971/creativesup/1200x627%20v1.jpeg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ac760158a44f0a3fce5de06d2d4a02a55e7e8de1227bc88330a5d4ab02e26d01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19572
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3F45 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74975/creativesup/1200x627_sting.jpg
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
4949d2072b4557fe7aab68f79f6b599feaba7ee5f9dde766e0a00d52883ff94c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900010.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16523
Vary
Accept-Encoding
Content-Type
image/png
593277e724e539a889cc3a836755cb51039a9d.jpg
static.tradetracker.net/nl/material_image/f0/ Frame 968F
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=35977500004098304444456012586010&t=html
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=1086052384&adf=2026986284&pi=t.aa~a.2691208339~rp.2&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=1&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600%2C253x600&nras=4&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=2329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Protocol
H2
Server
2600:9000:20b4:cc00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:12:55 GMT
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 13:45:41 GMT
server
nginx
x-amz-cf-pop
AMS58-P4
age
234
etag
"61c1da85-153c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
86980
x-amz-cf-id
g_7jpvrde3_dnnP-7W1-qChxDZUG7fJ87fUcJANs7VxRu8JM-Srq8w==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
dpixel
cms.quantserve.com/ Frame 52CF 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELXSCN6LBzTI-sx3eX7Im2c&google_cver=1&google_push=AXcoOmSkuoCNQgBswiCWbveg0Wiz0TeSXkebNmy-d5lSErm4abUGgQNi0DYuRRb974GE1lL5Q6JLYmkx-xvFQXuKs3WE-dH8giM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 52CF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jysh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jyshYsa1WDrOkJQJNDpytpKGV36iMwJG11ZB49PQoIGNjUatY5_SzWPk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Jan 2024 00:16:49 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-01d275e55739701ae@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cUZTVDEzZ2kxUnVZaHo1&google_gid=CAESEN5JoNzC3ZdKgJ9coa6G_O4&google_cver=1&google_push=AXcoOmQ5n4QCHPlbkdJ9tbF-1RdMq69j7w3BFv2DDE-jyshYsa1WDrOkJQJNDpytpKGV36iMwJG11ZB49PQoIGNjUatY5_SzWPk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 52CF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIez...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84ddc4a4ba1c6612-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
158
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELJnHGOiUoVg3sPF2D0mM30&google_cver=1&google_push=AXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmREi8n5jb-822mAVTve4EXear0xHiI-Kww9PIs689e2JX-Gw57j9vOi3YO4Gt8C6Ee5wFCHfYtx_eEADpaABZN-XzjmIezC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84ddc4a3990e6612-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 52CF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRY5tKQ9KLpJVaiQE01_pUl6YuLEzk24x7xNVM11OxubG39q3y1cu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRY5tKQ9KLpJVaiQE01_pUl6YuLEzk24x7xNVM11OxubG39q3y1cuoelqv0-t--HXkLs3alNTtAk_fMmxLTg1Ot9M8waeRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-ams21027-AMS
pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1706660209.210118,VS0,VE83
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMcnfAYtDHr2bMn6etIK5ic&google_push=AXcoOmRY5tKQ9KLpJVaiQE01_pUl6YuLEzk24x7xNVM11OxubG39q3y1cuoelqv0-t--HXkLs3alNTtAk_fMmxLTg1Ot9M8waeRg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
sync
x.bidswitch.net/ Frame 52CF 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPIES8R0YPqrfxSSkUYluk4&google_cver=1&google_push=AXcoOmQtMlfq5SHL60BQ0FZJWwoTCkuG8N22EPCkwsnlYbTPjy87GPonDyrsKhE71ty1-E1JTppsqOfjp1KN4DhZlQPquQqsoXFB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 52CF
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESED4ef3i3RqJLBs4LuG3RHGM&google_cver=1&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvO...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRT4AX0tYALozEj4rr9-4hid011RMqYSU17W8kKssWQvafZonatzofAIGjSaJ5kb5iB77qDIY716BbYZcSiyswvOhn9tzPP
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 52CF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGG0nKpw0HaEt-NrBG61Mg&google_cver=1&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoWFDs4OqExhaFff43v
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoWFDs4OqExhaFff43v
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-Al7mkCxnAT_5eAWBzj8OjdUWYQ7IS6eQt7NZxjSO2pIjfiQqQc3tOQ6JBae2GyrQArez3IbC-qoWFDs4OqExhaFff43v
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 52CF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LZxZCy4S6GadwQokfNJ2XBZUEYvq5psN9FH3SqDW77WPtsjd8arm0bYexT7z40QAc4JNUW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
593277e724e539a889cc3a836755cb51039a9d.jpg
static.tradetracker.net/nl/material_image/f0/ Frame 3CD9
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=61417200004329304444456012586015&t=html
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=4143898702&adf=2363923002&pi=t.aa~a.4287829732~rp.1&w=283&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=283x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2906&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=2&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=7
Protocol
H2
Server
2600:9000:20b4:cc00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:12:55 GMT
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 13:45:41 GMT
server
nginx
x-amz-cf-pop
AMS58-P4
age
234
etag
"61c1da85-153c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
86980
x-amz-cf-id
tQcqheIJ4un5a-AjLsSquM9Pj0BAoVWfZpIifmj1qat-H67O4uTxkg==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame 9E7B 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 23:59:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 9E7B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_2_1200x627.jpg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a97511f106de7330415211f6c2b057a75148dbf7cf4768aa87de7d6ea073a97c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
22164
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9E7B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74971/creativesup/1200x627%20v1.jpeg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ac760158a44f0a3fce5de06d2d4a02a55e7e8de1227bc88330a5d4ab02e26d01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19572
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 9E7B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74975/creativesup/1200x627_2.jpeg
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ee4382e3a69a1d8ff0d3c4410adf012fa704be2d83d879c031901d38aa98b9e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
17170
Vary
Accept-Encoding
Content-Type
image/png
593277e724e539a889cc3a836755cb51039a9d.jpg
static.tradetracker.net/nl/material_image/f0/ Frame F5BB
Redirect Chain
  • https://ti.tradetracker.net/?c=34211&m=2005488&a=70002&r=47229600004328504444456012586014&t=html
  • https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8735081706059215&output=html&h=600&adk=2245448972&adf=226508707&pi=t.aa~a.1130328051~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1706660208&rafmt=1&to=qs&pwprc=9931238805&format=253x600&url=http%3A%2F%2Fforum.guiadohacker.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1706660208225&bpp=1&bdt=2905&idt=-M&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0%2C283x600&nras=3&correlator=1934803728806&frm=20&pv=1&ga_vid=573685954.1706660208&ga_sid=1706660208&ga_hid=913626396&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1111&ady=3281&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079266%2C95320376%2C95323006%2C21065725&oid=2&pvsid=4394720531986488&tmod=1082340399&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol
H2
Server
2600:9000:20b4:cc00:1a:7c92:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:12:55 GMT
via
1.1 d0ade5b002ae847eefd25c219f24b24c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Dec 2021 13:45:41 GMT
server
nginx
x-amz-cf-pop
AMS58-P4
age
234
etag
"61c1da85-153c4"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
86980
x-amz-cf-id
fl4-XVwEMAb_1pdXNvkcTUCMzivH7FAY9Lm2XeowWbeEpb9NVtVGhg==

Redirect headers

location
https://static.tradetracker.net/nl/material_image/f0/593277e724e539a889cc3a836755cb51039a9d.jpg
date
Wed, 31 Jan 2024 00:16:49 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
nginx
expires
Mon, 26 Jul 1997 05:00:00 GMT
viewability
hal900010.redintelligence.net/ Frame 3F45 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900010.redintelligence.net/viewability?s=35977500004098304444456012586010&a=ad99c6ca&vb=m
Requested by
Host: hal900010.redintelligence.net
URL: https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.145.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900010.redintelligence.net/request_content.php?s=35977500004098304444456012586010&a=c36c0384
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3F45 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options
nosniff
age
58661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 3F45 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900010.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options
nosniff
age
19741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:47:48 GMT
css
fonts.googleapis.com/ Frame 571C 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jan 2024 22:50:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jan 2024 00:16:49 GMT
/
hal9000.redintelligence.net/scale/ Frame 571C 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/53619/creativesup/211221_banners_megekko_affiliate_2_1200x627.jpg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
a97511f106de7330415211f6c2b057a75148dbf7cf4768aa87de7d6ea073a97c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
22164
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 571C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74971/creativesup/1200x627%20v1.jpeg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
ac760158a44f0a3fce5de06d2d4a02a55e7e8de1227bc88330a5d4ab02e26d01

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19572
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 571C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74975/creativesup/1200x627_3.jpeg
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
548fc79ac63b17b66fe8b2aa226d08e0d9c3a5be975d4c78bfa69aee214da568

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
18496
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900015.redintelligence.net/ Frame 9E7B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=61417200004329304444456012586015&a=a31952ae&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=61417200004329304444456012586015&a=7a2a4cc6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9E7B 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options
nosniff
age
58661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 9E7B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options
nosniff
age
19741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:47:48 GMT
viewability
hal900014.redintelligence.net/ Frame 571C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=47229600004328504444456012586014&a=b25b8743&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=47229600004328504444456012586014&a=a2156cc0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:49 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 571C 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900014.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options
nosniff
age
58661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 571C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900014.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options
nosniff
age
19741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:47:48 GMT
truncated
/ Frame ED95 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efba114770e48272839aadfc830689ab92f1e81ba9f58ecb18708e3c645a602b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 03A0 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options
nosniff
age
58661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 03A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options
nosniff
age
19741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:47:48 GMT
truncated
/ Frame 578D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9857f7969517dec90062a553d3dbfb9c7af8bdbe00932e7ea7963442f6d0fd7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C82C 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options
nosniff
age
58661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame C82C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900015.redintelligence.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options
nosniff
age
19741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jan 2025 18:47:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240124&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00e98d4711e86cf6a0adae91fd83eb518206b7eab4e9666f031981d2e0411ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12267
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8735081706059215&plah=forum.guiadohacker.com.br
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 31 Jan 2024 00:16:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D488 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5d3Hed6KyTQSBxcASJbl78UjB2Mlmvl2hdnZyqAzv6SlCkRANYNOLTBbos8rI09Eix9boevHIg-NUU2dNRzgmWX3zjZb429Th-4BEX1-ekYLytS1gTt6NPRqoKOpv4xXLnU7wuhL39kUVvgOuJ8xIPDBcXq_rVCbqVzD0572_vMo64uA7ayc&sai=AMfl-YS89aCMLi0nmTBN6gskBtmhnMtfv6vKN6mFks1BNHDVV4cJRxgnaQ40DhoiPi1OA6H6TvTKB26v_mA00_ay1MXyJao64aVtHFKabpLr8U7kughMzBYEfHeXaVdMIUkqpIrODtlg0VPz240q81WS&sig=Cg0ArKJSzP1x5iDv2Lz-EAE&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=130,800,1000,1000,1000&tos=130,670,200,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3969420671&rs=2&la=0&cr=0&vs=4&r=v&co=170666020800&rst=1706660208302&rpt=427&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AF7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
18231
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 19:12:58 GMT
expires
Wed, 29 Jan 2025 19:12:58 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7E60 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a69f3453f25651acb90482b964b0b64657bb54440f4b5f85072f97f3d864a00
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_hiP5kwfsHy5c47xohw6oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://forum.guiadohacker.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_hiP5kwfsHy5c47xohw6oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jan 2024 00:16:49 GMT
expires
Wed, 31 Jan 2024 00:16:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 4AF7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 14:58:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
33499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jan 2025 14:58:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DC4D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_hOOTnofSF0Ff4KCEAjw8qD4CUWzCkCl6x9TBNtTm3uz6-UG0QSxwAmF9mwlO4NWaSlOwxN8NtY_JFkjnMiMp5v0_o4wnPtQcvo1TRHVtbPFFuCsXRzS2rR7eVveMr_GATo3dCPnuA8A&sai=AMfl-YQGvGv5l0UQmb6nsJDp44ZoDU-g6JrM3Tu3KS1Ppi8NwbR_FXS3rnZfY2jYZtN5PJ0FBAWVJLAtL7sH-cQh48EptNX6KH457s-6Zno9KeixVXsOOkyJ7iUguY4XEgvJK1hybv5aGgVcVUAlEh0T&sig=Cg0ArKJSzBXqm2iHLGaQEAE&cid=CAQSTgAvHhf_wDdE0f1a_0FvUaLp2COU7UD6FG5hKah3UULdg8SSjUGk2ZArHo2Rq0t4zU0D1STPOnN1x8IguiUsSpWhFVCLLYPg_NOSGuVh_RgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3412615526&rs=2&la=0&cr=0&vs=4&r=v&co=170666020800&rst=1706660207665&rpt=1125&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240124&jk=4394720531986488&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4AF7 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pEwYVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 00:16:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
viewability
hal900026.redintelligence.net/ Frame BBC3 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900026.redintelligence.net/viewability?s=30629900004884704444450012586026&a=31a8c183&vb=v
Requested by
Host: hal900026.redintelligence.net
URL: https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900026.redintelligence.net/request_content.php?s=30629900004884704444450012586026&a=5a2ca67f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC4D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7333505727725&version=m202309260101&ct=77&x=1&cor=9861624155107780000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED95 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6920261234150&version=m202309260101&ct=77&x=1&cor=4396192399568019500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 578D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7076820916783&version=m202309260101&ct=77&x=1&cor=18058479983389321000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED95 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKsVqiXPrSJjPEaxplrG43umFjH5AW1FxPhzFFvm2EeDB-bpq3Yuvb9CSXXx8czqi0j-BhddXdNL344jlQgFzK14cP7iMVr4yELEpq5dtQZdN6ob5Cv61L_ecSRUDRpHrh8ChyEIOTsH8&sai=AMfl-YR1Wc05SZygVEn_vAak1UqfQU6Nd3aw3PdtCJRZQp0Ak4NZPqRwF6ZL5d6A_Pm_7UX5_quY2SDBDCALL34XEU5yGOtFavJqf49JTt8NIhayW3tRZTFkiWZK6s51c3L3nmkNd8h-34rMTeacOvwN&sig=Cg0ArKJSzP5GXG52zrF2EAE&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&id=lidar2&mcvt=1008&p=0,0,600,160&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3969420674&rs=2&la=0&cr=0&vs=4&r=v&co=170666020800&rst=1706660208364&rpt=587&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 578D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuu0nSwHx9RjX6ZVMn8pgLdxICWDBQmwBTU-ryDGZBPx68zcJfdwOYrZ-D09xfpMqfxLiC5cBHuixrqaIuV77HCcN7JO9XhickiHzytgZWNaYZiD1rLxPyYYLtXzVD6t6MMjVhFJhC8ji4&sai=AMfl-YS4rsLXBi4CZtbynfI1ODObCN2G-tna0CqGRrBQ5jSrYpW3gowCtdqrPiDDMVeSpWif6oiClGAzqCCBOUeuqPlS3rj127KF2VBT5I1Gd9JhvxkUXWf6xMm9tw9RDoxOK3x6T-TN1u0zllgvSr-w&sig=Cg0ArKJSzIg_PX72cEqqEAE&cid=CAQSTgAvHhf_vMgCwxeqialAncaWfr7nRCEKZuONr43D85Uw0GwSuA73cs4VDcU6FfmDpNeQT7-YCnPKtU1BNq7cJIa8hTef1Bop7o3-OTTn6hgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3969420673&rs=2&la=0&cr=0&vs=4&r=v&co=170666020800&rst=1706660208355&rpt=521&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900012.redintelligence.net/ Frame 03A0 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=36178700004364004444456012586012&a=ea4bfae9&vb=v
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=36178700004364004444456012586012&a=cbb0c3e7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240124&jk=4394720531986488&bg=!FhWlFVrNAAa8BdJLnAU7ADQBe5WfOJAP5N61ZgaJXR7o3tA1ZQ2X6b826QPESApnHDwSYED-Z8yGKFwVu1IVD-WWnTIlAgAAAEVSAAAAAmgBB5kCvk7Sjo-eQnMFvIEoNJiEcMFV71jA04Zl3aVRF1hLa8wSEb1msE9FRKvooPOA7Kq361w-pJ5IZubBqJO569Iq3tacaF5Hjq2VHrbV9eMGmM8476L1iRpMhJPN7vVCF0lGAoeCaBfkR1vzet4u_CN4IfgConYcASfNjLIQTDb5f5-9EHZQpMJG1FjQ76PVV_1w_V0hHMjdvDFCd_DnHIlzfbu8Xhu9fjQ0Qzv0KHOJ7SfMV4La4kqG_l6Dn610lMZdzXLisbwQ0MZ3d46mI4rh5M5c_CZzFKKbUkeVI61NC-VuZgDYMlYz7o8Gr4OyiPjTX0tO8s8zIc2JMTyrEeYjJvRZI-XMtU-egLzJDqBmf6mrx8e-iiP3rzN8BPEA75oSSmnV5eOiELJnx-pMdKGpxE7ALWrtY646-F2PL_eHMrxPKc_es21KxTDhtcQWGYJIWq7Pu6Pm775s4MUanKjrjTVf4oXoSMcrf2qA_QUy24vEYRwsZBQoi05Gbk9kDXIccxnZtFAFWtbolnXXmX5rlSn91swmjVRmxjJVztfsTcwN1OAcuj3L7OcGPbjwWK0Cmzpp15JLU4DuaSCV-S3vhmxx4oP-eH2k9E3QYafP961YKzQDk2iyS-jFM_yqwdGsxQNzdNIgYH2Xx1ppn00avgNnEW_oKyvXLdMCFZ3N8xbwdvrPWIA_XMWXLHg7WbZ8Oh-7gOogY9mRt3j5s_txyFoqIbhUfyX31vvjQofPv0xQzs5BaEDzaxiDrlNrACyqg4gmJ7n5V2xX9KrM7sdJAu0OX-uSuTXZuZgJwoljazi_gh_q1V2KlbvMjBckzQgMEPXGJ6oFfY4H3Q8qa7piU-GDGoU3oqbHbzS53hrq8cYT6yer9Q6UbXalwfHK_BQSRdR4xpUeHbdNqiV7M9SOhAosoHyGPqUOrgyIRM8kVw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://forum.guiadohacker.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 968F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8050423860490&version=m202309260101&ct=77&x=1&cor=17910811709961826000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900015.redintelligence.net/ Frame C82C 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=40455400004329204444456012586015&a=3fe8c410&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=40455400004329204444456012586015&a=f8c47291
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 31 Jan 2024 00:16:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CD9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2113340163012&version=m202309260101&ct=77&x=1&cor=3387904843446929000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5BB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3304082201146&version=m202309260101&ct=77&x=1&cor=17445533050738540000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jan 2024 00:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forum.guiadohacker.com.br
URL
https://forum.guiadohacker.com.br/vb5/ajax/api/vbshout_shoutbox/ajax
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChDgAutxv17UQuzm_MpcDE&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| html5 object| Modernizr object| vBulletin string| uploadUrlTarget object| pageData object| adsbygoogle object| vBShout function| $ function| jQuery function| $yqec function| JShtmlEncode function| isValidEmailAddress function| str_repeat function| showStatusMessage function| vBulletin_Autocomplete string| CKEDITOR_BASEPATH function| openAlertDialog function| openConfirmDialog function| openPromptDialog function| bindFormReset function| ensureFun function| recaptcha2callback function| vBShout_unIdle object| actionMap object| $action string| _key number| securitytoken_timeout number| securitytoken_errors boolean| vBShoutHasInit boolean| vBShoutHasError object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

42 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUl9lNfpe0lBTj2YMp6NuH3TTiY-nwCuMv5V2AJiQF5KoKJxdXZoNBmNIx1r
.adnxs.com/ Name: XANDR_PANID
Value: Nhbpqx4w1kZkjabB5bo9sC73BhRlSf8Rpt5_Fil2rEjWrDelJpmOwPJu4EYw2spB5S6lCl7fYC8ntAJ1UBETI2pq9IUdtipPdQpUbZVaKFo.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5311535885184091773
.casalemedia.com/ Name: CMID
Value: ZbmRcJI0Rsg8.lioodsWBQAA
.casalemedia.com/ Name: CMPS
Value: 5250
.casalemedia.com/ Name: CMPRO
Value: 5250
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In1pfG3k!]tbPl1M>e)ZlrFUfJ+tGXxoa`YZr@Q9I`IKiyPW[h@=BA(q/tQ<7r<hitFs3If)y3KL9D3I?+i:QgVv
.doubleclick.net/ Name: APC
Value: AfxxVi76xVT6DY4eOjKllkQOnDIUWpRZB9mB85V4AnspnpQinR_eJQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.guiadohacker.com.br/ Name: __gads
Value: ID=0f364b64aa982aab:T=1706660207:RT=1706660207:S=ALNI_MbHqm82x3-Nasa-IMuErLKhtAlPbw
.guiadohacker.com.br/ Name: __gpi
Value: UID=00000d4cd9ab5030:T=1706660207:RT=1706660207:S=ALNI_MaYWdlVrA3IhLTUqjkqVJMYEYh6yQ
.guiadohacker.com.br/ Name: __eoi
Value: ID=c6e3eb053dcaa265:T=1706660207:RT=1706660207:S=AA-AfjZ20gOHereqXrDlyiAm-6th
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 61ed3c8ba73f6394
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tradetracker.net/ Name: uf
Value: S%2BMEEQlrydE3iwlC7gvrVTJQbG11RVdhUjZoQllDRTdxWWZVeWxYZzgxOGdMeEt6RmlWTy9tZ0VJZ2w0TEFSYW5HUmZwNG84bjhiT2hoT0RHekV4RVA0Z1B4SUFyVEhBUTB5Sm1nPT0%3D
.tradetracker.net/ Name: pi
Value: b6b768dd96c5a6ed31de5124b0405b48
.awin1.com/ Name: awpv8177
Value: 235229|1706660208|06904370-bfce-11ee-8694-226555b1c0ac
.awin1.com/ Name: awpv8472
Value: 235229|1706660209|069aa3b0-bfce-11ee-86b5-22356fe9f584
.awin1.com/ Name: awpv8462
Value: 235229|1706660209|069af1d0-bfce-11ee-8694-226555b1c0ac
.googleadservices.com/ Name: ar_debug
Value: 1
.awin1.com/ Name: awpv57805
Value: 235229|1706660209|06a66380-bfce-11ee-94b4-2233c304522e
.awin1.com/ Name: awpv15314
Value: 235229|1706660209|06a74de0-bfce-11ee-94b4-2233c304522e
.simpli.fi/ Name: suid
Value: DEF9CAF3E5B24105BBB4EF1ADCAE9489
.blismedia.com/ Name: b
Value: 65B991716632CBC0A91627B8BLIS
.adfarm1.adition.com/ Name: UserID1
Value: 7330049783043389586
.ctnsnet.com/ Name: gid_CAESECEMxxNkluvWt4ZkeX8p-wM
Value: 1
.ctnsnet.com/ Name: cid_85b09f2253e245679967da72fead6f8c
Value: 1
.quantserve.com/ Name: d
Value: EDcBCQGEK4EA
.quantserve.com/ Name: mc
Value: 65b99171-33e21-b7147-14a38
.awin1.com/ Name: awpv57807
Value: 235229|1706660209|06b75370-bfce-11ee-94b4-2233c304522e
.de17a.com/ Name: guid
Value: 1.4157276316046996170
.w55c.net/ Name: wfivefivec
Value: qFST13gi1RuYhz5
.awin1.com/ Name: awpv57629
Value: 235229|1706660209|06bb2400-bfce-11ee-94b4-2233c304522e
.awin1.com/ Name: AWSESS
Value: 470847:3446776
.w55c.net/ Name: matchgoogle
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZbmRcQABNLqLUQBX
.adform.net/ Name: C
Value: 1
.innovid.com/ Name: uuid
Value: e8d3cf74-88af-4d29-82f2-08230383a968-20240130 19:16:49
.adform.net/ Name: uid
Value: 1350809009003879326
.tribalfusion.com/ Name: ANON_ID
Value: anntuJoZdUQdR2Hp9uswmyXh5utBdmBoVCR51XtW1UN5EiBJtogWVjbXNU28oVZbUZbVumxDXVqI7ysZc6HsNqQ29gFf

6 Console Messages

Source Level URL
Text
javascript warning URL: http://forum.guiadohacker.com.br/(Line 3842)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://forum.guiadohacker.com.br/(Line 3842)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEChDgAutxv17UQuzm_MpcDE&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: http://forum.guiadohacker.com.br/
Message:
Access to XMLHttpRequest at 'https://forum.guiadohacker.com.br/vb5/ajax/api/vbshout_shoutbox/ajax' from origin 'http://forum.guiadohacker.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://forum.guiadohacker.com.br/vb5/ajax/api/vbshout_shoutbox/ajax
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
X-Frame-Options sameorigin, sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a1.awin1.com
ad.doubleclick.net
ag.innovid.com
ajax.googleapis.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
forum.guiadohacker.com.br
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900010.redintelligence.net
hal900012.redintelligence.net
hal900014.redintelligence.net
hal900015.redintelligence.net
hal900026.redintelligence.net
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
s.tribalfusion.com
static.tradetracker.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
ti.tradetracker.net
tpc.googlesyndication.com
tr.blismedia.com
ui2.awin.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
forum.guiadohacker.com.br
sync.search.spotxchange.com
104.18.36.155
104.64.118.247
138.201.135.164
138.201.63.145
138.201.84.244
142.250.184.198
142.250.186.162
151.101.194.49
172.217.16.194
176.9.26.250
18.193.90.185
185.89.210.46
213.155.156.165
23.213.161.198
23.32.185.35
2600:9000:20b4:cc00:1a:7c92:efc0:93a1
2606:4700::6811:190e
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200a
2a05:d01c:1d8:8101:ce35:92aa:dc67:4345
2a06:98c1:3120::3
2a06:98c1:3121::3
3.75.62.37
34.96.105.8
34.98.64.218
35.186.193.173
35.204.74.118
35.214.149.91
37.157.3.20
46.4.10.49
51.89.9.251
54.76.227.52
65.9.66.58
85.114.159.118
94.130.102.164
0025b5440e0740c714a7719b20bb47561e2c10754a82e1a031d266bd98710250
00e98d4711e86cf6a0adae91fd83eb518206b7eab4e9666f031981d2e0411ea9
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa871cc2ccfc9c9750ed5a2a24725e9da19497d37ef1df159dfc50085834ec
0e674d47b5c3a4397b5946fc5c72cfb57ca400b97f2f08673d831e467cad8c69
0f39c444205caf7a22673fe6770fc553d9fd55fdd31fad52e56b10cfad271e7c
0f9bfe7f73b83508ae0688a02b5364d478b9ebb7f92883972cc0e07130c5e4fd
139f85b6037980e1ef805918b51e68e705f1ef2ad6cc7a7a367e17cbe929eac3
154b11ce382d3367fac3656bb8ba63cdb7668e7383ef084c5b81267740f90317
16c077372ec4548085171cfa1a189dc546f0e6b7adc732bfd14b5d7b9c906ca3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1b88f80de32cac0e54c5ee866a361aa885d07baea12a1441a1af40614f21863e
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
2527f241112c404f4bec7ab2aaa702b0bcfbf4af49a267d25f8bf63e3df09c0d
25dbbbbc9b86ac1d79e939a13a96815d125eb63934ccca67377c65ed63d5d0b7
28ff990193ae1216f9bf60dfdf17e88c75736bc610ae49b5fdfba9fec3e888c4
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5e6cd51cba0c9923f495725944bff8b1c15fc0e43ef8f5f0e34b947789bfd4
2d869a8a90f0eaa973ca4de8cb259dae9261e2f845c67b1958c9fe933492d198
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3476fd255d18ca78ef2077c6927a62d4c920efddeb9ac9cc2cb7911e34a18278
348a823952baba3baa648b74ba1d787bf98770679eb5da2b81c0e8439950558b
35b34b1e408204f25d737391355f1847be494cdc24c04c354d4b2f458d27e1ba
373c96ceaf68580b9aadae1d036072e949f3bf12f6ff40c5fd2366c10643392a
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a18b65875af336b6a3bc9c868bfd3919a6257dd91db8cf59e5f70952d0c837b
3a69f3453f25651acb90482b964b0b64657bb54440f4b5f85072f97f3d864a00
3aff95aacc134b7b4789fb1b49579857af7ee7edd2f400aac99b358c21ceeb90
3d246f7de7dab5ff38699786321c9b88ad3dfefc2c2576bcd69862d6a04c6346
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4519d44f81136789630fc14cecd43b5e004c8cda43ee4a434dffdb5268bde7cb
4949d2072b4557fe7aab68f79f6b599feaba7ee5f9dde766e0a00d52883ff94c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cceeda9854393610236e90cd30132b01a18980275937ffe553ec4e2f448afad
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52210a5a5ea6dbc60f787a5b8d70635c4d7907833d1f9af58863eef09e6250cc
537afbe0d93778cfbf5e707d362a3a4878b0d6477fcb23094e092785228fcffc
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548fc79ac63b17b66fe8b2aa226d08e0d9c3a5be975d4c78bfa69aee214da568
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b69159ec4b07e75cf3b7e95d1358a38e247a1e6343b0bc7e3cfaddfd531a4bd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ef6b4aebeae350a6dd1e64b6af610ea5658be444231da35d81007ab1e045e7
6317b5bf214c6755011b9e2a641b231627ba24c41084fb2d00e9da9415a9ceba
632fa9d7e19991e690d24a9f65a08922582b5d1d32745d53cca217e6d4c9a1fe
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
694bd6e7fe1ab56fdbee9ac99e2f11f64cefdd23c8c78d25a8ce34eea72189e4
6c0aac9321e797bc17900995c31d9d3e7344d512ee5abe09826b4b6259b27991
6cc104d434bb05638dc6b0bf53723ae64180c777ba294308f3d87fc804a58b19
6d731e6d3e38558377e2fa974639cabf5209d9cafa5f00e186b0e3faf0aea02b
6ed2b588cf5ff8c81f1f2fd16bfbe48424a0b20ba9a89fb7e876d24233771b34
73f08e454018b9539cc8e849dfdef73ad147863708564024d0cd7deea589f49b
743f6606b05e491b29c691c3c17c707cd29367aaff832606d7dd2fbbe64f524f
78647f85f3d99e64eaa005de1bc2708502c564d6c610c07970abdd34d4af6840
78788a484b77f37f7426b9bd6f15cd74c9ef95a46537de4c6a6f87ecea090d4a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7e86bdafdaa97c44a4447de8f2b78968392a7c71276d46cf0771958cff584b05
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8187fa276fa62061871a109a5d4186dfc5320a71d8273a9c68aebd15b8a780b5
830270bd5b8984098a29aca0e2b3f59d979f28a209217090aeb7fa0dc8897d6c
833501cc6610a168e4780cd7f6aaf831542227a38dd521d8afa343c4352aeec0
8375f748c40c582848c1a71d08047e2efe3172760e071420284a05300cb48b68
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8acad69e9b832ccc4a639b680e2c2215d1f79441a0bd5a22c330c51c9ca583c2
8de882b54bf5427cbe24f36a8454b0df3418fdc327c601a3d1fdafe380105381
8e67e932b6db2a57556e429aaa27e2efbbb71e0aa734adc0f91145711e2104f8
8fab078dcec484cf996555c115f53f905913557897fd9c7c30bf7c1dabefd373
91d149cdc0eba46d8512f56fe0f1312aec78279f103bfd77a415c41d1ddc7236
92e93defe9954b7d99eab18db2e99f951f97c3d9f71938e4711374d25bd065c0
94ed5ad5bbc3af7b016812768d5dff032cd1b6c9a7e59b90e685c60613f3e47a
95bd9333692538a45adb4357c4ef0f9280e7290a41275d2b80928dd02c021ee0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b15849b6dc680485e71f0a6f6ec6b4f3f969cf3ac6b368a70db2883f3ac72bc
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12cbd41b420927e81846cfe75d359973ea20fb81d945bcdbd63ac2f790b9b36
a2acaf246acf46c7d1c38a079591b933c6c18afd3369ee9a60142a5d44bcfca8
a47728e216d63aa5820a6d259dba8bdc21ec1180eeb31398140926bad27d7e26
a51ab870eab8801ff78db2f86a61595ddc4f1b6b29384858dfe85280cb7fec73
a593ea893a9ec7b7f1f1e03b7f4e45f54cd2aa03a78b606f0c385e99da2b7c21
a8bf621b2a3fd16e6f679fb8855c4b010f2b5c37a2e8c2482693729af56b8f50
a97511f106de7330415211f6c2b057a75148dbf7cf4768aa87de7d6ea073a97c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac760158a44f0a3fce5de06d2d4a02a55e7e8de1227bc88330a5d4ab02e26d01
ada3d698f1571251ecb4d241596259d4371bd8987f61e190c06ea96c23682425
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46daf948108136003027ba4701c98f57a9e7ad3f48521075b7e15e7a18383a5
b4ce59d4673867de22aed6871b9ba29dcd5f7295f31859394b330afb48c4a132
bf320f16a620d7ac23b5c38480f932bc3eab00a5b7def135c353faf280420734
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c69a773ccd0276f41bde86c234c8ab4e0f64e3dc8fa571244c75620fefaa3410
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c7307fafe3f1108e118621d6f04137fd35b00e4f95789aba33d8c652649e08cb
c7712c858c0642bd08c583ca99175a02fe0854c90d59dafa5890db337c7c36a2
c778ecd8443ad88346ab10ac2f1bfe3dc2f893c85c90700e02d568332facca87
c935effb95b4bec9e6023cf5f22646020f85cb049096ba310bca47e8d4cd7ac0
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1ab93ba7ceabb29cd52ed7e095b1eab3e7148c1f54049b9918df2d2848f1174
d2d4e851d6f61bb2adbc10d777db617fa0882b0414e5f8ecce5d1fccbe6d244b
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
db056817c7f289cf13549b6e18a8213080284232402f24ee5ade3b16d55da992
df67b5b36b4a11a65675363edbec0cf1c701cc6ea70d1b1a2ff1b53734df6204
dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6
e08dff474c032cf50a99543097d49f40e8eaa9ddeb4af820edcceba81f881fd0
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e672e984403d411613bb7b84ae0a1c21f4f817408574a694d2c5e3b841f737dd
e9857f7969517dec90062a553d3dbfb9c7af8bdbe00932e7ea7963442f6d0fd7
eab38f03997f8fa7c502dc3b333f81b7c69c014bd4be2e7839605c486c6aa671
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecce247276e4701eef9126436277333a1a2f993e8c289f482dd13a17d9aaf6d9
ee4382e3a69a1d8ff0d3c4410adf012fa704be2d83d879c031901d38aa98b9e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba114770e48272839aadfc830689ab92f1e81ba9f58ecb18708e3c645a602b
f096cea72d2a27beeefcb29bc62583a8bf2db673a1972e1dfc6de8d63d9fec25
f3218774bab3c59362743a635850945412281be791eb7fb4d55c7f82de161af1
f376ef037e9cb668feabdfb141d0d4b79f5c9c999affe1ac0060340ff474b80e
f71069a6df1a23123d477dd98b1b8c88873752a96d277d9d31854291da570883
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8265e6eeb632ddecf179337b706bcbff059808abaaf37fbacbfc78458cc98a5
fa7d009aa65b62f1953c635e1e87ff1d5618502199c017a114d65468fa15edd8