www.cifraclub.com.br Open in urlscan Pro
2a02:26f0:780::5f65:36d8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cifraclub.com.br/oasis/st
Effective URL:
https://www.cifraclub.com.br/oasis/
Submission: On December 05 via api (December 5th 2023, 9:21:32 pm UTC) from US — Scanned from DE

Summary HTTP 369 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 63 IPs in 13 countries across 49 domains to perform 369 HTTP transactions. The main IP is 2a02:26f0:780::5f65:36d8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.cifraclub.com.br. The Cisco Umbrella rank of the primary domain is 844439.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time www.cifraclub.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 80	2a02:26f0:780... 2a02:26f0:780::5f65:36d8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	177.54.145.110 177.54.145.110	262287 (Latitude....) (Latitude.sh LTDA)
12	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f06... 2a03:2880:f068:8:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	52.222.250.26 52.222.250.26	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	54.192.137.125 54.192.137.125	16509 (AMAZON-02) (AMAZON-02)
1	18.245.143.58 18.245.143.58	16509 (AMAZON-02) (AMAZON-02)
2	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:400c:c00::54	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 10	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
9	178.32.210.226 178.32.210.226	16276 (OVH) (OVH)
1	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.32.27.70 13.32.27.70	16509 (AMAZON-02) (AMAZON-02)
1	52.48.81.28 52.48.81.28	16509 (AMAZON-02) (AMAZON-02)
1 13	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
22	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
11 36	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
7 13	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.195.149.147 18.195.149.147	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	35.214.159.102 35.214.159.102	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 2	52.28.185.174 52.28.185.174	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 2	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.101.90.98 141.101.90.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.19.217.60 2.19.217.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
369	63

80 2a02:26f0:780::5f65:36d8 (Frankfurt am Main, Germany) 6 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
akamai.sscdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 177.54.145.110 (São Paulo, Brazil) 2 redirects

ASN262287 (Latitude.sh LTDA, BR)

id.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
master.cifraclub.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f068:8:face:b00c:0:3 (Kyiv, Ukraine)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-26.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.137.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-137-125.lhr62.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.143.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-143-58.lhr5.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.180 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.81.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 142.250.186.98 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.36.155 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.149.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-147.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.159.102 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 102.159.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.185.174 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-185-174.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.101 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.98 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaselogging.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	sscdn.co akamai.sscdn.co — Cisco Umbrella Rank: 155686	1 MB
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	381 KB
59	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	468 KB
33	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	639 KB
16	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 23 www.google.com — Cisco Umbrella Rank: 2	82 KB
14	cifraclub.com.br 8 redirects www.cifraclub.com.br — Cisco Umbrella Rank: 844439 id.cifraclub.com.br — Cisco Umbrella Rank: 303639 master.cifraclub.com.br — Cisco Umbrella Rank: 508412 api.cifraclub.com.br — Cisco Umbrella Rank: 569889	57 KB
13	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	891 KB
11	youtube.com img.youtube.com — Cisco Umbrella Rank: 3789	43 KB
11	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1657 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	34 KB
11	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478 acdn.adnxs.com — Cisco Umbrella Rank: 610	32 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 71029 d.tailtarget.com — Cisco Umbrella Rank: 77929 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227 b.t.tailtarget.com — Cisco Umbrella Rank: 60259 cm.t.tailtarget.com — Cisco Umbrella Rank: 17921 t.tailtarget.com — Cisco Umbrella Rank: 15832	38 KB
7	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 470 fonts.googleapis.com — Cisco Umbrella Rank: 29 firebaselogging.googleapis.com — Cisco Umbrella Rank: 2270	4 KB
7	google.de www.google.de — Cisco Umbrella Rank: 6765	971 B
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	72 KB
5	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 pixel.rubiconproject.com — Cisco Umbrella Rank: 339 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	27 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	75 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	71 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
4	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image6.pubmatic.com — Cisco Umbrella Rank: 793 ads.pubmatic.com — Cisco Umbrella Rank: 544	6 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016 launchpad.privacymanager.io — Cisco Umbrella Rank: 2702 geo.privacymanager.io — Cisco Umbrella Rank: 2070	30 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	176 KB
4	gstatic.com www.gstatic.com	30 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550 gum.criteo.com — Cisco Umbrella Rank: 424	743 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	450 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	952 B
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 123499	757 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	647 B
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 870	820 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 650	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	292 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	931 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	1 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 97617 popups.rdstation.com.br — Cisco Umbrella Rank: 81128	870 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1498 contextual.media.net — Cisco Umbrella Rank: 665	10 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 66923	608 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	385 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	712 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	236 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	540 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	716 B
1	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 1600	374 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	2 KB
369	49

	Domain	Requested by
72	akamai.sscdn.co	www.cifraclub.com.br akamai.sscdn.co
36	cm.g.doubleclick.net	11 redirects 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com googleads.g.doubleclick.net
35	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.cifraclub.com.br 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
33	s0.2mdn.net	www.cifraclub.com.br s0.2mdn.net 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.cifraclub.com.br 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com s0.2mdn.net
13	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
13	www.google.com	1 redirects www.cifraclub.com.br tpc.googlesyndication.com 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
13	googleads.g.doubleclick.net	www.googletagmanager.com www.cifraclub.com.br 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com pagead2.googlesyndication.com
12	www.googletagmanager.com	www.cifraclub.com.br www.googletagmanager.com tags.t.tailtarget.com
11	img.youtube.com	www.cifraclub.com.br
9	prg.smartadserver.com	akamai.sscdn.co
9	ib.adnxs.com	3 redirects akamai.sscdn.co googleads.g.doubleclick.net acdn.adnxs.com
7	www.google.de	www.cifraclub.com.br
7	www.cifraclub.com.br	6 redirects
5	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	d335luupugsy2.cloudfront.net	www.cifraclub.com.br d335luupugsy2.cloudfront.net
4	ad.doubleclick.net	www.cifraclub.com.br
4	www.googletagservices.com	www.cifraclub.com.br 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
4	master.cifraclub.com.br	akamai.sscdn.co
4	region1.google-analytics.com	www.googletagmanager.com
4	connect.facebook.net	www.cifraclub.com.br connect.facebook.net akamai.sscdn.co
4	www.gstatic.com	www.cifraclub.com.br 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	www.cifraclub.com.br securepubads.g.doubleclick.net
3	accounts.google.com	id.cifraclub.com.br accounts.google.com
3	c.amazon-adsystem.com	www.cifraclub.com.br c.amazon-adsystem.com
2	eus.rubiconproject.com	akamai.sscdn.co eus.rubiconproject.com
2	gum.criteo.com	akamai.sscdn.co
2	sync.teads.tv	1 redirects 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	d.adtriba.com	1 redirects 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.cifraclub.com.br
2	d5p.de17a.com	2 redirects
2	csync.loopme.me	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
2	tr.blismedia.com	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
2	ssbsync.smartadserver.com	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
2	image6.pubmatic.com	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com ads.pubmatic.com
2	ads.travelaudience.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	fonts.googleapis.com	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com www.cifraclub.com.br
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	b.t.tailtarget.com	d.tailtarget.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	tt-9964-3.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.cifraclub.com.br d.tailtarget.com
2	www.facebook.com	www.cifraclub.com.br
2	geo.privacymanager.io	launchpad.privacymanager.io
2	sb.scorecardresearch.com	www.cifraclub.com.br
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	id.cifraclub.com.br	2 redirects
1	firebaselogging.googleapis.com	www.gstatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	contextual.media.net	akamai.sscdn.co
1	ads.pubmatic.com	akamai.sscdn.co
1	acdn.adnxs.com	akamai.sscdn.co
1	portal.o2online.de
1	onetag-sys.com	1 redirects
1	dis.criteo.com	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	rtb.openx.net	4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	secure.adnxs.com	1 redirects
1	um.simpli.fi	1 redirects
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	s.seedtag.com	akamai.sscdn.co
1	fastlane.rubiconproject.com	akamai.sscdn.co
1	hbopenbid.pubmatic.com	akamai.sscdn.co
1	prebid.media.net	akamai.sscdn.co
1	api.cifraclub.com.br	akamai.sscdn.co
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.jsdelivr.net	akamai.sscdn.co
1	tags.t.tailtarget.com	www.cifraclub.com.br
1	tags.crwdcntrl.net	www.cifraclub.com.br
1	launchpad-wrapper.privacymanager.io	www.cifraclub.com.br
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
369	84

This site contains links to these domains. Also see Links.

Domain
forum.cifraclub.com.br
www.formesuabanda.com.br
play.google.com
itunes.apple.com
www.microsoft.com
www.facebook.com
twitter.com
www.letras.mus.br
www.palcomp3.com.br
id.cifraclub.com.br
www.youtube.com
suporte.cifraclub.com.br
www.studiosol.com.br
apps.microsoft.com
www.instagram.com
www.tiktok.com
www.palcomp3.com
www.cifraclub.com
www.wechords.com

Subject Issuer	Validity	Valid
www.cifraclub.com.br R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sscdn.co R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2023-08-31` - `2024-06-04`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
popups.rdstation.com.br R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
portal.o2online.de E1	`2023-11-29` - `2024-02-27`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.cifraclub.com.br/oasis/
Frame ID: 9DA82FDDD31EC8605FC0AB52132C1EAD
Requests: 192 HTTP requests in this frame

Frame: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4CE6949F8F9440CD64AFE5EA3D11CD80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 838349990FFF6D5986939B75B5537E41
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 29F40752DAA40CE978504B123DD52C64
Requests: 2 HTTP requests in this frame

Frame: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F73BC249F2B7D08E8DC39C47D797F89
Requests: 5 HTTP requests in this frame

Frame: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D7C6E6BDC850A86080B08A1913BB9CAA
Requests: 14 HTTP requests in this frame

Frame: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38F286D4F58A5054170711E17A3C933D
Requests: 20 HTTP requests in this frame

Frame: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ACD578FC26614141B897EDDE7CC4A10D
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 36EC9ED1BD245DE89D24140924275983
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3091DB3A97155E442FC888EB850D85B8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD65D37B762FF5738D886FB14C9C4FD1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNWLMNsGvr1i0C-Xj6JcshE82VVAOzDNh8TW03KMwm9R-TOS7QciUBo6mWWrz3GKPw7AxBh2YxhJY_pdpqqAQ33Q9tWv0HzEJ2iVs0DEopW_B8BBj0KX7eOWfghKeJStaiaIktfeuG80JORvfkk5eNZrzAGX_FbepOIRtNxCxOLKiEn5-Vc
Frame ID: 0BCF05508535B4BE5295EE5A91F924D3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AB48823D29ADC9917B2743D949470378
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNVIFnGHBiNPDwO7ziydcixv1fQ7oZaj-hPI-qth1hqjd-VTmV9pxC4gBnwXeRq1XXoL5M_VBWfMWvqs0oddls5O0X2HTfhyo6TmyDBA9zcnESvf4qK52AHoHqtqu9OFwpGSuFGlTgptMQj8uRWI2TEEoky_f1TCi1KguqsPQXSqv_BzQdE
Frame ID: A2026A335633D9DCB3515E561E4F3DD7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjS75DkATAB&v=APEucNUPBwaQcqvJfXfncOhz_VQLEe9ejMzjz-D-7iBd1-7yrFwdcV9YYua2qhLPNeghCRPkOR0UoXOifgFzpq5qugz5aCkwqeoG_b4vsuDKiNQJ6JZAlVQc41zlXuWgSXsphBZvRZfOJnxxgEtvvaYAcWocbnZrYGogMJBomkB8YkCxgvZbmgA
Frame ID: 0396681C1F2E222B486B72535D2B98A0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F819DF5BBE29E6D2ACD1F925DDF9FCBE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 61BED69BC00116835D699600A674BBEC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1E993575873C538A5356BA3758268449
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
Frame ID: 1E3B1E1EC31C5597D5A8BD59EB848A38
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
Frame ID: AB9ED53D71CF9DE6DB133550DE398A70
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: C85DB2C686AEBEEA90872A8DDD93141E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10A624F72DECE32B23C65EE5ABA2FD7D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
Frame ID: B8491D4F297C013C220192CC47955772
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3FD476D610AD4322C840C787275BCDC7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 9D7553813DD7C2DC16399682A487B3E0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: E9C370A8B997F547C19A70031DAD63C9
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62B0CA944F5DE46D937C67FB87C9C9E5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Frame ID: F30EF95F8CBCA59F444E9CB5A6140308
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E715479D06A4002F981BFA142ADC0232
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 298C5A235125DD7CB97DAA85C66E08CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oasis | Cifra Club

Page URL History Show full URLs

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

369
Requests

91 %
HTTPS

33 %
IPv6

49
Domains

84
Subdomains

63
IPs

13
Countries

4753 kB
Transfer

13495 kB
Size

59
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://forum.cifraclub.com.br/
Title: Fórum Cifra Club

Search URL Search Domain Scan URL

URL: http://www.formesuabanda.com.br/
Title: Forme Sua Banda

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.cifraclub
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/cifra-club/id921625944
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club/9wzdncrfj18m
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.afinadorlite
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/afinador-cifra-club/id480625281?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/pt-br/store/apps/cifra-club-tuner/9wzdncrfj17z
Title: Windows Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.studiosol.metronomo
Title: Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/app/metronomo-cifra-club/id569883867?mt=8
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&t=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&related=cifraclub&text=Oasis%20cifras%2C%20letras%2C%20tablaturas%20e%20videoaulas%20das%20m%C3%BAsicas%20no%20Cifra%20Club
Title: Compartilhar no Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/contribuicoes/enviar_letra/
Title: letra

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/
Title: Ouvir no

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/lambertos/
Title: Rock Lambertos

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/tedrosoficial/
Title: Rock Tedros

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/rocknupelo/
Title: Rock Rock nu Pêlo

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/selvagensaprocuradelei/
Title: Rock Selvagens à Procura de Lei

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/omarcosalmeida/
Title: Rock Marcos Almeida

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com.br/sutilmodelonovo/
Title: Rock Sutil Modelo Novo

Search URL Search Domain Scan URL

URL: https://id.cifraclub.com.br/cadastro/
Title: Crie sua conta grátis

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCpypU2XLYmOsf36xgcgrW3w/join
Title: YouTube Membros

Search URL Search Domain Scan URL

URL: https://suporte.cifraclub.com.br/support/home
Title: Contato

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/cifraclub?lang=pt
Title: Anuncie no Cifra Club

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/br/developer/studio-sol-comunicacao-digital-ltda/id480625284
Title: Aplicativos - App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/dev?id=5223058821229460338&hl=pt_BR
Title: Aplicativos - Google Play

Search URL Search Domain Scan URL

URL: https://apps.microsoft.com/search/publisher?name=Studio+Sol+Comunica%C3%A7%C3%A3o+Digital+Ltda+Epp&hl=pt-br&gl=BR
Title: Aplicativos - Microsoft Store

Search URL Search Domain Scan URL

URL: https://www.youtube.com/cifraclub
Title: Siga-nos: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cifraclub/
Title: Siga-nos: Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cifraclub/
Title: Siga-nos: Facebook

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@cifraclub
Title: Siga-nos: TikTok

Search URL Search Domain Scan URL

URL: https://twitter.com/cifraclub
Title: Siga-nos: Twitter

Search URL Search Domain Scan URL

URL: https://www.letras.mus.br/
Title: Letras

Search URL Search Domain Scan URL

URL: https://www.palcomp3.com/
Title: Palco MP3

Search URL Search Domain Scan URL

URL: https://www.cifraclub.com/oasis/
Title: Ver em Español

Search URL Search Domain Scan URL

URL: https://www.wechords.com/oasis/
Title: Ver em Inglês

Search URL Search Domain Scan URL

URL: https://www.studiosol.com.br/?lang=pt
Title: Studio Sol

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cifraclub.com.br/oasis/st HTTP 301
http://www.cifraclub.com.br/oasis/st/ HTTP 301
https://www.cifraclub.com.br/oasis/st/ HTTP 307
https://www.cifraclub.com.br/oasis/st/letra/ HTTP 307
https://www.cifraclub.com.br/oasis HTTP 301
http://www.cifraclub.com.br/oasis/ HTTP 301
https://www.cifraclub.com.br/oasis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://id.cifraclub.com.br/id/v2/client.latest.css HTTP 302
https://akamai.sscdn.co/id/v2/3d130.client.css

Request Chain 62

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js HTTP 302
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMYj-Lst7AiaF4FwDNwScbk&google_cver=1&google_ula=862479430,0

Request Chain 244

https://um.simpli.fi/gp_match?google_gid=CAESEMs9ZRN4L0RPev61DdKaH5U&google_cver=1&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3u0lZu_KpwYvMD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA67D940DFD84C4B9186817F2B543DCC&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3u0lZu_KpwYvMD

Request Chain 245

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDv0Q1CP-YcFka8jQ9sWmGM&google_cver=1&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1VlC-5rgfvaK9X8M5dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1VlC-5rgfvaK9X8M5dw&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM

Request Chain 246

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWFWZUtcutS9t9HQRfFNyc&google_cver=1&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmXPigj4Ub7UUDgvB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmXPigj4Ub7UUDgvB

Request Chain 247

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSbkI2qaMi52kyUOjmSH8I&google_cver=1&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34ZXGZfiPESbFN HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0gsevTG9QNA58X2Wsa_p6g&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34ZXGZfiPESbFN

Request Chain 250

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59YupMeRPd00_TASh5qOEhFOLR0ln4nGwtqFDgPp40JnYctCfOHE2kiR_ege-5d5ohnXr45R371_PHV8ydNoLfG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59YupMeRPd00_TASh5qOEhFOLR0ln4nGwtqFDgPp40JnYctCfOHE2kiR_ege-5d5ohnXr45R371_PHV8ydNoLfG

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&C=1

Request Chain 253

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Request Chain 255

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Request Chain 256

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPwoOIjIUeQkcIWn0v5H4ZE&google_cver=1&google_push=AXcoOmSIO3avv8HhS6adc3Dwe32IeP1M89OudsUrihtLlQMjvUVdV2QDCrxZ8vyN-dfW075YVsiPt2EfotlxMfJTeCWiIhKR0Yn4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPwoOIjIUeQkcIWn0v5H4ZE&google_push=AXcoOmSIO3avv8HhS6adc3Dwe32IeP1M89OudsUrihtLlQMjvUVdV2QDCrxZ8vyN-dfW075YVsiPt2EfotlxMfJTeCWiIhKR0Yn4

Request Chain 259

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENCZW8U8K-jdAGIK_ShSOM&google_cver=1&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY8HSvz-zBIWjzKiwT-av6 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENCZW8U8K-jdAGIK_ShSOM&google_cver=1&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY8HSvz-zBIWjzKiwT-av6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc1MzIzNDgzNjM4NTk5MjAxNA&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY8HSvz-zBIWjzKiwT-av6

Request Chain 261

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAho0cyemSqUQHRlvDMJUF0&google_cver=1&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAho0cyemSqUQHRlvDMJUF0&google_cver=1&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1&google_hm=HxbBtGZHmjIwYT-jSAGbuRDR

Request Chain 262

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&google_cver=1&google_push=AXcoOmRXbm2T5fmxZFElWx4dtkhPzGBIhD2IXCZsYPHboKWQ19YtG2j-oVXAKSuwp2lI_4ccxG-oelSVOiBFmDiz4aM226S9Z4cD HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRXbm2T5fmxZFElWx4dtkhPzGBIhD2IXCZsYPHboKWQ19YtG2j-oVXAKSuwp2lI_4ccxG-oelSVOiBFmDiz4aM226S9Z4cD&gdpr=${GDPR}

Request Chain 264

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1

Request Chain 266

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Request Chain 268

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1

Request Chain 270

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

Request Chain 271

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Request Chain 272

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Request Chain 275

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSbkI2qaMi52kyUOjmSH8I&google_cver=1&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiCKXH-RlAzzTp6YA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ti3H5oVtT9E6uun3PL4DVQ&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiCKXH-RlAzzTp6YA

Request Chain 277

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIHiLagTsHSUtuie9_yaFo8&google_cver=1&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmPY0ydk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmPY0ydk&google_hm=eS13TUs1X2NCRTJwRy5mbTI3U29neGExODlIMXJWY3NyQn5B

Request Chain 278

https://d5p.de17a.com/cookies/google?google_gid=CAESEIG8XbjEd1EiLAk6gl08WFU&google_cver=1&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIG8XbjEd1EiLAk6gl08WFU&google_cver=1&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj

Request Chain 279

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkd-Egc0Sg0kYJo2LFHuag&google_cver=1&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_lWjlF7h-2yDT5F8hWDDx1NvuXXfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBTVUhZUkYtMTgtQlE1Qg==&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_lWjlF7h-2yDT5F8hWDDx1NvuXXfA

Request Chain 308

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_pros_378014208&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 309

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDv0Q1CP-YcFka8jQ9sWmGM&google_cver=1&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_2mflWXyCNnor_oU2-4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_2mflWXyCNnor_oU2-4w&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM

Request Chain 310

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWFWZUtcutS9t9HQRfFNyc&google_cver=1&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUxyXNogb9B0oaX_kWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUxyXNogb9B0oaX_kWQ

Request Chain 312

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELmIyDtwN6O65HV22KCov58&google_cver=1&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vToXCWO6ObrJFuXJD1W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vToXCWO6ObrJFuXJD1W

Request Chain 313

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK_k-wysz8uQ1wIGSjIfag4&google_cver=1&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5Wi5Q HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5Wi5Q&google_gid=CAESEK_k-wysz8uQ1wIGSjIfag4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg5NTYyMzg1NjE4ODE1MjYzMDcx&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5Wi5Q

Request Chain 314

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKX8DBBF9Ei6-HNHHlQLRIg&google_cver=1&google_push=AXcoOmTY5bNnwMc7J9GRpnpibVp8EFkmuiwybLW13_B7ekq9nt1FYb69eERfoEXGU-nVkLqu1WKpnjFX_IVy5FqU7SqLs-oNlvClYPs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTY5bNnwMc7J9GRpnpibVp8EFkmuiwybLW13_B7ekq9nt1FYb69eERfoEXGU-nVkLqu1WKpnjFX_IVy5FqU7SqLs-oNlvClYPs HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 315

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&google_cver=1&google_push=AXcoOmR7lXk8HuB8zbMw8PTvi5bKBbgYGlBwlYIo781SH3GVAldcfgvfqGIOzR7hmrMdaGtrZlWr3hSytXUcBz3u6Lvuej7uMRopWfw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7lXk8HuB8zbMw8PTvi5bKBbgYGlBwlYIo781SH3GVAldcfgvfqGIOzR7hmrMdaGtrZlWr3hSytXUcBz3u6Lvuej7uMRopWfw&gdpr=${GDPR}

369 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.cifraclub.com.br/oasis/
Redirect Chain

https://www.cifraclub.com.br/oasis/st
http://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/
https://www.cifraclub.com.br/oasis/st/letra/
https://www.cifraclub.com.br/oasis
http://www.cifraclub.com.br/oasis/
https://www.cifraclub.com.br/oasis/

1 MB
54 KB

2408ms
2407ms

Document
text/html

2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / PHP/5.6.37
Resource Hash: 154e15d714e058bd97a4b4abc2d1cd94ed898974961a821d9885a5527151c5b1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cache-control: no-transform, max-age=28800
content-encoding: br
content-length: 55535
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 21:21:22 GMT
quic-version: 0x00000001
server: nginx
vary: Accept-Encoding, X-Site-Version
x-debug-nocache: 0
x-powered-by: PHP/5.6.37
x-site-version: desktop

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 05 Dec 2023 21:21:19 GMT
Location: https://www.cifraclub.com.br/oasis/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: Accept-Encoding, X-Site-Version
X-Site-Version: desktop

GET
H2 200 opensans-light.woff2
akamai.sscdn.co/cc/font/opensans/ 18 KB
18 KB 154ms
9ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/opensans/opensans-light.woff2
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Fri, 24 Mar 2023 16:06:41 GMT
server: nginx
etag: "641dca91-4828"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18472
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 d8e28.desktop.css
akamai.sscdn.co/cc/css/ 435 KB
76 KB 108ms
47ms Stylesheet
text/css 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 20:44:24 GMT
server: nginx
etag: W/"655e6828-6cb5c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 77514
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3

200

3d130.client.css
akamai.sscdn.co/id/v2/
Redirect Chain

https://id.cifraclub.com.br/id/v2/client.latest.css
https://akamai.sscdn.co/id/v2/3d130.client.css

16 KB
4 KB

11ms
10ms

Stylesheet
text/css

2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:23 GMT
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3950
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

Redirect headers

location: https://akamai.sscdn.co/id/v2/3d130.client.css
date: Tue, 05 Dec 2023 21:21:23 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Tue, 05 Dec 2023 21:26:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 101ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9048ac60cd0315eb19906dda665194e05869840229eac7f252b2ffe27afe29ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 135ms
56ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00fbb9e4fd4c2a09ffb95498bcde2b613b85ff4825d25b1fa4adacbad4926e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29982
x-xss-protection: 0
server: cafe
etag: 563 / 19696 / 31079947 / config-hash: 1219479884554055064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:22 GMT

GET
H2 200 01c04.ads-manager.js Show response
akamai.sscdn.co/cc/js/ 6 KB
2 KB 10ms
10ms Script
application/x-javascript 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
last-modified: Thu, 22 Dec 2022 19:31:58 GMT
server: nginx
etag: W/"63a4b0ae-16d9"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1524
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 77f32f2a2c33fbd3c7ee99a771f99241.jpg
akamai.sscdn.co/letras/150x150/fotos/7/7/f/3/ 5 KB
5 KB 117ms
57ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/150x150/fotos/7/7/f/3/77f32f2a2c33fbd3c7ee99a771f99241.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a37b1e9e3d836052d9ecd8a4e2eb35c0b5313d4c9a9245e7abebd94c27c3b866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4850
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 e9eec9d7b68c9f524b0500b4694e1a1e.jpg
akamai.sscdn.co/letras/162x162/fotos/e/9/e/e/ 5 KB
6 KB 470ms
411ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/e/9/e/e/e9eec9d7b68c9f524b0500b4694e1a1e.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a60402d96673b5af7f44cb1c1946e9af96ab3bdf470558d04a79eeb1d614b508

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5608
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 e99f36428d9be616c7caa5bb66e7711c.jpg
akamai.sscdn.co/letras/162x162/fotos/e/9/9/f/ 6 KB
6 KB 75ms
66ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/e/9/9/f/e99f36428d9be616c7caa5bb66e7711c.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 641add6c942a307b08d3a46a521f67ceb594e19b72083f9dcd7855cea72dbacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5846
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 10c9e7dbb3b8c12edc045db6af011d06.jpg
akamai.sscdn.co/letras/162x162/fotos/1/0/c/9/ 3 KB
4 KB 65ms
56ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/1/0/c/9/10c9e7dbb3b8c12edc045db6af011d06.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 12f75b6fbc2ad35ecd7d3bde2edef2d0495fcf7e1ca7eb1600ba4fc7ad80ff3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3342
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 b4506de4afd7f665e8e8c17e93fae1f2.jpg
akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/ 2 KB
2 KB 33ms
32ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/letras/162x162/fotos/b/4/5/0/b4506de4afd7f665e8e8c17e93fae1f2.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2154
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 d31e40f85f7e42c285357f6a67d67c5d.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/ 21 KB
22 KB 20ms
20ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/b/d/2/b/d31e40f85f7e42c285357f6a67d67c5d.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5fad1ff70aeb989c3e52557b2e4e1ef65bf4fc2f72b5f8f754a78a86d3e266bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 21894
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 9aee29e9e4a84323aceb2d81815aee37.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/b/a/8/7/ 10 KB
10 KB 13ms
13ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/b/a/8/7/9aee29e9e4a84323aceb2d81815aee37.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2d40e27cec0d6f4aebf120bfbaa49d0d4336af8985d5be34ef151ad2722b0701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10168
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 931bc76a2bda4bbebfeb44349f862fa0.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/ 12 KB
12 KB 19ms
19ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/0/4/8/a/931bc76a2bda4bbebfeb44349f862fa0.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f35ae18fabbdf41c3b9f815cae3040a3d0d39d3aefc987e57c518a69bf2c763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 12002
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 eb17edcf634f4519829972ff799394d8.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/ 5 KB
6 KB 68ms
68ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/c/1/d/a/eb17edcf634f4519829972ff799394d8.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 89047ce19766d6b949b6fdd214a88910043b8c3bcfb75409398c80355c0a07cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 5424
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 d9ae6003f587475d86ed91c448848e26.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/ 5 KB
5 KB 178ms
178ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/5/8/9/5/d9ae6003f587475d86ed91c448848e26.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ef20e2b1b67a92e3fcaaa7ab4d4213916f3c656f5e04cd4c5126530a51101dfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4826
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 02db8d1cdbbc4f80a50ba1cb3d634a4c.jpg
akamai.sscdn.co/tb/320x320/palcomp3-logo/1/f/a/b/ 9 KB
9 KB 57ms
52ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/320x320/palcomp3-logo/1/f/a/b/02db8d1cdbbc4f80a50ba1cb3d634a4c.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c40598bf64af9e09b2f17215d6d9b4b15f62b22d44f35f004fd7875dca55a892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8720
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 4nej6o1iz7w.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/3/3/ 2 KB
2 KB 30ms
25ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/3/3/4nej6o1iz7w.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2ac5faa8fe9f69076c4fb1402b1f0cb41db6f571490e9d5a98a6eab4f16323d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1542
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 48cjej0sg5r.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/9/6/ 2 KB
2 KB 841ms
837ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/9/6/48cjej0sg5r.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8cb21551067a437fc8b6217238565a8adf59b59a64bcda6508750c76feedafff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1836
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H2 200 4lvgg817mu5.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/1/4/ 1 KB
2 KB 42ms
38ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/1/4/4lvgg817mu5.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f034a90449140c62feb20d6ee01398224cbf9879eea5bacf4453950e98557fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1390
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 avatar.svg
akamai.sscdn.co/cc/img/desktop/ 2 KB
1 KB 30ms
26ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/avatar.svg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: W/"65148952-84c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 740
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 4ftq1u965u4.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/ 2 KB
2 KB 33ms
29ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/4ftq1u965u4.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8651e0c1bf7605670249f0eef475c5b06b5c8502e6514199243c4efa5362f303

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1946
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 47pvu5sthcc.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/ 2 KB
2 KB 32ms
28ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/2/47pvu5sthcc.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e27ddabf1110e52de7532d90dff1ee3c907ac5fe0fb62e91fb0e529663b65d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1544
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 4k7gsnlso7q.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/ 2 KB
3 KB 1351ms
1347ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/3/4k7gsnlso7q.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4631555c380a404618ad15cb54ef8f57f2e4154f9ed0870b24a8ea3cb9da9306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2286
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H2 200 4mnupmwyqnu.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/ 2 KB
2 KB 30ms
26ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/0/8/4mnupmwyqnu.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e14eeb1168a0bb4bdf3f492c04c15b2840145837ac02e0924ca4f69c9d85bc9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 2196
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 45wz4kuf6up.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/ 1 KB
1 KB 1613ms
1611ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/3/45wz4kuf6up.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e0458fd009dd5bcee8601b7501b2ea91f28b52ee871d0f12dde6445ea5bdc57f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:24 GMT
date: Tue, 05 Dec 2023 21:21:24 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1376
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 4l9n5imnkbt.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/ 1 KB
1 KB 31ms
28ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/4/3/4l9n5imnkbt.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8bef23f2733c67f6ad7dddc09e98d1dd22cc1061d9c1abd06005dc395b234639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1224
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 4nf6khyjqc5.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/ 426 B
450 B 30ms
27ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/6/4nf6khyjqc5.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d6d1bea9920a3618255a4519e243872fad8d7da694dc10de6643657c6ad2762b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 426
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 47m43quqgy9.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/7/0/ 1 KB
1 KB 33ms
31ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/7/0/47m43quqgy9.jpg
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a8ec169659348d3c50e83f52b2beaf11840eada799ddfdfbfd48b271f7aaf6cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1066
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 87ms
16ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:25:28 GMT
content-encoding: gzip
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 3355
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: KmqNJ0YoNNjX5ZwBHoWzu6rUp67stu_iJRgNmn4B8Q0vUWcXuIpB2g==

GET
H2 200 firebase-performance-standalone.js Show response
www.gstatic.com/firebasejs/7.9.1/ 44 KB
13 KB 90ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:01:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13255
x-xss-protection: 0
last-modified: Fri, 21 Feb 2020 21:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 03:01:25 GMT

GET
H3 200 logos.svg
akamai.sscdn.co/cc/img/desktop/ 69 KB
22 KB 138ms
137ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logos.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 22510
x-debug-nocache: 0
last-modified: Fri, 03 Nov 2023 15:55:25 GMT
server: nginx
etag: W/"654517ed-11499"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H2 200 roboto-regular.woff2
akamai.sscdn.co/cc/font/ 19 KB
19 KB 11ms
10ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Fri, 24 Mar 2023 16:06:41 GMT
server: nginx
etag: "641dca91-4b88"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19336
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 sprite.svg
akamai.sscdn.co/cc/img/desktop/ 118 KB
38 KB 87ms
86ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 38382
x-debug-nocache: 0
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H2 200 roboto-bold.woff2
akamai.sscdn.co/cc/font/ 19 KB
20 KB 10ms
9ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/roboto-bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Fri, 24 Mar 2023 16:06:41 GMT
server: nginx
etag: "641dca91-4cdc"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 19676
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 Montserrat-Bold.woff
akamai.sscdn.co/cc/font/ 85 KB
85 KB 11ms
11ms Font
application/font-woff 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Bold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15384"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86916
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 sprite.svg
akamai.sscdn.co/cc/img/desktop// 118 KB
38 KB 84ms
84ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//sprite.svg?v=31
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 38382
x-debug-nocache: 0
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-1d68d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H3 200 verified.svg
akamai.sscdn.co/cc/img/desktop// 1 KB
518 B 25ms
25ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//verified.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 490
x-debug-nocache: 0
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: W/"652d4f06-41d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H3 200 icn.svg
akamai.sscdn.co/cc/img/desktop/ 54 KB
17 KB 73ms
73ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/icn.svg?v=3
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17823
last-modified: Tue, 19 Sep 2023 15:12:51 GMT
server: nginx
etag: W/"6509ba73-d69f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 violao_iniciante-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 17 KB
17 KB 26ms
26ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao_iniciante-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 50ce2be0ffe94eca5f65edb8b0f1f3a04499019161c18edf46830659aeffedfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 17416
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 violao-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 18 KB
18 KB 42ms
33ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/violao-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 298385c1b17e35a9710475ac7cbd3781346fde0bb4708503d71f309dbdb7f671

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18372
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 viola%CC%83o_sertanejo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 44ms
35ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/viola%CC%83o_sertanejo-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5690063093152714ffa5e91e793f6ccc94ae646f174d66325170a9c71c23eb9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7284
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 dinhoatual-1689593496.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 10 KB
10 KB 43ms
35ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/dinhoatual-1689593496.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d91220b5dbc70676ea9e1941e4b7d086e4dbcbb73b6e8a1f9690fe9d6296826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10388
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 fofaocurso-1696446624.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 7 KB
7 KB 43ms
35ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/fofaocurso-1696446624.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a7e2292263fc51c97c3f1c27a5eee48a4c7e5557eccd275d9fcd70fbac0e95c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7624
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 lives-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 5 KB
5 KB 129ms
121ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/lives-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 316e1d3d2b14ebcc1e14fc70e7865e2045dc714fdbad9c15838258b465d0d2c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 4898
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 canto-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 50ms
42ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/canto-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c6a5fe2631c931fd394de29d377c21dde3a1de0e6add6b01dd722cb2383f259c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8794
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/ 8 KB
8 KB 42ms
35ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/courses/cursocanto-instrutorvivi-instrutor-2default-instrutor-3-3x-1685628836.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: feeed033dfbd5a9ae01be265feb0e2f5eb6357ac0e881418a69f60754a5c7922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 8156
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 teclado-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 42ms
36ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teclado-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b76f37462c263693297294981992679b1dac456a0d22f4438e435b2245306c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7090
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 ukulele-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 43ms
36ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ukulele-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cc35098d44e047ccd575fc6c6f9b9a4a9fca64151c814da1ffe7086f0d11d51b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9728
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 bateria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 7 KB
7 KB 79ms
73ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/bateria-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 059fde446eca56b850d84915e85920731578dbfa93979ca10ddca0c20d945075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 7350
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 contrabaixo-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 49ms
43ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/contrabaixo-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c2724b477d4c039551d1f08a034f4af573dec4d89bd52a6a72a16220160106a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9690
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 fingerstyle-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 14 KB
14 KB 66ms
61ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/fingerstyle-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c6479c6ced6e99a04dc6faccbf7b63ce22f12d2a6a08152c9de6cd9bbb1e620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 14814
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 teoria-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 65ms
60ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/teoria-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6047c33c918d59db473a295012ce74658d40357389f06e8435e6ca5f25661ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6110
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 partitura-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 6 KB
6 KB 99ms
95ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/partitura-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2b851b972fa32357c957e2e5aee300afe8d42c813d86f806125bf4286261a786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 6306
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 harmonia-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 66ms
63ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/harmonia-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b63a4cb2301f3ecdcdd3d12a5a008ba755cb72047e8483388a22a73ca43dcdee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9912
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 guitarra-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 9 KB
9 KB 70ms
67ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e4c844ae615e35fff816a007964fed049286ab71d246ab7af3ab2af781d0342a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 9404
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 guitarra_blues-3x-2023-03-15.png
akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/ 10 KB
10 KB 53ms
50ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/384x186/cifraclub/aprenda/imagens3x/guitarra_blues-3x-2023-03-15.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f29d719b1c1083432ad2f4deb233f8b7ac42ebc70bdb158d600e92ae6a978a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 10202
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H2 200 Montserrat-Regular.woff2
akamai.sscdn.co/cc/font/ 61 KB
62 KB 12ms
8ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-f52c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62764
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 Montserrat-ExtraBold.3b1849a0.woff2
akamai.sscdn.co/gcs/cifraclub-static/ 68 KB
68 KB 19ms
14ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/cifraclub-static/Montserrat-ExtraBold.3b1849a0.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Mon, 30 Oct 2023 15:11:20 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 69232
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H2 200 Montserrat-SemiBold.woff
akamai.sscdn.co/cc/font/ 84 KB
85 KB 15ms
15ms Font
application/font-woff 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/font/Montserrat-SemiBold.woff
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065

Request headers

Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-debug-nocache: 0
date: Tue, 05 Dec 2023 21:21:22 GMT
last-modified: Wed, 25 Oct 2023 19:37:42 GMT
server: nginx
etag: "65396e86-15090"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 86160
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 logo_palco.svg
akamai.sscdn.co/cc/img/desktop/ 5 KB
2 KB 46ms
45ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/logo_palco.svg
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2212
last-modified: Wed, 23 Aug 2023 19:18:23 GMT
server: nginx
etag: W/"64e65b7f-15fb"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 instrutores.png
akamai.sscdn.co/cc/img/pro/ 14 KB
14 KB 20ms
20ms Image
image/png 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/pro/instrutores.png
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 14386
x-debug-nocache: 1
last-modified: Mon, 16 Oct 2023 14:56:06 GMT
server: nginx
etag: "652d4f06-3832"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H3

200

client.7da0f.js Show response
akamai.sscdn.co/id/v2/pt-br/
Redirect Chain

https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js
https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js

219 KB
61 KB

12ms
12ms

Script
application/javascript

2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 83d2a00c964e7177e010aeb143a26815c783f5be0b14b79fc54b8b30c41570a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:23 GMT
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
server: nginx
etag: W/"f9c0e64fea18b5e633ea3a5e98f673c2"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 62601
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

Redirect headers

location: https://akamai.sscdn.co/id/v2/pt-br/client.7da0f.js
date: Tue, 05 Dec 2023 21:21:23 GMT
cache-control: max-age=300
content-type: text/html
server: nginx
expires: Tue, 05 Dec 2023 21:26:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 150ms
59ms Script
application/x-javascript 2a03:2880:f068:8:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f068:8:face:b00c:0:3 Kyiv, Ukraine, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93c403c875b61db82b8c9b794384fe10a137d01346d07ca8f31767a7c164689a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 21:21:23 GMT
content-md5: zmmxeTNFKR9/Zvc1Hk8NNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: 4W3XJMbLNhS6RJm+FCoaJ+tIvW9MtLnS3UjbyG+XK4X8m1zg+7KfmprJps8tm9TpH7a09AuHubLWYD7FSsc5jQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5ab9a535829d4ddf439f333a6b80b8e0
cross-origin-opener-policy: same-origin-allow-popups
etag: "79c71e7b18c829e37ec1c0e8acb460fe"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:38:33 GMT

GET
H3 200 pt.js Show response
akamai.sscdn.co/cc/js/9bf7d.desktop/ 8 KB
2 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/9bf7d.desktop/pt.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2508
last-modified: Wed, 16 Nov 2022 14:11:52 GMT
server: nginx
etag: W/"6374efa8-1f37"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:22 GMT

GET
H3 200 a970a.desktop.js Show response
akamai.sscdn.co/cc/js/ 554 KB
149 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 31a7f6b125985fcebc86273eccd7b8a9347cf5f40ff32365ee3e6c9aa7e640a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 152549
x-debug-nocache: 0
last-modified: Thu, 23 Nov 2023 18:47:02 GMT
server: nginx
etag: W/"655f9e26-8a769"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H2 200 7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 309ms
226ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: oMbmV.0AF2GkkIfSAvohn0U.ljGYNNCf
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 21:21:24 GMT
last-modified: Tue, 03 Oct 2023 18:45:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"32d5cf5159a5742b9a45b5a348a320c6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: 5kGNHWMvwvObLnsfZtprD6LlXWftK2oXmxdl8u3JGSV8QDKWXmoiog==

GET
H3 200 984a4.headerbidding.js Show response
akamai.sscdn.co/cc/js/ 361 KB
95 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/01c04.ads-manager.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:22 GMT
date: Tue, 05 Dec 2023 21:21:22 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 97609
x-debug-nocache: 0
last-modified: Fri, 17 Nov 2023 16:17:11 GMT
server: nginx
etag: W/"65579207-5a36b"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H2 200 ed469278-746b-4198-921b-c75d368907cc Show response
config.aps.amazon-adsystem.com/configs/ 537 B
804 B 60ms
8ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:35:03 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 2779
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: NZmMEx2oyjYPhrCVHEOw-XRSwRvIcx2tZfh8SMpsowOMxqHM5-03SQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 1 KB
2 KB 23ms
22ms XHR
application/json 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br&pubid=ed469278-746b-4198-921b-c75d368907cc
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:02:46 GMT
via: 1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 8315
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1399
x-amz-cf-id: NPjlS8BnoBeMN-jUR8BpreOky43FCzLTqyyHqRRgtsfsInBYHSr87A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 60ms
14ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:45:32 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 dd5c8f1bc8fe255b1a3166b5a036fe2c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 52551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 6ZFDzJIhlNPKBAm67YlfFfukV1JK81C0bcr1lz0H6eiL0LL-RGu3GA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35105
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 04 Dec 2024 11:36:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ec73c88ebb92a5d882b16727dd7a35be406d7ddd3b198894bc9a794de3e9bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
20ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 19:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5974
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 21:41:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425afce1be49b4473d339ba95a807797866c932c8872af02e7fdab6bd4ec6def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69066
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

702774843d9b1aa028dffa0aae40cd06342bdef2ef088fa2cd6be5d26fcfffdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74516
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

152181388e090c281f08a79f82e51f9c755767c86e03b99824c3a893b8bd82fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72428
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/ 2 KB
2 KB 109ms
31ms Script
text/javascript 54.192.137.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.137.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-137-125.lhr62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:17:21 GMT
x-amz-version-id: 4a67YMV30TlyhjL1nN4.FrVHRkaqurdi
content-encoding: gzip
via: 1.1 a8f77777c0752dad31367fbd24424a90.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C5
age: 29043
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Mon, 07 Aug 2023 15:22:12 GMT
server: AmazonS3
etag: W/"40a2e6e75dc550891802657b9b2dda35"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: GoEkjrv_y4TOlG-FH9U9ssz7F4hL9N60MBMmX3gA9uesO8q81bD_Qw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 105ms
32ms Script
text/javascript 18.245.143.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.143.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-143-58.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:11:20 GMT
content-encoding: gzip
via: 1.1 56bcb1c1746cc96cff5943a0f457e6b0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: LHR5-P1
age: 63942
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: tTNquafVcGpV0OnfVix8JfPrhBkja_ZBi5pHvoXDlNAHbDxZsGgYIg==

GET
H3 200 Roboto-Bold.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
64 KB 10ms
9ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Bold.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:23 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 65972
last-modified: Thu, 10 Sep 2020 19:32:09 GMT
server: nginx
etag: "5f5a7f39-101b4"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H3 200 Roboto-Regular.woff2
akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/ 64 KB
64 KB 29ms
28ms Font
application/octet-stream 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/gcs/studiosol-marketing/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/id/v2/3d130.client.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://akamai.sscdn.co/id/v2/3d130.client.css
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:23 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 65916
last-modified: Thu, 10 Sep 2020 19:32:11 GMT
server: nginx
etag: "5f5a7f3b-1017c"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 70ms
68ms Script
application/x-javascript 2a03:2880:f068:8:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=470bbe5267606c28b2d7de849ae2006e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f068:8:face:b00c:0:3 Kyiv, Ukraine, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d93bceeaa7f2888762590888df0d3dec16b8e938dd350904f5f517557c078ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.cifraclub.com.br/
Origin: https://www.cifraclub.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 21:21:23 GMT
content-md5: rJ7Mb/nlVe/eIO3J6YNtxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86870
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
x-fb-debug: 9Yu9zqDNdDsRtWf84e6tc/sEvGz6IG4l2EkYQTrhGmFAniCooDdhNcxlsElHLRC2IlPSBQuQrmQNqnPcLLXRiQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9670b4ea182f1e8a74d392983efa7d07
cross-origin-opener-policy: same-origin-allow-popups
etag: "0feba4f0fe69fdfa4bf2af4d01c377e5"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 04 Dec 2024 20:07:51 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 10 KB
4 KB 88ms
10ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:41:03 GMT
content-encoding: gzip
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 11:54:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 31224
x-amz-server-side-encryption: AES256
etag: W/"96bc3a581f40e4dbb6739b063c8dcb9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: RT49_CRG69ggkmaAhQU2SY2N_WMPtmpbw4DAzwPNNL8Nwh9WmMs4TQ==

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 103ms
17ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:09:44 GMT
content-encoding: gzip
via: 1.1 google
age: 4299
x-guploader-uploadid: ABPtcPooSG--pG1bbRewHdOVGvYFEH0NPRqZat_BFIuyRxMVwj6Yq5ozsBSyGv8cbj-lo1HmChM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21234
last-modified: Wed, 13 Sep 2023 13:22:21 GMT
server: nginx/1.8.1
etag: "13721cc7c233ffe3299c16c1f82c8394"
vary: Accept-Encoding
x-goog-generation: 1694611341874847
x-goog-hash: md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21234
accept-ranges: bytes
expires: Tue, 05 Dec 2023 22:09:44 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 206 KB
80 KB 100ms
40ms Script
application/javascript 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: id.cifraclub.com.br
URL: https://id.cifraclub.com.br/id/v2/pt-br/client.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

119247ffe7df40e4d8d6d22869c3b2bc6076b5b525d5d3c5e4b8342af2f159ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aq1NzTel850hijnuP4SB2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-aq1NzTel850hijnuP4SB2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 200 bundle.js Show response
d335luupugsy2.cloudfront.net/scout/ 45 KB
14 KB 233ms
230ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-version-id: xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified: Thu, 28 Jan 2021 17:27:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"88819ce057f99124674a75d611e4f53a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: lCQx7KbW1yeKOVeTLR1vfercl7k9Dea2SfRKBCq9IS6qXO0RNkkjpw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 51ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701811282338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1853536201.1701811284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701811283&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=16501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 213ms
198ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/a5e92b0f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Tue, 05 Dec 2023 21:21:23 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/a5e92b0f
content-length: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 58ms
23ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231205

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b0b122194485c91aacdd819e8687e299246e28949b99c5c321dbad6aeb3f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19234
x-jsd-version: 1.0.1895
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230122-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-EqcVoDJZgWuwiJzEOmym8EehJVA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKWxC2qrG9X0xcF5qVmeHs9JdRUHRQ9ygdzKVZI40si06kDk1uPSUFScg716kBUZBeZE7%2BIfA5mcVjXSmDp4YgTSU8uf7qdXEwj%2FnCbcYAT%2BZhYavu5%2FUU9NTsODYPv7E5Ziiua0car2D35Qm7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 830f56aaf9343a8c-FRA

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 125ms
61ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&pid=j3UiAfLmtvXWO&cb=0&ws=1600x1200&v=23.1108.2350&t=2000&slots=%5B%7B%22sd%22%3A%22pub-cc-capa2_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A970x90%3Acapa%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internas_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x150%22%2C%22970x250%22%2C%221055x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-internasSquare_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A300x250%3Ainternas%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-dynamicVertical_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AdynamicVertical%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-floatingAds_ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3AfloatingAds%22%7D%2C%7B%22sd%22%3A%22pub-cc-desktopFixed_ad%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A728x90%3AdesktopFixed%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-bandsintown--artist_above_ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Aartista%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopLeft_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Aleft%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopCenter_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Acenter%3Areload%22%7D%2C%7B%22sd%22%3A%22pub-cc-cifraBfTopRight_ad%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3697496%2Fcifraclub%3A320x50%3Acifra%3Aright%3Areload%22%7D%5D&pubid=ed469278-746b-4198-921b-c75d368907cc&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: YDGMZJY5777253MK5E5K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UvdIhDxAxLjHM57FxdsjdK0h3_gOaDGLsyGRKYAjOYIKRfBY0_cTKA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102201320-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bed9b83d6da09c14fee08063687892aea6d456c5d8aeb03de91123c26c09fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81236
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:23 GMT

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 197ms
197ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/a5e92b0f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Tue, 05 Dec 2023 21:21:23 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/a5e92b0f
content-length: 0

GET
H2 401 sponsor Show response
master.cifraclub.com.br/api/v3/ 0
146 B 198ms
197ms Fetch 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/api/v3/sponsor
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx / CifraClubAPI/a5e92b0f
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Tue, 05 Dec 2023 21:21:23 GMT
access-control-allow-credentials: true
server: nginx
x-powered-by: CifraClubAPI/a5e92b0f
content-length: 0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 90ms
42ms Script
application/x-javascript 2a03:2880:f068:8:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f068:8:face:b00c:0:3 Kyiv, Ukraine, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 21:21:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: cEJOY1+e8kGYq3M6n6uiB9q7ehZ2TQQIcvvJgcE11FTVuIGBErzKL+3rZhq0jv6/VT0cdkiejsA5NN3u/8wcRw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 loading.gif
akamai.sscdn.co/cc/img/desktop// 17 KB
17 KB 41ms
41ms Image
image/gif 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop//loading.gif
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://akamai.sscdn.co/cc/css/d8e28.desktop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:23 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 17309
last-modified: Wed, 27 Sep 2023 19:58:10 GMT
server: nginx
etag: "65148952-439d"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H2 200 11 Show response
api.cifraclub.com.br/v3/comments/artist/ 1 KB
962 B 1453ms
1437ms Fetch
application/json 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cifraclub.com.br/v3/comments/artist/11
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx / CifraClubAPI/a5e92b0f
Resource Hash: 3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
server: nginx
x-powered-by: CifraClubAPI/a5e92b0f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Authorization,cookie
content-length: 621

GET
H3 200 d2360.desktopArtist.js Show response
akamai.sscdn.co/cc/js/ 12 KB
4 KB 72ms
71ms Script
application/x-javascript 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://akamai.sscdn.co/cc/js/d2360.desktopArtist.js
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:23 GMT
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 3672
x-debug-nocache: 0
last-modified: Tue, 24 Oct 2023 13:24:49 GMT
server: nginx
etag: W/"6537c5a1-3157"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
quic-version: 0x00000001

GET
H3 200 thumb-art.svg
akamai.sscdn.co/cc/img/desktop/ 3 KB
2 KB 28ms
28ms Image
image/svg+xml 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/cc/img/desktop/thumb-art.svg?v=3
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

quic-version: 0x00000001
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1789
last-modified: Mon, 20 Mar 2023 18:57:37 GMT
server: nginx
etag: W/"6418aca1-d6c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 04 Dec 2024 21:21:23 GMT

GET
H2 200 country Show response
master.cifraclub.com.br/geoip/ 2 B
244 B 199ms
199ms Fetch
text/plain 177.54.145.110
Latitude.sh LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://master.cifraclub.com.br/geoip/country
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/a970a.desktop.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 177.54.145.110 São Paulo, Brazil, ASN262287 (Latitude.sh LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
server: nginx
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: origin, x-requested-with, content-type, accept
content-length: 2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
2 KB 92ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1701811283859&cv=11&fst=1701811283859&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4e26be6715ef8a5c23e7b8d3cd5f5222fa983cc67299aaa10d2855b4a7cb331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/ 3 KB
1 KB 88ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391658277/?random=1701811283875&cv=11&fst=1701811283875&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391658277&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ec14cc1aa8eeca8944095f8e525db4e8eeaff2daa7ae464646dfc980f3a2468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
2 KB 86ms
45ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUMSRPRR
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 2e588a4bf1490e6e6b157434a2ad6bdc30609d9a8ef43342d94baac0e0091e60

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:23 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 23 KB
8 KB 403ms
356ms XHR
application/json 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4863ea0e5b427ff0586a248fa8414504c66f4c2d52a73f12e06bc92d71c5b568

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: gzip
an-x-request-uuid: 46bf2a39-d140-4bee-ad03-f8806a0f8d1f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 97ms
49ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cifraclub.com.br
date: Tue, 05 Dec 2023 21:21:23 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 25 KB
12 KB 372ms
315ms XHR
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15546&site_id=101124&zone_id=1047730%3B1047736%3B1047732%3B673500%3B1924340%3B2850432%3B3101134%3B3101124%3B3101120&size_id=2%3B2%3B15%3B15%3B2%3B43%3B300%2C50%3B300%2C50%3B300%2C50&alt_size_ids=55%2C57%3B55%2C57%3B16%3B9%2C10%2C16%3B55%3B%3B320%2C50%3B320%2C50%3B320%2C50&eid_pubcid.org=9777ed0c-0a59-4afa-b043-86d9a9b4e572%5E1&rf=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&kw=Oasiscifras%2COasis%2Ccifra%2Cletracifrada%2Cletras%2Ctablatura%2Ctab%2Csolo%2Criff&tg_i.page=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&tg_i.domain=cifraclub.com.br&tk_flint=pbjs_lite_v7.39.0&x_source.tid=93d7e350-cacd-472c-acd0-0227357e7114%3B328e625e-88bb-4908-b583-322976392141%3Bc7482064-d4d0-45d7-addf-d80214ca7bf9%3B1750cf42-87d1-4599-9f7b-3f8046982787%3Be8de59ca-ecca-4a9f-bbbd-bf5daac895c1%3B543da420-f8cd-4d93-934f-82be01434068%3B4be79b96-ad94-4ecd-9ca5-ac942c78bea6%3Bb6753fe0-c603-4f7e-ac41-31673e959c78%3B8e273457-3ee4-4bec-8ccc-9a64d2e473d8&l_pb_bid_id=32e823449d5f84b%3B339e6f5592102b5%3B340af754f976fde%3B351132e9a54052a%3B36cec0b45e45396%3B37452b1d35b25e%3B382e71df4b34678%3B391fdde6e90e226%3B40e7eaa3ac8d05b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=9&rand=0.13163521348692608
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae5f58b66956dd716df86b41ce9fea600693e1553d298e756670566fc4e65036

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
568 B 575ms
184ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 491ms
159ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 60 KB
15 KB 366ms
158ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: b478f4e1eb5d4799950007124870db82e999f95eacaf44880daad858fbe3bd71

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 58 KB
15 KB 406ms
199ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: a3f823f29cf83fbb01422786349185f8ea56c6eafb64421c214507238312aa56

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 312ms
105ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 389ms
182ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 329ms
123ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 404ms
198ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 393ms
80ms XHR
application/json 178.32.210.226
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS: ip226.ip-178-32-210.eu
Software: /
Resource Hash: f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 11 B
374 B 371ms
318ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
via: 1.1 google
server: openresty
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 133 KB
51 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P6C6QNR&t=gtag_UA_446764_81&cid=1853536201.1701811284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5176ccc9c6010195a92c4d762ffb7716bf8b801f5af11bd97c10811729ae9d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52080
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 126 KB
28 KB 47ms
9ms Script
application/x-javascript 13.32.27.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/f71ca18f-376e-4fdb-9d44-ab42f39b7e4b/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: RqxhuEqCNd1s7.WeOk9hr4eUawsbzlx2
content-encoding: gzip
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 21:01:01 GMT
last-modified: Thu, 30 Nov 2023 15:24:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1224
x-amz-server-side-encryption: AES256
etag: W/"2c168941d7d5456860d15b9fc8c8d4e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: IsNN-sZ2q60zCNyaT9iu7w_65IOzyf-mZP1fWqKA0GIWtjfA3CKh6w==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
2 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1701811284017&cv=11&fst=1701811284017&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3cb5b34c7a52719f57db93239125595a513add76579576a64e4449606321a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/ 3 KB
2 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/376007190/?random=1701811284032&cv=11&fst=1701811284032&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3DDesktop%3Bevent_category%3DLGPD&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-376007190&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c07a526465971702ce227bcdc57855ed80d21d98d1e4d4bb8aa374155f102f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 110ms
32ms XHR
application/json 52.48.81.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: aa50d23f071f90a9f5d5666e9a98e71115588186544bee09d3b3bb55b9fa6625

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache
x-server: 10.45.25.204
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 23ms
21ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701811284047&ns_c=UTF-8&cs_cfg=100&c7=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&c8=Oasis%20%7C%20Cifra%20Club&c9=
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: DX-eTFXPAcNl3ciU_1eAXtTNrJvsH6xYZgQRGslfyQNT-o1ukLKLdQ==
x-cache: Miss from cloudfront

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 55ms
54ms Stylesheet
text/css 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kg36PEUfSQhFwSxLnuo55A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-kg36PEUfSQhFwSxLnuo55A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
531 B 45ms
45ms XHR
application/json 2a00:1450:400c:c00::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=1030638109871-ffp7d0aeu1q12ufr2d7teht7av9i6ufq.apps.googleusercontent.com&as=OoqRwUVJJqlsNbS4Y9%2FrBQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

342b8d0fe6a6c5937d4814a9b66cc9f015997eaa64a5e9f1f94db526a9dfb3f9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-p7Q6MNrHCyHVXR65Skov_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-p7Q6MNrHCyHVXR65Skov_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
455 B 69ms
25ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1701811283859&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlOAMxdeuUu488OdQ9Puw8lTdNZUXUw&random=1909926662&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
108 B 71ms
28ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1701811283859&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNlOAMxdeuUu488OdQ9Puw8lTdNZUXUw&random=1909926662&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391658277/ 42 B
108 B 72ms
28ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391658277/?random=1701811283875&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSGwDICaaNdOvfY0u2CJgsoSGLNkkxL53fwtBirw&random=1929835975&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/391658277/ 42 B
455 B 69ms
26ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/391658277/?random=1701811283875&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSGwDICaaNdOvfY0u2CJgsoSGLNkkxL53fwtBirw&random=1929835975&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 11ms
11ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:35:46 GMT
x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
age: 45938
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Aiexz_txwIJGMVOg_exGtbvp2MMWFAxg5pN7lRwd9lmch0BsT_QREQ==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 12ms
11ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:41:43 GMT
x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 63581
x-amz-cf-id: H4vxT-WTrT87Qs3RQGSlbHMolC5dAA6u4CYGVJEQW9UYFSUwU4RpYw==

GET
H2 200 default.jpg
img.youtube.com/vi/X8ng4_7sZeg/ 4 KB
4 KB 94ms
27ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/X8ng4_7sZeg/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3683
x-xss-protection: 0
server: sffe
etag: "1657112391"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/0zAiP4x9xUU/ 3 KB
4 KB 97ms
30ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/0zAiP4x9xUU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3574
x-xss-protection: 0
server: sffe
etag: "1657112463"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/sw-l2PBSJLU/ 4 KB
4 KB 96ms
29ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/sw-l2PBSJLU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3726
x-xss-protection: 0
server: sffe
etag: "1657112392"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/lMghBT8iZlU/ 4 KB
4 KB 106ms
39ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/lMghBT8iZlU/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4112
x-xss-protection: 0
server: sffe
etag: "1657112404"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/yk_w0TC63a4/ 4 KB
4 KB 94ms
28ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/yk_w0TC63a4/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4080
x-xss-protection: 0
server: sffe
etag: "1657112380"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Sfm95urr4Rc/ 4 KB
4 KB 97ms
31ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Sfm95urr4Rc/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657112379"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2WA7nH5jwUQ/ 4 KB
4 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2WA7nH5jwUQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3823
x-xss-protection: 0
server: sffe
etag: "1657113037"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/2omaEbJvuTo/ 4 KB
4 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/2omaEbJvuTo/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3725
x-xss-protection: 0
server: sffe
etag: "1657113316"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/cuoGwkQCcQw/ 4 KB
4 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cuoGwkQCcQw/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3745
x-xss-protection: 0
server: sffe
etag: "1657113138"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/NmhsObul9UA/ 4 KB
4 KB 33ms
32ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/NmhsObul9UA/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
server: sffe
etag: "1657112314"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/D8dkrHnQwWQ/ 5 KB
5 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/D8dkrHnQwWQ/default.jpg

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4779
x-xss-protection: 0
server: sffe
etag: "1657112262"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 05 Dec 2023 23:21:24 GMT

GET
H3 200 727884491260161 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 213ms
212ms Script
application/x-javascript 2a03:2880:f068:8:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/727884491260161?v=2.9.138&r=stable&domain=www.cifraclub.com.br

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f068:8:face:b00c:0:3 Kyiv, Ukraine, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 05 Dec 2023 21:21:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coep_report="https://www.facebook.com/browser_reporting/?minimize=0"
pragma: public
x-fb-debug: 7F2hDfpJeFm4JUqzciFFZQKWC6vhxXoxCea8gLoCEPdqtHtKyF/0ighCdfVtgtQBUKLqx4eNi9Ey5eFw5QHw+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 23ms
22ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XBHRSMDBK4&gtm=45je3bt0v9124943832&_p=1701811282338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1853536201.1701811284&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701811284&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_fv=1&_ss=1&_ee=1&ep.event_category=LGPD&up.login=Deslogado&up.subscription=free&tfd=17156
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBHRSMDBK4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
608 B 8ms
8ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: 0f15c0f3c21874a8b2f598ec10f54e778a3ea4ee2b7f004826b0201f28742996

Request headers

Accept: application/json
Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 02:31:22 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 67801
x-amzn-requestid: 35bb6c25-9b2f-4d9f-afd9-5c83b0bac6bf
x-amzn-trace-id: Root=1-656e8b7a-1e26aea55d82ce6e4327c8ed;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Pcq7JEF_joEEifw=
content-length: 30
x-amz-cf-id: l_BgNFz-BOWjROa-30VaOM7ReTRO2w8TkHCaFIh_edfzw3nD5vCnjw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 125ms
81ms Preflight
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 05 Dec 2023 21:21:24 GMT
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront), 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
x-amz-apigw-id: PfQdOF8LjoEEkyw=
x-amz-cf-id: driGkrB1My6e43HlzpkyI3E18R7u0mUF8e0FgqlwfNd-ucTL6gGSWQ==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 45c8732a-18e3-490f-8b9d-59f252176fe6
x-cache: Miss from cloudfront

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
108 B 29ms
26ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1701811284017&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN5xD66EuhjFKSNe-7it_mesme8WaAQyQr_JgYc8HtopJKVFS1&random=1614959024&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 27ms
24ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1701811284017&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN5xD66EuhjFKSNe-7it_mesme8WaAQyQr_JgYc8HtopJKVFS1&random=1614959024&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/376007190/ 42 B
108 B 27ms
26ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/376007190/?random=1701811284032&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNZeCQmZTmTpzsuzXfdAebSX455jT6lzAOMQzetZuf8JJONeG7&random=3766711523&rmt_tld=0&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/376007190/ 42 B
108 B 27ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/376007190/?random=1701811284032&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3DDesktop%3Bevent_category%3DLGPD&fmt=3&is_vtc=1&cid=CAQSKQDICaaNZeCQmZTmTpzsuzXfdAebSX455jT6lzAOMQzetZuf8JJONeG7&random=3766711523&rmt_tld=1&ipr=y

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 31ms
13ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=727884491260161&ev=PageView&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&rl=&if=false&ts=1701811284443&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1701811284442.804475670&ler=empty&it=1701811284209&coo=false&rqm=GET

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 21:21:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 58ms
16ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:04:18 GMT
content-encoding: gzip
age: 76626
x-guploader-uploadid: ABPtcPoLJsvDfYCd9Kn_dpbOLENWNrh7VDIq0EGPF1MACmZxXyjnzVO7kAJGani1DDTDzUXmvTg3YXEo0bxa1tufktldOLtqIhrb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Wed, 06 Dec 2023 00:04:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25a077185630eeb59a4762d921f296b03c5d3df6c4c8926b06ffc66b877710c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74638
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cc3b59a471884704beaf3b395d4f73056e3a2c037cdb64ecd15a80afd3c2560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80990
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a07d22cd689ebb230b2dc6e1d09e3f5387899fa842ed2a50138b2e7d5855c2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81023
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b38e3c52caa4ecfe7ed334b9b90a861302502671da162187c6cb4796da0dd6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81072
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46f6301beea4c123d6893d8b9a2f8c7db9b58bc9d2769c0d01e9bcf79e912517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81085
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-446764-81

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87e0273412ab5427fca2cb2bf7a68556a042affa9d08cc519d49f065a3d57fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72488
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 21:21:24 GMT

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
622 B 474ms
150ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

e7af5e770521a508db9eb41edbf2ea43722175774727621289813b779c3de3a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 897 KB
235 KB 1079ms
1079ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2113618550074994&correlator=711311408391622&eid=31079947%2C31079527&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=3697496%2Ccifraclub%3A970x90%3Acapa%3Areload%2Ccifraclub%3A728x90%3Ainternas%3Areload%2Ccifraclub%3A300x250%3Ainternas%3Areload%2Ccifraclub%3AdynamicVertical%3Areload%2Ccifraclub%3AfloatingAds%2Ccifraclub%3Abg%2Ccifraclub%3AInterstitial%3Adesk%2Ccifraclub%3AcustomAds%2Ccifraclub%3A728x90%3AdesktopFixed%3Areload%2Ccifraclub%3A320x50%3Aartista%3Areload%2Ccifraclub%3A320x50%3Acifra%3Aleft%3Areload%2Ccifraclub%3A320x50%3Acifra%3Acenter%3Areload%2Ccifraclub%3A320x50%3Acifra%3Aright%3Areload&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C728x90%7C970x90%7C970x150%7C970x250%7C1055x250%2C300x250%7C336x280%2C300x250%7C300x600%7C160x600%7C336x280%2C1x1%2C1x1%2C1x1%2C1x1%2C728x90%7C970x90%2C320x50%2C300x50%7C320x50%2C300x50%7C320x50%2C300x50%7C320x50&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=480&fas=0%2C0%2C0%2C0%2C0%2C0%2C8%2C0%2C0%2C0%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701811284725&lmt=1701811284&adxs=436%2C436%2C1090%2C1090%2C0%2C0%2C-9%2C0%2C436%2C1080%2C153%2C650%2C1148&adys=13111%2C102%2C417%2C3244%2C1200%2C1200%2C-9%2C1200%2C1110%2C347%2C13226%2C13226%2C13226&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C2%7C3%7C4%7C-1%7C5%7C0%7C0%7C6%7C7%7C8&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&vis=1&psz=1295x0%7C1295x0%7C415x0%7C415x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0%7C300x0%7C300x0%7C300x0&msz=728x0%7C728x0%7C300x0%7C300x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C728x-1%7C320x0%7C300x0%7C300x0%7C300x0&fws=0%2C0%2C0%2C512%2C512%2C512%2C2%2C512%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1853536201.1701811284&ga_sid=1701811285&ga_hid=1668602037&ga_fc=true&ga_cid=717338737.1701811284&dlt=1701811282242&idt=1379&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.12%26hb_adid_appnexus%3D5793c16146f89e9%26hb_bidder_appnexus%3Dappnexus%26hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D300x250%26hb_pb_smartadserver%3D0.36%26hb_adid_smartadserve%3D56e4b090bd57d89%26hb_bidder_smartadser%3Dsmartadserver%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D336x280%26hb_pb_rubicon%3D0.87%26hb_adid_rubicon%3D546e16871b49af8%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.87%26hb_adid%3D546e16871b49af8%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%26hb_format_smartadser%3Dbanner%26hb_size_smartadserve%3D160x600%26hb_pb_smartadserver%3D0.39%26hb_adid_smartadserve%3D61c91b320da9c7d%26hb_bidder_smartadser%3Dsmartadserver%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.39%26hb_adid%3D61c91b320da9c7d%26hb_bidder%3Dsmartadserver%7Camznbid%3D2%26amznp%3D2%7C%7C%7C%7Camznbid%3D2%26amznp%3D2%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.55%26hb_adid_rubicon%3D55d40da6d2c5663%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.55%26hb_adid%3D55d40da6d2c5663%26hb_bidder%3Drubicon%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D320x50%26hb_pb_appnexus%3D0.57%26hb_adid_appnexus%3D5826dd5ca3592d8%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D320x50%26hb_pb%3D0.57%26hb_adid%3D5826dd5ca3592d8%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&cust_params=reload%3D0%26page_visibility%3D1%26viewport_height%3D1200%26viewport_width%3D1600%26connection%3D4g%26page%3Dartista%26artista%3Doasis%26idioma%3Dpt%26domain%3Dwww.cifraclub.com.br&adks=1256583580%2C70520306%2C1414448433%2C1074996685%2C3836274097%2C2615809906%2C31671829%2C2750821183%2C3249029758%2C4164029453%2C1531172727%2C3962061878%2C3815672264&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50567f9e1874c1ecf89ddd10c1a271fd518b59729c6ee54f3c3630366e06144f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240445
x-xss-protection: 0
google-lineitem-id: 6244215731,-2,-1,-1,-2,-2,-1,-2,-1,-1,5513881168,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138425323356,-2,-1,-1,-2,-2,-1,-2,-1,-1,138327264231,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 138ms
91ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24498e4f5f7f8c31548bc4efc09f8abcd2bde56e0721af24c85a5e71611e3708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12329
x-xss-protection: 0

GET
H2 200 container.html Show response
4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CE6 6 KB
3 KB 102ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:24 GMT
expires: Wed, 04 Dec 2024 21:21:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 39 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js?cb=31079947

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:34:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13834
x-xss-protection: 0
server: cafe
etag: 17155732702192029938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 04 Dec 2024 07:34:44 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 8ms
8ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/7de331ff-fa05-42fa-9865-1bfff4034e30-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:33:37 GMT
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-version-id: oomtdpM6oP_XzYJszm90PPsmQplWgfJZ
last-modified: Wed, 23 Aug 2023 17:09:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 67668
etag: "051eaa8016019d816c2ed2a9645c6935"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56782
x-amz-cf-id: GLnIpHdKSUyvMl01UN0CWvqUd-fO_1ryCM0CtorNefQaHJA3JSxMaQ==

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 16ms
15ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:38:15 GMT
content-encoding: gzip
age: 78189
x-guploader-uploadid: ABPtcPqQyvvc6sQ5MUwppxljgnD2xLpLG1YhL_-60JMEyzJboIqO8BqWhz8T9Oq3bot6stsHm-CqfEcsOA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Tue, 05 Dec 2023 23:38:15 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
680 B 182ms
115ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:par-cifraclub:1|_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1701811285&tM=direct&tL=direct&tN=direct&tY=3&tZ=26442777
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:24 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1701811284829&cv=11&fst=1701811284829&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcac895ddbf0ea7b4b8c1e93a111a6a0ab7b789abc18221e096e6ab1cd1d33e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ Frame 0
0 101ms
30ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Dec 2023 21:21:24 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/ 627 B
686 B 259ms
258ms Fetch
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/integral-accord-651/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06fd0b7c95ca7a74f4ab41edf10bfc48fcfa9b18c59d3acb4423df4a5d651363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.cifraclub.com.br/
x-goog-api-key: AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1701811284860&cv=11&fst=1701811284860&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5603321790f44ac98ad080c90e97008c1f88fc7682db126c03f22de3c428c79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 451ms
150ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=435534&uniq=_xdd49f615&ref=aHR0cHM6Ly93d3cuY2lmcmFjbHViLmNvbS5ici9vYXNpcy8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Tue, 05 Dec 2023 21:21:25 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
65ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 21:21:25 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1701811284947&cv=11&fst=1701811284947&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&hn=www.googleadservices.com&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&auid=1598757656.1701811284&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde1209c0b73601ff2fc5b60e0ab50b23b4dcbc39667218a222f5291bd39b6c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
160 B 147ms
126ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 0f1747514370104e20afef95a499d42bb4584c7d5bf36946b9791ca3897ac3f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1701811284829&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNT92nqousxjYuK2NxSIdxNA14VCMdpC--gyLxl6SWo5ylGnai&random=2901752466&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
64 B 38ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1701811284829&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNT92nqousxjYuK2NxSIdxNA14VCMdpC--gyLxl6SWo5ylGnai&random=2901752466&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
64 B 36ms
35ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1701811284860&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNJ216OEr-C0tDpuv9F8cOABJY2eoXCEfETNofaArP7662eUwX&random=1848548321&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
64 B 36ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1701811284860&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNJ216OEr-C0tDpuv9F8cOABJY2eoXCEfETNofaArP7662eUwX&random=1848548321&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
64 B 34ms
34ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1701811284947&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNHK2rOeXVCWKGcgTsJGpZr0qF_GcAiJrrnuczbqu_Hg1b1w8Y&random=2139969604&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
64 B 33ms
33ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1701811284947&cv=11&fst=1701810000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&frm=0&tiba=Oasis%20%7C%20Cifra%20Club&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNHK2rOeXVCWKGcgTsJGpZr0qF_GcAiJrrnuczbqu_Hg1b1w8Y&random=2139969604&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8383 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:19:38 GMT
expires: Wed, 04 Dec 2024 15:19:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 29F4 829 B
559 B 25ms
24ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d35055bc4d7f1f973c1615dcf9191b0a9f30456bcd3e58c8001a3cd3a9c49f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NQ7uUqRq8IJ0HbHJcaTjIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NQ7uUqRq8IJ0HbHJcaTjIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:25 GMT
expires: Tue, 05 Dec 2023 21:21:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8383 39 KB
15 KB 65ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29F4 0
0 87ms
51ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2113618550074994&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8383 0
10 B 28ms
27ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uy5a-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b Show response
b.t.tailtarget.com/ 116 B
563 B 118ms
117ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007F54946F65C70647B902871E0C&tX=b.52&tZ=899365035
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cfa0c8273dbf4696027e0288e929cd536ccf8bfd441fabdaece1201dd820803f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 41821520942.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/ 318 B
350 B 32ms
31ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/2/41821520942.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9f328676e304fd00e3137bec2128ce6f9cf19244ee7be37a901dfd4772f1d3de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:25 GMT
date: Tue, 05 Dec 2023 21:21:25 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 318
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 39118139871.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/ 650 B
682 B 819ms
818ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/8/9/39118139871.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6903a34fb38ccc77a65f5fb43b43502a430492a6cb443a23025fcdffbed9b750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:26 GMT
date: Tue, 05 Dec 2023 21:21:26 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 650
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 39501721926.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/ 2 KB
2 KB 40ms
39ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/2/4/39501721926.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5398bb5a0b481f244d4d6acd1a4e5991521bbfae055aca47327aeebafc3fa7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:25 GMT
date: Tue, 05 Dec 2023 21:21:25 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1962
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 38989123692.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/ 2 KB
2 KB 100ms
100ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/6/2/38989123692.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 333790a08743cda14dd3f8de8fb729b6bab0c81e33a1c8ce4d50a87e0db14e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:25 GMT
date: Tue, 05 Dec 2023 21:21:25 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1762
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

GET
H3 200 38809746892.jpg
akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/ 1012 B
1 KB 31ms
30ms Image
image/webp 2a02:26f0:780::5f65:36d8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://akamai.sscdn.co/tb/75x75/ccid-avatar/5/2/38809746892.jpg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:780::5f65:36d8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e822051911dd8a23b071e002aff3422e6c2ea8e05823e1965c8197541901a0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 04 Dec 2024 21:21:25 GMT
date: Tue, 05 Dec 2023 21:21:25 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 1012
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001

POST
H3 200 fireperf:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ 1 KB
503 B 185ms
185ms Fetch
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67ccabef884af212de2cd221206608e0626595d333ed124f38c0033eaa7ac2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
Authorization: FIREBASE_INSTALLATIONS_AUTH eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhcHBJZCI6IjE6MTA0NjU0MTE0ODQ2MTp3ZWI6ZTAzZjU2N2QxYTAyZDM4ZWI2YjNhNCIsImV4cCI6MTcwMjQxNjA4NSwiZmlkIjoiY2ZKQ05iQkpMNW0wMlNuQWs0VWVUSCIsInByb2plY3ROdW1iZXIiOjEwNDY1NDExNDg0NjF9.AB2LPV8wRQIhALQKY7oARI4VFXYk2JNNfOy64g9Y_0J7L1Q18DZwUzECAiBWM--LfIpWHcMKkt2Mn_9RddPw9t-XL3-mwHofOMO_DA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-integral-accord-651-fireperf-fetch--322601551
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 479
x-xss-protection: 0

OPTIONS
H2 200 fireperf:fetch
firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/ Frame 0
0 52ms
30ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/integral-accord-651/namespaces/fireperf:fetch?key=AIzaSyD2I8uP0YAQbvdfovfJrBhJN48fh468rJw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: authorization
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.cifraclub.com.br
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 05 Dec 2023 21:21:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 83 B
117 B 112ms
112ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=57215093
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 7172d7cff67b2eeea5dad47fcd724e75c0b4bc99198bdfbc64e2d9aa91b68c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 tr
www.facebook.com/ 0
54 B 10ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 05 Dec 2023 21:21:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMYj-Lst7AiaF4FwDNwScbk&google_cver=1&google_ula=862479430,0

70 B
364 B

127ms
114ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMYj-Lst7AiaF4FwDNwScbk&google_cver=1&google_ula=862479430,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEMYj-Lst7AiaF4FwDNwScbk&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 125ms
113ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_steinbach%20am%20taunus_hesse_de_1701811285300_2997014915&tJ=CA15437,CA15795,CA15771&tQ=par-cifraclub,r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007F54946F65C70647B902871E0C&tX=b.52&tY=1&tZ=629860411
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:25 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2113618550074994&bg=!39yl3JPNAAY3kmNgF5I7ADQBe5WfOHE557ifrpxFLCxzh6T1DG3MHn0eFxSjGN9jRTVEXjb1wOyCDMf5X9B0SsKZwiTyAgAAAFhSAAAACmgBB5kCzX9Ak5LdgpLS6QO6-klTcVTc2BGubfMY6-CSnAjmAy5fjU_Bg26_Kmz4GHMZ-a2bfOERXnV6um3mtOwJbD5oO8E3bokDyUD6hKAUjfUlVX9BCLAG_axiPBt2NObKXc7UJbwl2q34nIFR-XfK-_Hw0zSd2Tf3Tc7x7KRIQfvD_wP3Q47gHq68m4ITtasfetTomcMhahjJ1opWZ3JkeVHWHBpT6E6yaE6jz0mL1wzAufD_jxr9wv7P3NnaqaOqAu7hAIsB8c5kCbpqv607C1bfFoC1Lkx8DJJSFUDRP58frWrrweI8BRaRUfaTlWXL-2avrXVjC0MFh879cpxeNapgcgsVeQ6MbmP3yi-FUzElTITi3qtDcIEd5VWz9Z-dy_zgE2z9Q3UsGJXJX2E-GeURY-j52Ryy96t61Cz8kBq-uAM7jhfgAMfqJ6syfrmYLljfEoi1yOSzc92iUbw3DiUubqr2XwmA00JkTlt9aHhbRBJyxPj3aFX0vN3QmJoZ9fqLGebyugMtoxDBXOOJH-0yqa4_F7exMqaMmWjD_QG-RtBxNYJ4ZLu5JCiWPG7l4SFlLBrYjaBK95OyKmW-M7Y8ZUOVQejG4e_-DWR1BXsFLWVq-ydQ45oFXbHhunjTa_RCSnd_dnpeiv7Q0qy1-UfMTavd29i2jgxHiVFfy57vQa23JOxyumj6RTeRihxFt2BZpglHL1Bto4y5O7rOnZj4fPS-xNUch-pL4jQ_awz7U_sBOQw_eGX3nuaUFjTwcxKtyCka7nGJjkVoeVMoREnPNvCu4HtzquXMBPwAMySfka9KzSHlv_0jg59g9r7L8Sq5R3Dytr7QEFbZhZtZ-3gza2bhXgwWrUSIgKH6FGaIpghLBUQ_Rzm2hPwbILuFYQbyq1lV17Bq5FNFYAZ8353u63JZhmPUEso1Pue9hrcxQQwHgVNp9zBVT3HLSUN1Qg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 container.html Show response
4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F73 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:24 GMT
expires: Wed, 04 Dec 2024 21:21:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D7C6 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:24 GMT
expires: Wed, 04 Dec 2024 21:21:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38F2 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:24 GMT
expires: Wed, 04 Dec 2024 21:21:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ACD5 6 KB
3 KB 13ms
13ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079947

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:24 GMT
expires: Wed, 04 Dec 2024 21:21:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701811282338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1853536201.1701811284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1701811283&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&en=Desktop&_ee=1&ep.event_category=LGPD&_et=231&up.login=Deslogado&up.subscription=free&tfd=19205
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cifraclub.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8F73 4 KB
1 KB 63ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 20:08:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36EC 14 KB
1 KB 53ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 21:09:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 36EC 2 KB
822 B 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 36EC 24 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 19:50:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3091 143 B
166 B 19ms
16ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 20:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 36EC 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:46:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD65 1 KB
643 B 25ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 36EC 20 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:29:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36EC 0
0 29ms
26ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIQ5yphUtNAo6hRsjPmpTQRpFJ6bOJlhJoWKH7ngO93kTmIFLbVdImwMOzZJtS_B3VW05M2Ip6TyN0-9IWgxVALkiZgQ
Requested by: Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36EC 202 KB
64 KB 170ms
103ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 36EC 37 KB
15 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 8F73 22 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 19:50:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8F73 205 B
500 B 17ms
17ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:58:29 GMT
x-content-type-options: nosniff
age: 98577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 17:58:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8F73 604 B
695 B 18ms
17ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:38:28 GMT
x-content-type-options: nosniff
age: 63778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 03:38:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0BCF 624 B
242 B 70ms
67ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNWLMNsGvr1i0C-Xj6JcshE82VVAOzDNh8TW03KMwm9R-TOS7QciUBo6mWWrz3GKPw7AxBh2YxhJY_pdpqqAQ33Q9tWv0HzEJ2iVs0DEopW_B8BBj0KX7eOWfghKeJStaiaIktfeuG80JORvfkk5eNZrzAGX_FbepOIRtNxCxOLKiEn5-Vc

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D7C6 172 KB
60 KB 148ms
57ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Origin: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 11:48:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame D7C6 7 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:44:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame D7C6 24 KB
9 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 09:08:40 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D7C6 41 KB
14 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame D7C6 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:46:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AB48 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame D7C6 20 KB
8 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:29:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D7C6 42 B
63 B 53ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Aja0pw42_91vglVmnR5HdO9N9S8N0Kg5A4olUhpuv2jxHEzzv_V1wqSTifOAmvflWkQzLG7dGY9VCfYcxCnxZf60H63SYjMQGQ_j3QM6dXBmnPy3g

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D7C6 0
0 32ms
31ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4OXaB46tYKa9BJmeHy7iUl9_VcnSG5COSCTKqblsidbUar1PjXF-WWL7tx7F1DHdioWCFMxU5odqYUxsE5nrJZCwqIQ
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D7C6 202 KB
64 KB 167ms
133ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A202 624 B
242 B 63ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNVIFnGHBiNPDwO7ziydcixv1fQ7oZaj-hPI-qth1hqjd-VTmV9pxC4gBnwXeRq1XXoL5M_VBWfMWvqs0oddls5O0X2HTfhyo6TmyDBA9zcnESvf4qK52AHoHqtqu9OFwpGSuFGlTgptMQj8uRWI2TEEoky_f1TCi1KguqsPQXSqv_BzQdE

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 38F2 89 KB
31 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F2 42 B
63 B 54ms
51ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AszLJ0cyStd5AA4PCdJP2UTOfV7sSlJyoYMP_wIc54hmRIETWQ3PXCG1wdtoFjhydQepVhAQ_A_sSvyGGfG8SnZSPc4kDx-O7GDEwPm8y99PE9mT0

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 38F2 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:46:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 38F2 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:29:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 38F2 0
0 28ms
25ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSb-rgDnZoPEO28LCTOJfOgc0lFNu0kVsYYF0UA_E3T6HP0eFtFebLugWosEbH6h-exSJiSuEgzUPf_CXMNdSBtVonarg
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38F2 202 KB
64 KB 182ms
153ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0396 624 B
242 B 61ms
59ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjS75DkATAB&v=APEucNUPBwaQcqvJfXfncOhz_VQLEe9ejMzjz-D-7iBd1-7yrFwdcV9YYua2qhLPNeghCRPkOR0UoXOifgFzpq5qugz5aCkwqeoG_b4vsuDKiNQJ6JZAlVQc41zlXuWgSXsphBZvRZfOJnxxgEtvvaYAcWocbnZrYGogMJBomkB8YkCxgvZbmgA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame ACD5 172 KB
61 KB 83ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Origin: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 11:48:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame ACD5 7 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:44:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:44:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame ACD5 24 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:08:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 09:08:40 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame ACD5 41 KB
14 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame ACD5 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 08:46:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F819 1 KB
643 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame ACD5 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:29:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21088
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:29:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD5 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0dF3lfdJHKhXa-aGkwf-nE6ZuXDunpC1AqYG3NrMFeXuPxHDqFlsVmeVRO9SR8PeuKlWobScWKNtiqxzd0R7kov0x2clWlcZXNm4SX6KObqZKquA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ACD5 0
0 33ms
32ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlFuziEMOttfT2iS2PHjdCNZFgdAVqV80HTuNXNi0UbA9d2Q1xOTzusL4pT5E8_Y-mROKLpFeC_8TjRwFyrESrBtgWHQ
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACD5 202 KB
64 KB 168ms
154ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD65
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMs9ZRN4L0RPev61DdKaH5U&google_cver=1&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3u0lZu_KpwYvMD
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA67D940DFD84C4B9186817F2B543DCC&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA67D940DFD84C4B9186817F2B543DCC&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3u0lZu_KpwYvMD

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 21:21:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA67D940DFD84C4B9186817F2B543DCC&google_push=AXcoOmRi2RhZjNv248zGBCP-6D1roCU3GxLsJodS6PKQqZRRxU7EZL6lCvPxAXz_AoHyPSmYBmY9roXJvFUU7o3u0lZu_KpwYvMD
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 04 Dec 2023 21:21:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD65
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDv0Q1CP-YcFka8jQ9sWmGM&google_cver=1&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1V...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1VlC-5rgfvaK9X8M5dw&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM

170 B
188 B

36ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1VlC-5rgfvaK9X8M5dw&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:25 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSFT-AW9rIvsyKg11Oo28RtmVNNYbkt_otnG-KJVdOizMLnqvI83AJB8Z88eh4mKkFffxb75IhRe1VlC-5rgfvaK9X8M5dw&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD65
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWFWZUtcutS9t9HQRfFNyc&google_cver=1&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmX...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmXPigj...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmXPigj4Ub7UUDgvB

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQAicLLm3VNbaPa3gwkT-_dO-Ai8qIR0FucEd07XZ0BObXXCo7C6WfkwyAJmY2kc8EUvmggk0Lp-JCAmXPigj4Ub7UUDgvB
Date: Tue, 05 Dec 2023 21:21:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD65
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSbkI2qaMi52kyUOjmSH8I&google_cver=1&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0gsevTG9QNA58X2Wsa_p6g&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34ZXGZfiPESbFN

170 B
188 B

37ms
34ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0gsevTG9QNA58X2Wsa_p6g&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34ZXGZfiPESbFN

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0gsevTG9QNA58X2Wsa_p6g&google_push=AXcoOmR4k_vn0z-FscZKVjR4vvP-qG0cyP67MY5l87eeyAM845uIj9cGG74V2fZ4al7zMbdbsSER-njC0joonp34ZXGZfiPESbFN
x-host: tde-deliveryengine-production-5989b845bf-22mqv
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DD65 0
166 B 104ms
16ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFbzYzba1Ue8oHLjnB3mqdU&google_cver=1&google_push=AXcoOmToFGLH_XTCk0Vcz8669k57LLDHhPGzyaS04a5EIMX7Di2w20ipe6qVfpHXCbdwOgs_6ln2ED-4vEBnxzRv7gq4MHB6r2mc
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 05 Dec 2023 21:21:25 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame DD65 0
75 B 206ms
21ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJe_0Zuwl4js3FtKTeJ8TXU&google_cver=1&google_push=AXcoOmRQAgsW8Orj3k7Yw_KkAuxnCQ0C4kqeL1yRPyCFRuAhYmPae6_GcZLaARGwrQ6UhtS1tO1q658hgkHGSk7wX04hkx5swbER
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DD65
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59Yu...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59YupMeRPd00_TASh5qOEhFOLR0ln...

170 B
243 B

43ms
43ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59YupMeRPd00_TASh5qOEhFOLR0ln4nGwtqFDgPp40JnYctCfOHE2kiR_ege-5d5ohnXr45R371_PHV8ydNoLfG

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: 17cf8496-191d-4bd4-9791-05495b09bf97
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx&google_gid=CAESENhNQKcS5Go9_1Y2gy-3eng&google_cver=1&google_push=AXcoOmQRRN6Rh59YupMeRPd00_TASh5qOEhFOLR0ln4nGwtqFDgPp40JnYctCfOHE2kiR_ege-5d5ohnXr45R371_PHV8ydNoLfG
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DD65 0
59 B 23ms
21ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvR5PQ2pdh9b8RoEhtwvP2SbcPYXTRxAvLAlv8fKIbp9enMZGsTzJvVRFpQ7w689BQ6pkyFg

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&C=1

43 B
459 B

44ms
42ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNWLMNsGvr1i0C-Xj6JcshE82VVAOzDNh8TW03KMwm9R-TOS7QciUBo6mWWrz3GKPw7AxBh2YxhJY_pdpqqAQ33Q9tWv0HzEJ2iVs0DEopW_B8BBj0KX7eOWfghKeJStaiaIktfeuG80JORvfkk5eNZrzAGX_FbepOIRtNxCxOLKiEn5-Vc
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRljwEBrlIpGuNg1d9M%2Bua9Rd3122ceGR1s1sd3ctZ%2F2WO3qNuH27Tgmchougcbe217wKTB%2Fe1qtNZDEuH1jzsNjN8zEUsaoq4GTpOApJ0iETaS2hQ%2B%2FA69VD%2BPRGW7C5Eu8AODoENO6LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56bd6c106934-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QSkhgO5lVP04ln23V1RT7%2BitRAJ4isLXDz1HkUTqHDfsEw3wiVf2qdtE23YZzjcP2ws9SRd3igOAkgqJVFwOTbzsnlsjvUxuk8uXCzWyXcBV0EjGAjMbOy8G8a13KtddlTMdz4Pt4WuWMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 830f56bd1bb66934-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0BCF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

43 B
729 B

30ms
30ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNWLMNsGvr1i0C-Xj6JcshE82VVAOzDNh8TW03KMwm9R-TOS7QciUBo6mWWrz3GKPw7AxBh2YxhJY_pdpqqAQ33Q9tWv0HzEJ2iVs0DEopW_B8BBj0KX7eOWfghKeJStaiaIktfeuG80JORvfkk5eNZrzAGX_FbepOIRtNxCxOLKiEn5-Vc
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N66tb8rPXKtpgIVbdMlY8GYPlApwB8S7NDp0g8TqTg8OPMLsxVAdRwiX9PUKnXolBB0Ra1IQoiNRFyA1GlMyqwwfA7pb9G6DxVizLtCsN8or1vyv9YEIpZdQzW7jt1kqqbs%2BjDp6d4Cxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56be2dfd2c6e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0BCF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

43 B
839 B

44ms
40ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjIu7b3ATAB&v=APEucNWLMNsGvr1i0C-Xj6JcshE82VVAOzDNh8TW03KMwm9R-TOS7QciUBo6mWWrz3GKPw7AxBh2YxhJY_pdpqqAQ33Q9tWv0HzEJ2iVs0DEopW_B8BBj0KX7eOWfghKeJStaiaIktfeuG80JORvfkk5eNZrzAGX_FbepOIRtNxCxOLKiEn5-Vc

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: 3e26c23a-33be-4171-bc5e-c5a4349adb88
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BCF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

170 B
188 B

52ms
52ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: ead14dbe-d820-44bd-b58f-a6f39c4f2b06
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB48
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPwoOIjIUeQkcIWn0v5H4ZE&google_push=AXcoOmSIO3avv8HhS6adc3Dwe32IeP1M89OudsUrihtLlQMjvUVdV2QDCr...

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPwoOIjIUeQkcIWn0v5H4ZE&google_push=AXcoOmSIO3avv8HhS6adc3Dwe32IeP1M89OudsUrihtLlQMjvUVdV2QDCrxZ8vyN-dfW075YVsiPt2EfotlxMfJTeCWiIhKR0Yn4

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230136-FRA
pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701811287.824897,VS0,VE98
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPwoOIjIUeQkcIWn0v5H4ZE&google_push=AXcoOmSIO3avv8HhS6adc3Dwe32IeP1M89OudsUrihtLlQMjvUVdV2QDCrxZ8vyN-dfW075YVsiPt2EfotlxMfJTeCWiIhKR0Yn4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame AB48 0
119 B 115ms
36ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN7XpAeeYuzCsFonzVGekvc&google_cver=1&google_push=AXcoOmTKyvDpgTSLlUVLPXNkVGZBr3aUR_l5nJz8dzLmgBvZ7NNZjLLrOnLLGKHLQfZAIw5l0x7-6mSlXuLh642auYy4bDAFa6GH
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame AB48 43 B
145 B 191ms
20ms Image
image/gif 18.195.149.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFvETlRAKabb1JTM-NYEm78&google_cver=1&google_push=AXcoOmRFCbmlfZUGeeavGqgJVlJX16Cq0tCG-aSUDnmFW6w-Qj2wG8p3ksSYPfRDpgnRdLCHSswjuXRvoUK3pxufj_JSemyMAF2_
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.149.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB48
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEENCZW8U8K-jdAGIK_ShSOM&google_cver=1&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEENCZW8U8K-jdAGIK_ShSOM&google_cver=1&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc1MzIzNDgzNjM4NTk5MjAxNA&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcn...

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc1MzIzNDgzNjM4NTk5MjAxNA&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY8HSvz-zBIWjzKiwT-av6

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODc1MzIzNDgzNjM4NTk5MjAxNA&google_push=AXcoOmRgVy4bkmCmiYjehAdRWFD7DAMA1fTihOzrN7Eich3wYCvZMp5_TYrajgc9FYvmgJ9s6KHbcnAY8HSvz-zBIWjzKiwT-av6
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame AB48 43 B
236 B 110ms
32ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEApNCtu0JThH1NKPM9reIN0&google_cver=1&google_push=AXcoOmSjWRs_pqJx2j7WtRIWdQ_Et494AgwkcG3jp35_SUlbWQsSz_R6W-F8sa5nO4yeSxbrsIOYqzD_I6A8EpWikl9ro2BnPuJd
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB48
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAho0cyemSqUQHRlvDMJUF0&google_cver=1&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAho0cyemSqUQHRlvDMJUF0&google_cver=1&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1&google_hm=HxbBtGZHmjIwYT-jSAGbuRDR

170 B
188 B

27ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1&google_hm=HxbBtGZHmjIwYT-jSAGbuRDR

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 05 Dec 2023 21:21:26 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTpHqCyz6tLwb1PeIf9ga2nlOMdLic1rGSO7yu71i2IqftaoLocK5CjhzTrQCYzKvwMpxPjpDGkke1XT5Mxx25WfXyzMup1&google_hm=HxbBtGZHmjIwYT-jSAGbuRDR
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AB48
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

29ms
28ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRXbm2T5fmxZFElWx4dtkhPzGBIhD2IXCZsYPHboKWQ19YtG2j-oVXAKSuwp2lI_4ccxG-oelSVOiBFmDiz4aM226S9Z4cD&gdpr=${GDPR}

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRXbm2T5fmxZFElWx4dtkhPzGBIhD2IXCZsYPHboKWQ19YtG2j-oVXAKSuwp2lI_4ccxG-oelSVOiBFmDiz4aM226S9Z4cD&gdpr=${GDPR}
date: Tue, 05 Dec 2023 21:21:26 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AB48 0
40 B 26ms
25ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LpdXeFMdziei41N8YDf4-jiV11YWenz0vcVg6dsqmyst381m7yf7haP26X4LI1fj6iuETMvA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3091
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
60ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
expires: Tue, 05 Dec 2023 21:21:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A202
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1

43 B
429 B

47ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNVIFnGHBiNPDwO7ziydcixv1fQ7oZaj-hPI-qth1hqjd-VTmV9pxC4gBnwXeRq1XXoL5M_VBWfMWvqs0oddls5O0X2HTfhyo6TmyDBA9zcnESvf4qK52AHoHqtqu9OFwpGSuFGlTgptMQj8uRWI2TEEoky_f1TCi1KguqsPQXSqv_BzQdE
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxgJJx%2FjEBUS0xDxYNZ1nisv%2B%2BjdGGDjQRGv%2BEAAZTeqdq793dsoR5Kk2T8H591CfsYCDKoynFXKpv7B2UojU9NQwsGPALRDt4GY%2BcBLi2Fo0%2FX0uFDlJ1U3i2pbhiGbKmnb9oCxeqrZdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56bd6c0a6934-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A202
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

43 B
739 B

29ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNVIFnGHBiNPDwO7ziydcixv1fQ7oZaj-hPI-qth1hqjd-VTmV9pxC4gBnwXeRq1XXoL5M_VBWfMWvqs0oddls5O0X2HTfhyo6TmyDBA9zcnESvf4qK52AHoHqtqu9OFwpGSuFGlTgptMQj8uRWI2TEEoky_f1TCi1KguqsPQXSqv_BzQdE
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfHIwoZ4%2BF7xCpznn9ASZLPXkQhW5pPE9C%2BtXtMn4XYIKSGQME428lOlI1Q%2FrKrtlVJjgWbjunm3b7z6XSu0fXawTNVNYq%2FvilfXeZDTinwYYjb93YfHzUdMCrqMJAozNS%2FbIwG%2BKMN3aw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56be2e002c6e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A202
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

43 B
839 B

42ms
41ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYlu_M-QEwAQ&v=APEucNVIFnGHBiNPDwO7ziydcixv1fQ7oZaj-hPI-qth1hqjd-VTmV9pxC4gBnwXeRq1XXoL5M_VBWfMWvqs0oddls5O0X2HTfhyo6TmyDBA9zcnESvf4qK52AHoHqtqu9OFwpGSuFGlTgptMQj8uRWI2TEEoky_f1TCi1KguqsPQXSqv_BzQdE

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: cd5964c7-f936-4468-90f7-0de70fbc665c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A202
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

170 B
188 B

51ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: dfb48ea8-3564-41f3-9aed-bc074df05638
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0396
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1

43 B
328 B

48ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjS75DkATAB&v=APEucNUPBwaQcqvJfXfncOhz_VQLEe9ejMzjz-D-7iBd1-7yrFwdcV9YYua2qhLPNeghCRPkOR0UoXOifgFzpq5qugz5aCkwqeoG_b4vsuDKiNQJ6JZAlVQc41zlXuWgSXsphBZvRZfOJnxxgEtvvaYAcWocbnZrYGogMJBomkB8YkCxgvZbmgA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emp5unvbkNWiOcynrMZfUm5%2BpI5mNoCLUh5I73d7tnIIgCarhGZ%2BGReH4kk5Ia0dC3SFxx9c9YnRTG3GT4iKsW%2FCZvA%2B33g3lglzhWtdM1enJGdSXM5%2BRmc8hdDgeXBisaSlTZYl4L4r6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56bd6c0f6934-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0396
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW.UVsxbtRbuA70nyNMN7AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2

43 B
764 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjS75DkATAB&v=APEucNUPBwaQcqvJfXfncOhz_VQLEe9ejMzjz-D-7iBd1-7yrFwdcV9YYua2qhLPNeghCRPkOR0UoXOifgFzpq5qugz5aCkwqeoG_b4vsuDKiNQJ6JZAlVQc41zlXuWgSXsphBZvRZfOJnxxgEtvvaYAcWocbnZrYGogMJBomkB8YkCxgvZbmgA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GATGoQiUA1qofy4Z%2B1E6s5LShFZCZVXH1gEons5tl0qnm31Sk3yntITh55ftA4hhcioJKpirmxX8uXnaeT7EHzOYpQprBDc5ZL1aePsUyH%2FPcbnvqmj1AF6eoQhjsmdcNLwh8RHutPx0XA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830f56be2e012c6e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPN9iWU0BBu1zGCd0_11rEM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0396
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

43 B
839 B

42ms
41ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjS75DkATAB&v=APEucNUPBwaQcqvJfXfncOhz_VQLEe9ejMzjz-D-7iBd1-7yrFwdcV9YYua2qhLPNeghCRPkOR0UoXOifgFzpq5qugz5aCkwqeoG_b4vsuDKiNQJ6JZAlVQc41zlXuWgSXsphBZvRZfOJnxxgEtvvaYAcWocbnZrYGogMJBomkB8YkCxgvZbmgA

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: e46769cd-b413-4da0-a575-d1e4d352a503
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHe9KhpfZ0XtMVFeYdIB4Dg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0396
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
an-x-request-uuid: 83069d58-0981-4b1f-94ec-e302a48d9e7e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg3OTE2NjcwNTgxMzU3OTgx
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 61BE 38 KB
13 KB 36ms
35ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 119701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F819 0
173 B 67ms
35ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEN7XpAeeYuzCsFonzVGekvc&google_cver=1&google_push=AXcoOmS0snpo3oUw61chuqs02Tn24mLascEgBy-EbMiGTEvWUWRfmikGGLz-ZpoD_df_eyvxJb6tgGXVjcdPs-RufJ7GmNeAm5o_0Q
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJSbkI2qaMi52kyUOjmSH8I&google_cver=1&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiC...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ti3H5oVtT9E6uun3PL4DVQ&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiCKXH-RlAzzTp6YA

170 B
188 B

27ms
26ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ti3H5oVtT9E6uun3PL4DVQ&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiCKXH-RlAzzTp6YA

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 21:21:31 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ti3H5oVtT9E6uun3PL4DVQ&google_push=AXcoOmTeYcrQb0U5Z8YgJ3F-OvCQbuDvofd6tr3GIs9p-NHC0Gz_irb4_pb15N86p5punxw96Q5wa-lb6CYJZxiCKXH-RlAzzTp6YA
x-host: tde-deliveryengine-production-5989b845bf-8nm58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame F819 43 B
146 B 143ms
19ms Image
image/gif 18.195.149.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFvETlRAKabb1JTM-NYEm78&google_cver=1&google_push=AXcoOmRY0SEZkcC0C9PSOziFnv6N31yQVUh7-v1FYRQOPDembDOdfJNR4rwaYAy0n5Wo12iWI6LfSWyQOiUX10tk-DzHEl1s1zuc
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.149.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-149-147.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIHiLagTsHSUtuie9_yaFo8&google_cver=1&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmPY0ydk&google_hm=eS13TUs1X2NCRTJwRy5mbT...

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmPY0ydk&google_hm=eS13TUs1X2NCRTJwRy5mbTI3U29neGExODlIMXJWY3NyQn5B

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 05 Dec 2023 21:21:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQk9o3cFP1t_4WPahNVpX9Kk1lYRTGx0QwILnWVnwcB6vhE-mAYUlR5Nwf4rkGX51S3ScgdK9ii1XReC40hfFdrnmPY0ydk&google_hm=eS13TUs1X2NCRTJwRy5mbTI3U29neGExODlIMXJWY3NyQn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIG8XbjEd1EiLAk6gl08WFU&google_cver=1&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKah...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIG8XbjEd1EiLAk6gl08WFU&google_cver=1&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmK...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSpvBP0ltFT3-aHa6OWHDs6vH2YoEiEZSCypVNrCZNU23dz4GonmTy7nP9oYPeWE4TkyLh48qam-vHzRLc8toHmKahXvflj
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F819
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAkd-Egc0Sg0kYJo2LFHuag&google_cver=1&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_l...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBTVUhZUkYtMTgtQlE1Qg==&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_lWjlF7h-2yDT5F8hWDDx1NvuXXfA

170 B
188 B

28ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBTVUhZUkYtMTgtQlE1Qg==&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_lWjlF7h-2yDT5F8hWDDx1NvuXXfA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBTVUhZUkYtMTgtQlE1Qg==&google_push=AXcoOmQIM-gTcP5WId5_EQaJ3W0XZX6IJl-7brSOiaM0NhSu9rDiGea2gRXZPZeqylWaa0p0n_lWjlF7h-2yDT5F8hWDDx1NvuXXfA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F819 0
75 B 149ms
23ms Image
text/plain 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJe_0Zuwl4js3FtKTeJ8TXU&google_cver=1&google_push=AXcoOmR5oqOAjdgqh833apjyyxfAnAcHsuxypoyFLr9Q0ParPNk19lz_barkQ1ixiJkSHT2xdLOtuWxxz4rRii6ZjNVvWU7-3ksybQ
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F819 0
12 B 28ms
27ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ICmiLErfYca_0rMFUb4ofHZLWVLd6WYWjRhml3ysGrtLInz3Y329ZKRvYgTEtByQy5UVBA

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1E99 38 KB
13 KB 19ms
17ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 119701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D7C6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e51ea2c41218cabb0327ea9908d3dee73fe3cbefc62dc95a7d72655d52592a63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F2 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5833009025200&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F2 0
20 B 77ms
72ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5833009025200&version=m202309260101&ct=76&x=1&cor=16011766714365563000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 38F2 92 KB
38 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ5OutzE0FG2bhrWT2rIuf5afh41YyHDR-3PtF2BNs6HXlTbaBGJlib3R8dWs1iKIXAQmdVJP_TsnsrJlezlQeER5XXp3jRRvSXj354tmaIlMr-CpT-kZkj6-M-Jma0R3v0s8ee3X8hklzo34_7fwQTEpkFk8w2qciglqDuG0JisRhXiY&dbm_d=AKAmf-DRmbeDXdAzDpdY9lDN1a78MznFl44C_q-P-iaSBz9qV5gfFbfwYdq-JJUhb1FzT85R38gw9lfp0cFNDKN1ZLbBe6ri7I8XNkoccxqVsFdS8NHzjQqQZPU0RgXPKOVOuyeih7zsGxUNfqyPiin8A_DPdZX7O_oZusZVBZn7CJ48AtPYuLr00xGmQ5oEWyVQV6JGstfEdeWOMi3IrCnfgQbUEmfYg8pOMVTMnpmNU7mbiGzUtCFvoAysKT1X6iTtgnyGmAwa4_mOt0RJCub0NXmxbSeELAcDIfGAMeDnYDetBzSPW13V21hEaRIDBVNgV_0uXueYZMxkQl5et7ZAXpPyV7AlOrdH3s4fXU3LGNNhFm0IZQyJocRUqNga64LgXq4EDZHt52qyRXwlU6e6EaZw8PyNUWGCpMPuauriPs-pSP_QKmOGvhzQbSHRi_nlbH1OXdxuib_wsFy4qlbrGXGFC88bTwuvKI45g_rTXUtw6CMJ_Nh4uRQ8QWJwPXtahM_3YszWA-x8A0hZaywJvOv1JeRqeHc3LUKGlh-RflpSMIgxN0o5LpT9L7SIMWcct_EWVE3Go9s2OV6qw8zJ3UytykjswiwgO_Q8hAqw881OB1joG3mAiU3Ucz94xarbFPFYHvlOtWBVzIWPnJnB-6ZMhAtuHYkz9jW4oVIr1NU1Smz-eBbU26gC0jMjAvbkR_Ky0h5Ys96YvM9pCrJImm7mrXyvsSdrLL9lNYoWKRl7-A418tAZGEeHqlroW5FlEsn0ELLFpGafD0ZKYAl2tuzjbenJHGIBDeG_jG1vP4J2Wx-5XIvptsfX5vOsfzfhuCYfVoqtg2ccbTuCAtwrnv_b51HshjU1QDoFiTJL20VssxAcut0JkYWIYQ-WvQ3EngwWV59REjAU2DDwjXtNLi0aq7CwSLGxwJwUtqPBqJ4Y-dWUJJX3oLH4v3fZt2xb4O0CmEOy3vFDUT7PvoQieSj51the-EjMrhQbuV0BoDTy0H62hvL32tuISmmotFieWLqGvtR4GM_kmLS_hwrB7RqVkpVuYIW1LmTkQ7xVaytvdWppN3QSrcOGXVieatPq-fytGrFtrZLjN2jmDXFnyv0s0VLdcn9o0oJWctAMANCdwpTQdhzkHue6-u-RInTpbPE2cDNLG3IcyIjxnB6EzHhH8YzQ27VTgGRt7GfkvnRvw2LcKYv8X1ADDJVRm_qTFGEt6Hf3Fo9xF43fIAYUWFRwKzpCxGLyDcFiK7R_d6c6Q1_BqoHiUadRQbPq4RvtQ_4ZQ_fG0Dl3CrIwLDVoS4UYj6gn7bjuKyoJM-uaW-6mtliHMzDGhwChpznTIpNkOCQFv8buxmhQl7Gykuwf6DBCrHc1JTDuqcUgUGbK4sUsv79_tut6kfDOdmYDUwnIbTPt7IxOuYA6e7nDmpvLnqsqm8Q759KvauRguAXuTqAelL25alGGl6OW2wGt2re4t_TbysuLUfc9JDlr6TqwoNnaNdhPFQMv9PQH6Yoo6sujFAjocur37c2MYoTQo8Ad5wnBd_sTasRZtPd7BM2X38sFjA28PiPdlgoE0SJbSp7AFLLPHq9Uw6J1kj5WbPpKsn6QFZlcJ3Om_9F156Eh2oj5ag2mjKkoMCdeHFEvrs3GM-H6g3SMAyPuszFLh-KFH6EnKcWqPN4LVK272iHogNdpEdYf81nBxKC8Z1ZsP1eckZ7OTSAs1fRTngqJRXwjWFuTsbxWb5pjx9-ADHahuYIHyr-GVw1izYLCjA8lPqryX541vI7vZOv6g5qVkILcS1ANftwNSWWcOupDE9T-20kc-2no5sb3jovk-Lmo15zpm6oWMV1S4ATCHew73LQXPzizapKZME4hkWVKnJ8-mPcMphriJ2XUEj6rO9HmRE3B-2f3O9FmNZgrT9zeS42SP7XREmdfvN6ZVdhHoqWzi8KdsHYd1WVxbKZct8Sc5UXO_XpFQ6iXLNtehhxKyUSzFEOGf6xzVYMlSl-BUqPUXjWO5Mhbvctyg3mRAJPym2hdeyp7l3SqQCK9KJ7FLowulqTfBFkoJSll8vgGGF4CLd-nRoQoydAbj8UL5aD1w_aDPF4QsWqGFg_DTn5hJNFafYo_y0Omrz6v76UjtGXX4tEJO1cNgPXR_iQyL51ISRQMajfYY_GYVF_URawx3VhOmjJJWXBQe6kvxSH-ELQeQmKNAh0pfZGkIbRdW25al1S-GwYmydhMyGt4b1QCdlcyUb8BoNjAmWNJAonPGlvyblOko8JAWPb_5OluK4qTglVm_NwSZe9avyS9L8cz40fCeWwEs3zJ0StWrizU2nlCe5o1iNvdPDSUWX0BOo_qAcY1lQvt9Q1ZVNdvKJh_w-0mJHUkp06Lb1yALR6UCBJXx51JQkbGudj-MBnyVodwzdc-QBBUDfQrUweP75etGSO_mHG8r5cn2WT7YAu5rDQSd4IY1NvtFaplSizRkQtEgp8BM7D1-2CdgRw_YQJBBaNa1h87qbQ9F9Tb7SdjkfpIQiD8uIbB9wn_THTlz_NGF7QHcnQ3TyLhkvP_VsYazgGojly9jLB2Ob9w9LxJSY8ht7YiTbzZMqNYukqD7w7g74fMnujcVtx4NUCkW-An8SRh2JTrIqQYXXrpPqYwgyhCLzlqUX_iIdB_i4I4ABQRSZpt6KXZOgmzT3hUD77V9I54caWAYDppOVxRSLeecD-EoRmBD3ya1rcphLyRp4fHSwSeJUXvAp3_zOvscOGKxSTAjKzUQZCjKapAtX65yQ53rvRlHokeWGk4jHtI-VaXske-jKSZXpZckY6WF3XVM6GFp0j2ujqobVbwc9OUI1T-aa3O-FmnkqdEz_ROiWjDlTVHw4ztXP58hfmq7wdGGEWIrQcv5_1rJla3n7ycYwBylpLOMZAS1IVY9WYXEkOyaofe303RLrvWbtfSSt5FTP9SngVqPblWzKEvqBilqaSy6dMBqacWRGRFFuuNHIVvMCVHTtjiztfFfZos-uRTwftUWREcLIhLp1t9RcHeCCME-h61PHSyi4Aedymc_IiGmlvPcvqGG42uPRjxNxTUvmHOq5SZK6fSsbV9BA2SgdYEA8n_qbMhRtEkiUjmN8NwAJbZY0FZ2uqpJWjqvZtf-zjrpNHIFFcJ68Y5UCEGlwADh69oB2ucDxw7EN7zpFAOLTNkk-NjQV6GlWeCejGiGuFHMVcWqIOPwE7hy6CwbyLmQ-DqyhQNJZqE-4cXrVdViL46qQLXs196XOtlnCbXvmXd0Ak9CPfiq5UwfZxS5Hwny7J31j63WkDdweZYaoONXeHvhgmM1N8JYXjhvSKlt6p-a5iOcGo7q32KnM3V3EgKyM0zuAwEyYyM91qRw2yz5WqlitbQz7fWL3pqWw6hp3KU0CTU3Rii2h2iipQsNNMOyF8j3minhbhyVZ9JGh6zFf2yjMEoHqC1Uz_1L-UrvOqzGQDBbdYXfUoAzNGvt9Yj6XtnSFLI28VwcAx4HbXXzv-wVPbfHBNj9Qvp9hPXwYkSAzRCBGqYWG9QTHJUELBXxzP1alevlDQbjkadpF1_uMh3JkHmU4J7VAeXueWlmxkNN6i0RVUIYM79WckdUQ4bDqefD7aGq6xSVVJPKYGMDlJmedkI-9RhL20mLER6VO4zAQuzZUQ5evlBTbc1QTxfXpDCD1r1f-SBoXIaM4luSLXupOBEjPk16CVW7zRmsnr2mxTVfWdVayqFFMxpJ6CuE0qvj8TE9jVvdNFEAfMf0oBo1tQ1_YK1go2NEWZIsBmcW98TXtmQ2QAYC7Ept6lIh2DO7CtNPKSg6JP2trgwhqlqR31bteSGOiKbliBRFZ27IxDFfO9CgIjzjXDU2vGPfnLdVi1-OWo-9Hf3j4TUR4ncoyoUeefTpcLFm0zE7OhIxziVZYgyQfLUQVHAHgnPCfXUQEBl58hDRhqUeWbiYctxW6S3YsQwuYaZdN2zPJEAvaj5ZoUfu5wt2dCigFwJcOqZNWMpS7zBsKFxX8g4NniO1pEhsaU&cid=CAQSPADICaaNdlkk78iJmZIdAZSajFXQFLwkfgIzws5nzKPzA81WVSYXfYsy7hkC7rXdg95I0-Xp9dx6jkOUSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=16011766714365563000&adk=2086295848&idt=87&cac=0&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a8d45ed5cea72c3018e5f1be32a523ddb46c5c3d89378fbe5d8add5dda664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39376
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame ACD5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 690de810b3dabd00d2e1e316a3fe23f5ace6e271c8fdbd21d25913cc8298f296

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 RTL_BSF_MediumRectangle_300x250.html Show response
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/ Frame 1E3B 3 KB
2 KB 92ms
56ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eca15ed8bf2f10982f2e64283d88c4f04f406f386a579612487b3db7688b838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1542
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
expires: Wed, 04 Dec 2024 21:21:26 GMT
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame ACD5 0
0 116ms
61ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu26fc1z4ED2WKq2q0IVT7NLTAlHmpxDo8WADTHeXOw5o2l0yew9GD0XfYjG8tvvoSKvZliOh_rrTeDL5wWmkpe3hSu2pEff526ldZ4S7A_vpE95_xXnCsG5M20ZQwjjUED3zvE8TPjX_4Tp31Zz38MwcrE_WCElvJzJmtcSEwz-Sz7ERtNbscdkphS33vXMp2UWr5MJ2EwZUKwIiHI46zydWdVbwwAQZtV9GCs6nuDa_Bw6r3Jz_MHRKM8cTrnU1_jLMt5TdZWDJz_U6RiE8zlo7z6V56bUn-OYhUrYMgUinMxPTML55fekawpGAN9l2IZpPEQtQtWkwkr-w5VRcMf89FqVcMUXO-9wLJPq7Vvz4IfhMDrQ3MLDDSz3xcl2wq5qp15nVk6qwwbvEKyj4_U1w8RcvyAoyrl-zJIvuDLjjAc7qkTjsF4pcw3S-42m1k3yiwRLU52tQZotlKD-ADKKVn6wLp2DjQIij5QiQjUG8TS1r5Kjtu4uJkMiDovVlHXsiqfceNAZqFPS3THsMTnpmaf7_jAPlS1Q1lkGBCSrxrTNliwdtEfB_uflf85y6XD198i2HA92-FJpWQ1Ux8YL63AoJA39i8bkaXShwyY0bw8JOqexC0egMWdhD4oCdwHgv84OS9Wz71CY7rTvtsxlIoIZniPp8d6nuZtWaLrKzSpIl04IswZp80otkQqT2YLwgeNDU5jm6OZJJ7YmaODOYAsoDPY0L3ROpDAR9pBjJOeeHAaMPJjVUtMe_G-Khp3sc64osotT5NEJcZA9gAUXqU_2zHyMpRM1A-YvXGMi-1wils7hsgcqHGJv3kWeoFBZ8NKsvGG9M0HtuLJx6EwvSVKNh6X-F59eld1sd__T0gLnIx8JGWHQSdGIsNKzEPou1Lk7b3TnP-AfmsL88nyozcr5NrXTkEw_VfTkmgGEdmTGJ1Bs5uTH7f4RbR9Q_VKCnL-Egsa5z546UI-MOF1Ac9XtmKTK3aaIFbklvxuSd-mc6fYK9s1iEdlRWQKKO_JB7p13VTSDqpYczCgq8iEzCQVlIK6SPTmgvanAx88caWUlbVhngH9pIVD1zX90aa7EBDzl6WJSQ3Yco5YiTYUNE-IRfGWHKt69kmslyFXR1bYdwFy5wrGKdC0RVw-V8au764HVPgvEId1b7drV6sge1GqlPooaQ54FGauXynK5HiH78F6ttDYgfwDrrjpsCIfyQJMytymCr431_tFvTHFwuDRYZzbT49q7UPQJ8JI83gk41eQCdrLQMeTFsp71V6NplYyrzbzZusiWEma_NA7jokpkxHUIV9DYpxlDjyXJivMShN4bblAygpMMyRCkcyFEaNEPlxr_lSrFQ0w4m0rKj9rdBxMtD6DYg_99AGrYndSR8tRnjIOZUIKrvmh5uW82FMKOwqQam8CMLMiMojio_lZcz4wufyTx21p715FQprGQJy85pX5u78twxvCJ_I8exlDYJn2nIgNNlxDhlkJgQ&sai=AMfl-YRJshd_mkeuEE5CPIprSXzVosXGsH1makxjTGx7OPxyCdvuWhsqHt-bks6wUrZxleiX7idgjScOB37jumy72v3sdGakDoM_N2oXc_NpHwEtquqfcsQ4C97bVMpYSVt80DOb6gl8fwjebBB-0EYRgwvWj5JeblkuiEfg8kIV7M7E5VP2PwGx_5l0RcuETde-NLfRh0I4zBRdGlPeXCzOfOpaAZw9kefzOB1IDw9eaTfbMd1zNRVS01TiWL-9aI5uZiHZQ_SFksvDz1yOK6XPFM_3ca10rtN6NKntLr5gcM0Wcfc5-58BH5euILGfwNczYhjG-Hqss9WNKBQskVaF6GuxdLIT9Pqgotv-ti_x2-uZxqWfTFqm4KWDXHzvmqbbF-b8PBLIW8P3tM11bcD8wiKmiRNRRFMrdzredyP4JeQ&sig=Cg0ArKJSzJoXa3jP4Z48EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=217&cbvp=1&cstd=206&cisv=r20231204.95224&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 320x050.html Show response
s0.2mdn.net/sadbundle/15863219371426971648/ Frame AB9E 47 KB
12 KB 50ms
49ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765b69bd873165c3d661be06ea9202b0f16f9296b593bae3f7ec9cc6168557b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 21:21:26 GMT
expires: Wed, 04 Dec 2024 21:21:26 GMT
last-modified: Wed, 15 Feb 2023 15:43:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D7C6 0
0 62ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv_96loR8SI7_tDnevwPUci0qG-q7t4HFPRbFx3GdejGyy8s-eOvleBjfuyAhGX5rFOUCwNK6V_dMWM1vRhx9yTbwjrdUbpp1tswF8mjBXCKkR_eci8qNiTgBO62JZByQ8zfMEMIAezLiE19bThnPmhFxaSZDyAoogVzpQx5oiqGRCWnDG-9bDBsyr_aczSCKiXAcysxY4N0A4DY2LYWOoIuEKaFhAlg7HQiyhLXWySyFdQDdrJCt9JvNhJ1Uiaqh7b05bo0T3sVW7SmjVKZN-jpSRAxoY_w39GrW4jfX2w9nG0zxAcvIBx7laDQ9F6Mvb8OLEKL2HPDxyDYuHV190SjvUcqx1NaBo_qxi7L4IveBKx2i-KRb2lAU60cfhKsFhIhLIjiTXPKAiOnbNxKpbKU2OQW6aORE2zJz6nlD9g1cejz1oVaqlFmvEzaoVI9p7j63vMrWVna-qlG9GO6hfYQ5B6KkidDyVVvAFFI9IcAJaWibLGLzK1txUwGinvD3mTBIBo-Qam0GcSRxAQ9VkdyeMkNhJIkN9Ov60mJouuuXRxIJ_QAA1awFziUEpDjslHIU1xemOW6mOYB25CdLp_por4SVIEULCLi2h8Opivb2oj70z3Ep75rgHMN1JTggpRzCH80i127eStrNoTvxfwYxb6JO7ZLhT0pcbL4e13tB6d8WLzF5MH7aZ6bwtEDmdSxcq3YPs7kPrntnpo_d84dohKZEPXq9WQEOZNgSxXAIBppytmBqlr2QAgs8g6EEskjaigdV8gkImczoybFjvvNa7bJ2VpM-TEBr6Hpd7i6M8pP1NrFNTX3uTwTmtyz4yeg4gG5Y4Y0YQvmRXdjV9ZtKwltzYdaomps-XJL1WDK1en0ZzoPtD7GYZ9tx4Hyxr0O5QZMDySmvGJq8lgrt_z_OQp3hvifHA4nK4hgx3dfz1XIowklQVtCTzuQd4-U46Wxlapi--xxWVKr4ajXUEDgQzqmUh14S6EZnDAG7ZzMA5urr2soiwioiNf5uMnbkaN4L3UYLag2niyFYlxVvhZnICNjQd6Jn-2xxGK7CVB2MeFB6UJOURwxhe9IFzSg7LP0alUZgCIQ19VKAVFk2pfUKXifcwph4yRT-L3-fqMQIIgjYNR-5QkTddqcKG-Tbo5DdHjFeEZROZLRpwYB0QlMremGO9IZJFujZGmJjNgfALkt1g_BtxLpXzViEmM-FCuhprE84ZIvy6ZhlN2VeclzHIPReBAnSjuNgtPqSs_3YGvzUvolkVWexJ6CBRsZ4oCBCy6RIC7ehqceUK1j92EJx6UqvKHXRgyhoJgfzTY5pVTpMeeiq0d54n6ZTVaKw2quEgVSBfsVnF3qoa2p7VZIw8yvnWzVIinOQCBR6KEijBwDl9TOek8Ci_oVUXmbH_guFmqRxPeRsQsgT5qWQoSHCgDC64mjUDmoylVcrhLhOTOMYYjlsy8siXGBbTe4NbmPmngmmJ29C0w8_Ua-ceVeIgCDJ-XBu09GOAdq5K0E8U9VSw3nrCO0tEj&sai=AMfl-YTATR-SplO7eF0t7g8fxIOqjyl2UuNGiFEYk2KVjORa3qYthc5D25H1WZM3KqXTjWd0BBcLztoCo0TFwhc-dAoeIl7Kl_lOo5QBcBQDnStOh0_V9p8NW08bZO7pURIy5kZp5yEvGHWMdPPdaeL6e_vjoxNOKOmZvx30rfQX3vPiEAY4PTVriu2DnLFz7yAN7jLD6JpQzrosDz1RSqZd5nFa0NEQKz86L-aNB-hF60D_2HmTQnBc7T1Hcxy6977kD0g0bk9ddQmmEgXtjgll6IhN7uegvia6M0wa_ubp46-oMyusQ8qnF8e-ggvg0NGORdu4tuEJe9_tPBemnclEUiFzIsFonzayQK9d6fRyoKgNJOioopNVgNvlK0Sp8ZZiJvipAsUL84Yh7VWVtBJe-q16vBJzUvvZLkHdS0u9nLzGcWCzkQeW7g&sig=Cg0ArKJSzAlpJTgwMsgKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=353&cbvp=1&cstd=346&cisv=r20231204.84162&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 21:21:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1E3B 236 KB
63 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 1E3B 120 KB
41 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 12:23:29 GMT

GET
H3 200 RTL_BSF_MediumRectangle_300x250.js Show response
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/ Frame 1E3B 27 KB
6 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1858ea06acc0048d87a8b645734cfa3ed9a54662bc282d4300b63a0c5811b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6159
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:41:39 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 61BE 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 38F2 111 KB
39 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Origin: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame 38F2 11 KB
4 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJ5OutzE0FG2bhrWT2rIuf5afh41YyHDR-3PtF2BNs6HXlTbaBGJlib3R8dWs1iKIXAQmdVJP_TsnsrJlezlQeER5XXp3jRRvSXj354tmaIlMr-CpT-kZkj6-M-Jma0R3v0s8ee3X8hklzo34_7fwQTEpkFk8w2qciglqDuG0JisRhXiY&dbm_d=AKAmf-DRmbeDXdAzDpdY9lDN1a78MznFl44C_q-P-iaSBz9qV5gfFbfwYdq-JJUhb1FzT85R38gw9lfp0cFNDKN1ZLbBe6ri7I8XNkoccxqVsFdS8NHzjQqQZPU0RgXPKOVOuyeih7zsGxUNfqyPiin8A_DPdZX7O_oZusZVBZn7CJ48AtPYuLr00xGmQ5oEWyVQV6JGstfEdeWOMi3IrCnfgQbUEmfYg8pOMVTMnpmNU7mbiGzUtCFvoAysKT1X6iTtgnyGmAwa4_mOt0RJCub0NXmxbSeELAcDIfGAMeDnYDetBzSPW13V21hEaRIDBVNgV_0uXueYZMxkQl5et7ZAXpPyV7AlOrdH3s4fXU3LGNNhFm0IZQyJocRUqNga64LgXq4EDZHt52qyRXwlU6e6EaZw8PyNUWGCpMPuauriPs-pSP_QKmOGvhzQbSHRi_nlbH1OXdxuib_wsFy4qlbrGXGFC88bTwuvKI45g_rTXUtw6CMJ_Nh4uRQ8QWJwPXtahM_3YszWA-x8A0hZaywJvOv1JeRqeHc3LUKGlh-RflpSMIgxN0o5LpT9L7SIMWcct_EWVE3Go9s2OV6qw8zJ3UytykjswiwgO_Q8hAqw881OB1joG3mAiU3Ucz94xarbFPFYHvlOtWBVzIWPnJnB-6ZMhAtuHYkz9jW4oVIr1NU1Smz-eBbU26gC0jMjAvbkR_Ky0h5Ys96YvM9pCrJImm7mrXyvsSdrLL9lNYoWKRl7-A418tAZGEeHqlroW5FlEsn0ELLFpGafD0ZKYAl2tuzjbenJHGIBDeG_jG1vP4J2Wx-5XIvptsfX5vOsfzfhuCYfVoqtg2ccbTuCAtwrnv_b51HshjU1QDoFiTJL20VssxAcut0JkYWIYQ-WvQ3EngwWV59REjAU2DDwjXtNLi0aq7CwSLGxwJwUtqPBqJ4Y-dWUJJX3oLH4v3fZt2xb4O0CmEOy3vFDUT7PvoQieSj51the-EjMrhQbuV0BoDTy0H62hvL32tuISmmotFieWLqGvtR4GM_kmLS_hwrB7RqVkpVuYIW1LmTkQ7xVaytvdWppN3QSrcOGXVieatPq-fytGrFtrZLjN2jmDXFnyv0s0VLdcn9o0oJWctAMANCdwpTQdhzkHue6-u-RInTpbPE2cDNLG3IcyIjxnB6EzHhH8YzQ27VTgGRt7GfkvnRvw2LcKYv8X1ADDJVRm_qTFGEt6Hf3Fo9xF43fIAYUWFRwKzpCxGLyDcFiK7R_d6c6Q1_BqoHiUadRQbPq4RvtQ_4ZQ_fG0Dl3CrIwLDVoS4UYj6gn7bjuKyoJM-uaW-6mtliHMzDGhwChpznTIpNkOCQFv8buxmhQl7Gykuwf6DBCrHc1JTDuqcUgUGbK4sUsv79_tut6kfDOdmYDUwnIbTPt7IxOuYA6e7nDmpvLnqsqm8Q759KvauRguAXuTqAelL25alGGl6OW2wGt2re4t_TbysuLUfc9JDlr6TqwoNnaNdhPFQMv9PQH6Yoo6sujFAjocur37c2MYoTQo8Ad5wnBd_sTasRZtPd7BM2X38sFjA28PiPdlgoE0SJbSp7AFLLPHq9Uw6J1kj5WbPpKsn6QFZlcJ3Om_9F156Eh2oj5ag2mjKkoMCdeHFEvrs3GM-H6g3SMAyPuszFLh-KFH6EnKcWqPN4LVK272iHogNdpEdYf81nBxKC8Z1ZsP1eckZ7OTSAs1fRTngqJRXwjWFuTsbxWb5pjx9-ADHahuYIHyr-GVw1izYLCjA8lPqryX541vI7vZOv6g5qVkILcS1ANftwNSWWcOupDE9T-20kc-2no5sb3jovk-Lmo15zpm6oWMV1S4ATCHew73LQXPzizapKZME4hkWVKnJ8-mPcMphriJ2XUEj6rO9HmRE3B-2f3O9FmNZgrT9zeS42SP7XREmdfvN6ZVdhHoqWzi8KdsHYd1WVxbKZct8Sc5UXO_XpFQ6iXLNtehhxKyUSzFEOGf6xzVYMlSl-BUqPUXjWO5Mhbvctyg3mRAJPym2hdeyp7l3SqQCK9KJ7FLowulqTfBFkoJSll8vgGGF4CLd-nRoQoydAbj8UL5aD1w_aDPF4QsWqGFg_DTn5hJNFafYo_y0Omrz6v76UjtGXX4tEJO1cNgPXR_iQyL51ISRQMajfYY_GYVF_URawx3VhOmjJJWXBQe6kvxSH-ELQeQmKNAh0pfZGkIbRdW25al1S-GwYmydhMyGt4b1QCdlcyUb8BoNjAmWNJAonPGlvyblOko8JAWPb_5OluK4qTglVm_NwSZe9avyS9L8cz40fCeWwEs3zJ0StWrizU2nlCe5o1iNvdPDSUWX0BOo_qAcY1lQvt9Q1ZVNdvKJh_w-0mJHUkp06Lb1yALR6UCBJXx51JQkbGudj-MBnyVodwzdc-QBBUDfQrUweP75etGSO_mHG8r5cn2WT7YAu5rDQSd4IY1NvtFaplSizRkQtEgp8BM7D1-2CdgRw_YQJBBaNa1h87qbQ9F9Tb7SdjkfpIQiD8uIbB9wn_THTlz_NGF7QHcnQ3TyLhkvP_VsYazgGojly9jLB2Ob9w9LxJSY8ht7YiTbzZMqNYukqD7w7g74fMnujcVtx4NUCkW-An8SRh2JTrIqQYXXrpPqYwgyhCLzlqUX_iIdB_i4I4ABQRSZpt6KXZOgmzT3hUD77V9I54caWAYDppOVxRSLeecD-EoRmBD3ya1rcphLyRp4fHSwSeJUXvAp3_zOvscOGKxSTAjKzUQZCjKapAtX65yQ53rvRlHokeWGk4jHtI-VaXske-jKSZXpZckY6WF3XVM6GFp0j2ujqobVbwc9OUI1T-aa3O-FmnkqdEz_ROiWjDlTVHw4ztXP58hfmq7wdGGEWIrQcv5_1rJla3n7ycYwBylpLOMZAS1IVY9WYXEkOyaofe303RLrvWbtfSSt5FTP9SngVqPblWzKEvqBilqaSy6dMBqacWRGRFFuuNHIVvMCVHTtjiztfFfZos-uRTwftUWREcLIhLp1t9RcHeCCME-h61PHSyi4Aedymc_IiGmlvPcvqGG42uPRjxNxTUvmHOq5SZK6fSsbV9BA2SgdYEA8n_qbMhRtEkiUjmN8NwAJbZY0FZ2uqpJWjqvZtf-zjrpNHIFFcJ68Y5UCEGlwADh69oB2ucDxw7EN7zpFAOLTNkk-NjQV6GlWeCejGiGuFHMVcWqIOPwE7hy6CwbyLmQ-DqyhQNJZqE-4cXrVdViL46qQLXs196XOtlnCbXvmXd0Ak9CPfiq5UwfZxS5Hwny7J31j63WkDdweZYaoONXeHvhgmM1N8JYXjhvSKlt6p-a5iOcGo7q32KnM3V3EgKyM0zuAwEyYyM91qRw2yz5WqlitbQz7fWL3pqWw6hp3KU0CTU3Rii2h2iipQsNNMOyF8j3minhbhyVZ9JGh6zFf2yjMEoHqC1Uz_1L-UrvOqzGQDBbdYXfUoAzNGvt9Yj6XtnSFLI28VwcAx4HbXXzv-wVPbfHBNj9Qvp9hPXwYkSAzRCBGqYWG9QTHJUELBXxzP1alevlDQbjkadpF1_uMh3JkHmU4J7VAeXueWlmxkNN6i0RVUIYM79WckdUQ4bDqefD7aGq6xSVVJPKYGMDlJmedkI-9RhL20mLER6VO4zAQuzZUQ5evlBTbc1QTxfXpDCD1r1f-SBoXIaM4luSLXupOBEjPk16CVW7zRmsnr2mxTVfWdVayqFFMxpJ6CuE0qvj8TE9jVvdNFEAfMf0oBo1tQ1_YK1go2NEWZIsBmcW98TXtmQ2QAYC7Ept6lIh2DO7CtNPKSg6JP2trgwhqlqR31bteSGOiKbliBRFZ27IxDFfO9CgIjzjXDU2vGPfnLdVi1-OWo-9Hf3j4TUR4ncoyoUeefTpcLFm0zE7OhIxziVZYgyQfLUQVHAHgnPCfXUQEBl58hDRhqUeWbiYctxW6S3YsQwuYaZdN2zPJEAvaj5ZoUfu5wt2dCigFwJcOqZNWMpS7zBsKFxX8g4NniO1pEhsaU&cid=CAQSPADICaaNdlkk78iJmZIdAZSajFXQFLwkfgIzws5nzKPzA81WVSYXfYsy7hkC7rXdg95I0-Xp9dx6jkOUSxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.cifraclub.com.br%2F&ds=l&xdt=1&iif=1&cor=16011766714365563000&adk=2086295848&idt=87&cac=0&dtd=35

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 07:34:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 38F2 31 KB
12 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:35:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20744
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:35:42 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 38F2 41 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 277444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame C85D 51 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 10:31:35 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E99 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4018
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AB9E 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 04:12:33 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AB9E 63 KB
25 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:21:26 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 10A6 1 KB
643 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 38F2 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35fe5257282f2034e1a6e6fdfd454e6a4c3f45359230ace8aca978a3e00aa779

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 6 KB
2 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

515b22d89dedebaa6befc0af4bf5b1600e832ffd3b541ee646b21d59e21fbfaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 80405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1986
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:01:21 GMT
expires: Tue, 03 Dec 2024 23:01:21 GMT
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38F2 0
0 223ms
79ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK2Oey1iz10ZYiu8OD61U_tKAxKoM2-YAgGy--7puZQ8jIBdrWEpDLXY8PPp1ZYlFu50TwCBJPK8W_POl4ShCH5zcwRCj0N8JL_nxdocW9752sqzlqG9lCSgyvZm2P3e1KSqS3BdKEBztvdUkQtxWys8bDA2_tgyJBcK7N7fuhUp_zwXNqYo1LTYM-vr6xuqrdh6UMyl11W3VCUvquAO5gwlmoootrZm9TKgg8IIzkeBgg02QmOFv2E2JSFYKWL_nU7ceeTRCIz-n7uRH0VWQeoyT00HYrGU89FksR-pzzwywSnZIPtnAyJz6AA0WbQBmpM9nqHSB2P7K-p2Rld8fknViwuq8v0teKJ_WaWICLgTuE9kPDrd0jKY93WIHANFlkIExrcT9lzhstcVx-6BbnbX7zss9F4AfACVqqZaJLTWHM_AuGESQPHYlK3rAqVLX2uont09TxHG3IvpLIfPeTslibOSnlptJZPXvCPyU0zo2Oy9X7gIFi5s4xa_wlulzV9jfVpifrs9wgJ7bTbac7xNblPuPmLNv_VI14DZNd8Q988F4sfQ_-qZXIj_itDLCWGo2dVNBXxs_smbqYNT1LhS5NaWOCZojz-lUh6ZRroGUcW6lB70jSX0OlUYxPY9NEaSgP1QNHv0KtJdk4z3FQbggqsp7-irw-qQ4NFoNKxGO2xHO169vFvOUX4c-JNNh6K8k8NuS6GaM20dwDPTH-a14U8MrIPg13WvlNIGgfL3p689_FOl-fuJQ4_goBLQdEUg7WeuMYnnAoPBQ2Go_xs6JZO3yaG0M-xRUlVSW-QO1TwNuLInarbPkSOqA-HaMD69X6YjYUIV-sl2DnEkjRbxZljCReCjnRhY2TYgT-zVpfg6pkgNw-1EGsUDopNkFnM5R8VdLRI-FJoZynphtC7lJO_sFbtgU-duCY8RFSH2PDhb8U1NZnu_qHyf8Y0tBTWnBbGESL6HMq7rn8HKhxlrBoS1iur4LkqT571oc6CjPOVJQHpNSxN3rdVZDn1BXCRY7cZHzzudEKXBnbgWEmqsyoEUrQcIUaSQvrjSJ7f9Xg_IxaHX0lzjN11zaYgLQdb8ZtdvYFqFuQ5SfFYaptEf5-tjtDZZ3RCHKTWeu-fn3lpVR3H1W1ozKlJVDvJ-Z0C9bVHmGfQzvaHe-L__x-T4sq-g7hoDJB151mKeeHiOfwtMWilegEndSHoU8VmEOEGPq1t-cO-GQ0VW5G9tWKa1XwoKh7tJ6gmaB0-Yf65VaRbzw2N_4cHtPRbPMShkRE0ocvrxWDXOCki4WpNmW7uI7fPvcxqeIRFcZf6gkgoTBOG7uAe5NrutsYiWZuQgKQUEdiLaGmfLGqOkS4tePvyleajYVbwXO0sW7cPVl8pVYVg6AXrg4D7GJGvbVpINBjyhmCUArCIIO9FvJU6zyY8Mx_k7yUyrJZx-5SM_FptfYMK8nsVbCeOlauGQHJBcRbtMs3O3nP0WdpWCGOa4VvVa-76hI&sai=AMfl-YQCESEEIgKnaFPpFBDvovv-Qiz_RxSyY4anciNUFJKEafYJolJ6iFURz3flvkC6Y4Z4wD4xsBBGjyfXk3TrMs0d0MYzLUj93uyeevGY-0JPQOdzA_g94HijpTiDQjzYIua1Y862-hmeCfdl45PFTOdasN4FBjDI8Ku8C80U-Gf9RHKSQnkzj5W4kHeum3sfNThUFyEX_8FxEmT8QBFfJAO0YMRJdtOElYoRktM9nLpteWWwJI_E8UA9Yu3BaS-Xf4UsQ0c&sig=Cg0ArKJSzGjvxJfDHl5zEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=114&cbvp=1&cstd=111&cisv=r20231204.20751&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 38F2
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202312_es_ukraine_dv_pros_378014208&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

23ms
19ms

Image
image/gif

52.28.185.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 52.28.185.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-185-174.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 21:21:27 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Tue, 05 Dec 2023 21:21:27 GMT
Last-Modified: Tue, 05 Dec 2023 21:21:27 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10A6
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDv0Q1CP-YcFka8jQ9sWmGM&google_cver=1&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_2mflWXyCNnor_oU2-4w&google_hm=Cn1lZK6DRXyDoK6-3_...

170 B
188 B

40ms
40ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_2mflWXyCNnor_oU2-4w&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSUyWVhLhkgpJuKQrbRcFB6ESa0A3WCUIOrfSGXIndLT21krVSioyqXfuW3ibUyvRjFe_m5AcpiMR_2mflWXyCNnor_oU2-4w&google_hm=Cn1lZK6DRXyDoK6-3_Vw0YM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10A6
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWFWZUtcutS9t9HQRfFNyc&google_cver=1&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUx...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUxyXNo...

170 B
188 B

48ms
48ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUxyXNogb9B0oaX_kWQ

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwOTIyMzgxNzM1MTMyOTkzMQ%3D%3D&google_push=AXcoOmQWZXjGrFApzsFHXn27fWSoN7c4RHimOUWUGUrQPydjzuohCCs4SAuDxhDWV7eJy3Qe23mUJ6yAKQsaUxyXNogb9B0oaX_kWQ
Date: Tue, 05 Dec 2023 21:21:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 10A6 43 B
363 B 159ms
18ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQqVwCgRq7wAOZat7vJwg1F3Ji5KXbYtySA0d9ecxYsJkyu4AeVNRGvQQdIbCTq5ci2zDAUKqIylvkTcExl1td5kF2pdCiy2A&google_gid=CAESEJ6MI0RhH_Y0D2cCmiiNowA&google_cver=1

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 261792
expires: Tue, 05 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10A6
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELmIyDtwN6O65HV22KCov58&google_cver=1&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vTo...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vToXCWO6ObrJFuXJD1W

170 B
188 B

25ms
25ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vToXCWO6ObrJFuXJD1W

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTFEpHpmparTyRDQ8mkJg19WVSNG2MUS4drWuP2_O0yN4frODcMKzppd9HjO4sUbgdARTmUIp9Y5vToXCWO6ObrJFuXJD1W
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10A6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEK_k-wysz8uQ1wIGSjIfag4&google_cver=1&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5W...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg5NTYyMzg1NjE4ODE1MjYzMDcx&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBk...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg5NTYyMzg1NjE4ODE1MjYzMDcx&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5Wi5Q

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg5NTYyMzg1NjE4ODE1MjYzMDcx&google_push=AXcoOmQ9PEttAPhYCNW_mp2wqZ29CzfzTKB9MBsxqHn0mSVExzgMMa-TxrXF6CBkLQJ1T92lCdLxkRjmxQnfeVv9GK5vNGOl_5Wi5Q
date: Tue, 05 Dec 2023 21:21:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

report
sync.teads.tv/um/ Frame 10A6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKX8DBBF9Ei6...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTY5bNnwMc7J9GRpnpibVp8EFkmuiwybLW13_B7ekq9nt1FYb69eERfoEXGU-nVkLqu1WKpnjFX_IVy5FqU7SqLs-oNlvClYPs
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

98ms
97ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 21:21:27 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 10A6
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

40ms
39ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7lXk8HuB8zbMw8PTvi5bKBbgYGlBwlYIo781SH3GVAldcfgvfqGIOzR7hmrMdaGtrZlWr3hSytXUcBz3u6Lvuej7uMRopWfw&gdpr=${GDPR}

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=6cb252ed-3c8c-4e1b-98f5-e9f691901843&google_cver=1&google_gid=CAESENRB04gJhbJk-3zbSjQ8l9Q&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmR7lXk8HuB8zbMw8PTvi5bKBbgYGlBwlYIo781SH3GVAldcfgvfqGIOzR7hmrMdaGtrZlWr3hSytXUcBz3u6Lvuej7uMRopWfw&gdpr=${GDPR}
date: Tue, 05 Dec 2023 21:21:27 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 10A6 0
12 B 89ms
88ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1Wd0EIbkJsx4JR3N3CWhNWJu8R7orPcKuLOZeOYfqdGZEds0hwqM8gght9M6s8Wh5EFTq_Iw

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3FD4 38 KB
13 KB 76ms
76ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 119702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 898 B
466 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 15:00:06 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B849 109 KB
37 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:21:27 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 4 KB
1 KB 67ms
67ms Script
application/x-javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1414
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 00:55:13 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/ Frame 1E3B 21 KB
21 KB 45ms
45ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/bg1.jpg

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd76ef26d69088eca49e4128656af150fb0bb34c00d6c8bd9644366874659db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 05:35:05 GMT
x-content-type-options: nosniff
age: 315982
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21969
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 01 Dec 2024 05:35:05 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame ACD5 0
0 62ms
61ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu26fc1z4ED2WKq2q0IVT7NLTAlHmpxDo8WADTHeXOw5o2l0yew9GD0XfYjG8tvvoSKvZliOh_rrTeDL5wWmkpe3hSu2pEff526ldZ4S7A_vpE95_xXnCsG5M20ZQwjjUED3zvE8TPjX_4Tp31Zz38MwcrE_WCElvJzJmtcSEwz-Sz7ERtNbscdkphS33vXMp2UWr5MJ2EwZUKwIiHI46zydWdVbwwAQZtV9GCs6nuDa_Bw6r3Jz_MHRKM8cTrnU1_jLMt5TdZWDJz_U6RiE8zlo7z6V56bUn-OYhUrYMgUinMxPTML55fekawpGAN9l2IZpPEQtQtWkwkr-w5VRcMf89FqVcMUXO-9wLJPq7Vvz4IfhMDrQ3MLDDSz3xcl2wq5qp15nVk6qwwbvEKyj4_U1w8RcvyAoyrl-zJIvuDLjjAc7qkTjsF4pcw3S-42m1k3yiwRLU52tQZotlKD-ADKKVn6wLp2DjQIij5QiQjUG8TS1r5Kjtu4uJkMiDovVlHXsiqfceNAZqFPS3THsMTnpmaf7_jAPlS1Q1lkGBCSrxrTNliwdtEfB_uflf85y6XD198i2HA92-FJpWQ1Ux8YL63AoJA39i8bkaXShwyY0bw8JOqexC0egMWdhD4oCdwHgv84OS9Wz71CY7rTvtsxlIoIZniPp8d6nuZtWaLrKzSpIl04IswZp80otkQqT2YLwgeNDU5jm6OZJJ7YmaODOYAsoDPY0L3ROpDAR9pBjJOeeHAaMPJjVUtMe_G-Khp3sc64osotT5NEJcZA9gAUXqU_2zHyMpRM1A-YvXGMi-1wils7hsgcqHGJv3kWeoFBZ8NKsvGG9M0HtuLJx6EwvSVKNh6X-F59eld1sd__T0gLnIx8JGWHQSdGIsNKzEPou1Lk7b3TnP-AfmsL88nyozcr5NrXTkEw_VfTkmgGEdmTGJ1Bs5uTH7f4RbR9Q_VKCnL-Egsa5z546UI-MOF1Ac9XtmKTK3aaIFbklvxuSd-mc6fYK9s1iEdlRWQKKO_JB7p13VTSDqpYczCgq8iEzCQVlIK6SPTmgvanAx88caWUlbVhngH9pIVD1zX90aa7EBDzl6WJSQ3Yco5YiTYUNE-IRfGWHKt69kmslyFXR1bYdwFy5wrGKdC0RVw-V8au764HVPgvEId1b7drV6sge1GqlPooaQ54FGauXynK5HiH78F6ttDYgfwDrrjpsCIfyQJMytymCr431_tFvTHFwuDRYZzbT49q7UPQJ8JI83gk41eQCdrLQMeTFsp71V6NplYyrzbzZusiWEma_NA7jokpkxHUIV9DYpxlDjyXJivMShN4bblAygpMMyRCkcyFEaNEPlxr_lSrFQ0w4m0rKj9rdBxMtD6DYg_99AGrYndSR8tRnjIOZUIKrvmh5uW82FMKOwqQam8CMLMiMojio_lZcz4wufyTx21p715FQprGQJy85pX5u78twxvCJ_I8exlDYJn2nIgNNlxDhlkJgQ&sai=AMfl-YRJshd_mkeuEE5CPIprSXzVosXGsH1makxjTGx7OPxyCdvuWhsqHt-bks6wUrZxleiX7idgjScOB37jumy72v3sdGakDoM_N2oXc_NpHwEtquqfcsQ4C97bVMpYSVt80DOb6gl8fwjebBB-0EYRgwvWj5JeblkuiEfg8kIV7M7E5VP2PwGx_5l0RcuETde-NLfRh0I4zBRdGlPeXCzOfOpaAZw9kefzOB1IDw9eaTfbMd1zNRVS01TiWL-9aI5uZiHZQ_SFksvDz1yOK6XPFM_3ca10rtN6NKntLr5gcM0Wcfc5-58BH5euILGfwNczYhjG-Hqss9WNKBQskVaF6GuxdLIT9Pqgotv-ti_x2-uZxqWfTFqm4KWDXHzvmqbbF-b8PBLIW8P3tM11bcD8wiKmiRNRRFMrdzredyP4JeQ&sig=Cg0ArKJSzJoXa3jP4Z48EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ydGwuZGU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=680&vt=11&dtpt=463&dett=3&cstd=206&cisv=r20231204.95224&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D7C6 0
0 59ms
58ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv_96loR8SI7_tDnevwPUci0qG-q7t4HFPRbFx3GdejGyy8s-eOvleBjfuyAhGX5rFOUCwNK6V_dMWM1vRhx9yTbwjrdUbpp1tswF8mjBXCKkR_eci8qNiTgBO62JZByQ8zfMEMIAezLiE19bThnPmhFxaSZDyAoogVzpQx5oiqGRCWnDG-9bDBsyr_aczSCKiXAcysxY4N0A4DY2LYWOoIuEKaFhAlg7HQiyhLXWySyFdQDdrJCt9JvNhJ1Uiaqh7b05bo0T3sVW7SmjVKZN-jpSRAxoY_w39GrW4jfX2w9nG0zxAcvIBx7laDQ9F6Mvb8OLEKL2HPDxyDYuHV190SjvUcqx1NaBo_qxi7L4IveBKx2i-KRb2lAU60cfhKsFhIhLIjiTXPKAiOnbNxKpbKU2OQW6aORE2zJz6nlD9g1cejz1oVaqlFmvEzaoVI9p7j63vMrWVna-qlG9GO6hfYQ5B6KkidDyVVvAFFI9IcAJaWibLGLzK1txUwGinvD3mTBIBo-Qam0GcSRxAQ9VkdyeMkNhJIkN9Ov60mJouuuXRxIJ_QAA1awFziUEpDjslHIU1xemOW6mOYB25CdLp_por4SVIEULCLi2h8Opivb2oj70z3Ep75rgHMN1JTggpRzCH80i127eStrNoTvxfwYxb6JO7ZLhT0pcbL4e13tB6d8WLzF5MH7aZ6bwtEDmdSxcq3YPs7kPrntnpo_d84dohKZEPXq9WQEOZNgSxXAIBppytmBqlr2QAgs8g6EEskjaigdV8gkImczoybFjvvNa7bJ2VpM-TEBr6Hpd7i6M8pP1NrFNTX3uTwTmtyz4yeg4gG5Y4Y0YQvmRXdjV9ZtKwltzYdaomps-XJL1WDK1en0ZzoPtD7GYZ9tx4Hyxr0O5QZMDySmvGJq8lgrt_z_OQp3hvifHA4nK4hgx3dfz1XIowklQVtCTzuQd4-U46Wxlapi--xxWVKr4ajXUEDgQzqmUh14S6EZnDAG7ZzMA5urr2soiwioiNf5uMnbkaN4L3UYLag2niyFYlxVvhZnICNjQd6Jn-2xxGK7CVB2MeFB6UJOURwxhe9IFzSg7LP0alUZgCIQ19VKAVFk2pfUKXifcwph4yRT-L3-fqMQIIgjYNR-5QkTddqcKG-Tbo5DdHjFeEZROZLRpwYB0QlMremGO9IZJFujZGmJjNgfALkt1g_BtxLpXzViEmM-FCuhprE84ZIvy6ZhlN2VeclzHIPReBAnSjuNgtPqSs_3YGvzUvolkVWexJ6CBRsZ4oCBCy6RIC7ehqceUK1j92EJx6UqvKHXRgyhoJgfzTY5pVTpMeeiq0d54n6ZTVaKw2quEgVSBfsVnF3qoa2p7VZIw8yvnWzVIinOQCBR6KEijBwDl9TOek8Ci_oVUXmbH_guFmqRxPeRsQsgT5qWQoSHCgDC64mjUDmoylVcrhLhOTOMYYjlsy8siXGBbTe4NbmPmngmmJ29C0w8_Ua-ceVeIgCDJ-XBu09GOAdq5K0E8U9VSw3nrCO0tEj&sai=AMfl-YTATR-SplO7eF0t7g8fxIOqjyl2UuNGiFEYk2KVjORa3qYthc5D25H1WZM3KqXTjWd0BBcLztoCo0TFwhc-dAoeIl7Kl_lOo5QBcBQDnStOh0_V9p8NW08bZO7pURIy5kZp5yEvGHWMdPPdaeL6e_vjoxNOKOmZvx30rfQX3vPiEAY4PTVriu2DnLFz7yAN7jLD6JpQzrosDz1RSqZd5nFa0NEQKz86L-aNB-hF60D_2HmTQnBc7T1Hcxy6977kD0g0bk9ddQmmEgXtjgll6IhN7uegvia6M0wa_ubp46-oMyusQ8qnF8e-ggvg0NGORdu4tuEJe9_tPBemnclEUiFzIsFonzayQK9d6fRyoKgNJOioopNVgNvlK0Sp8ZZiJvipAsUL84Yh7VWVtBJe-q16vBJzUvvZLkHdS0u9nLzGcWCzkQeW7g&sig=Cg0ArKJSzAlpJTgwMsgKEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9vMm9ubGluZS5kZQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=716&vt=11&dtpt=363&dett=3&cstd=346&cisv=r20231204.84162&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame AB9E 47 KB
47 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:11:39 GMT
x-content-type-options: nosniff
age: 588
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:26:39 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame AB9E 46 KB
46 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:14:57 GMT
x-content-type-options: nosniff
age: 390
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:29:57 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AB9E 8 KB
6 KB 82ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fd6edcfbca7b95d1de524355eb6ff10b2c48506e1152034fda4a8d16b8120cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5990
x-xss-protection: 0

GET
H3 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB9E 2 KB
2 KB 33ms
19ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:41:39 GMT
x-content-type-options: nosniff
age: 5988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2040
x-xss-protection: 0
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 19:41:39 GMT

GET
H3 200 60005582_20231030033658901_Mann_320x050_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB9E 9 KB
9 KB 30ms
16ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20231030033658901_Mann_320x050_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55c04c9fa6ccffbd10482f5cc7f157a6db7934bf2a0fd00c4f81bdedca4337eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:51:04 GMT
x-content-type-options: nosniff
age: 5423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8877
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 10:36:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 19:51:04 GMT

GET
H3 200 60005582_20230907064212984_Mann_320x050_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB9E 8 KB
8 KB 31ms
18ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230907064212984_Mann_320x050_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca6a545f2d1838c63df01e2524cf81a62c5d0b5ab354961fca9e42f5f676acbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:42:21 GMT
x-content-type-options: nosniff
age: 16746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8553
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 13:42:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 16:42:21 GMT

GET
H3 200 60005582_20230907064204163_Mann_320x050_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame AB9E 9 KB
9 KB 35ms
22ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230907064204163_Mann_320x050_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff10e38820fc13cd9c74933fb4ba85e1ac1683239e0471d1f17c6c3a38a3292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:46:07 GMT
x-content-type-options: nosniff
age: 74120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9125
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 13:42:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 00:46:07 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame AB9E 43 B
608 B 76ms
18ms Image
image/gif 141.101.90.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_PEF_HAV_14123_PV&mediacode=30520114_4307561_376315632_145324559_DIV1206A20230914&ref=30520114_4307561_376315632_145324559_DIV1206A20230914
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 21:21:27 GMT
Via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
Age: 663241
X-Cache: MISS
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
Last-Modified: Thu, 09 Nov 2023 15:03:02 GMT
Server: cloudflare
Etag: "2b-609b98009f580"
Vary: Accept-Encoding
Content-Type: image/gif
X-Varnish: 267014754
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 830f56c15e842d04-FRA
Expires: Wed, 04 Dec 2024 21:21:27 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1E3B 8 KB
6 KB 268ms
260ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71c3cc31f69568ac57972141b09fcb9e0a85e491739e58e6e87e5b30dcabfcc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5821
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame AB9E 26 KB
26 KB 24ms
20ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15863219371426971648/320x050.html?e=69&leftOffset=0&topOffset=0&c=8JBUwHz6Ic&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:23 GMT
x-content-type-options: nosniff
age: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Dec 2023 21:36:23 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/ Frame 1E3B 14 KB
14 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/bg2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f19124ffc37ded3ed8991eacd345c7593476d22e45135d8969101497b456138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:25:42 GMT
x-content-type-options: nosniff
age: 21345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14548
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 15:25:42 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/ Frame 1E3B 448 B
483 B 14ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41fb23809c9dfdd103efe2b7b15d98134526ebc24cc73805475c95ace5fb59aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:16:16 GMT
x-content-type-options: nosniff
age: 108311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 15:16:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AB9E 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 21:21:27 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FD4 39 KB
15 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H3 200 logo_bsf.png
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/ Frame 1E3B 3 KB
3 KB 59ms
59ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/logo_bsf.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984b0d4cdb23d851ff0925d0b9b7560ca4aae17b5662171bd0b829b0620ce9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 02:16:47 GMT
x-content-type-options: nosniff
age: 68680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2890
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 02:16:47 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 34 KB
34 KB 59ms
58ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/bg.jpg

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aec187d1a80ed0e5dd24127d39473d6a06175132fb30b603fb51bd0285f2578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 07:25:36 GMT
x-content-type-options: nosniff
age: 50151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35189
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 07:25:36 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 8 KB
8 KB 61ms
60ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/band.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b582a40acfe21c24681f922781086f4e76251c7c887922171c068a6f2ed2964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:34:15 GMT
x-content-type-options: nosniff
age: 56832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7817
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 05:34:15 GMT

GET
H3 200 band-headline.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 4 KB
4 KB 61ms
60ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/band-headline.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e667eb1c245d6516dae4af9782c7c0086486037c7c1314eec086a8c12e7b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:01:21 GMT
x-content-type-options: nosniff
age: 80406
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3802
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 23:01:21 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 5 KB
5 KB 62ms
60ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/text2.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf6bf72b4b0419a38e7fe16e49283fc31208d03afc964d7f3c97fba32f9cc46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 18:42:56 GMT
x-content-type-options: nosniff
age: 9511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5223
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 18:42:56 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 5 KB
5 KB 62ms
61ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/text3.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5f2afa67ecb1062f8cf97544f21dd5b45631ccf2a586158d02b824b405013c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:36:52 GMT
x-content-type-options: nosniff
age: 42275
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4822
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 09:36:52 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 2 KB
2 KB 63ms
61ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/cta.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 11:34:32 GMT
x-content-type-options: nosniff
age: 35215
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2416
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 11:34:32 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/596701576577929928/ Frame B849 4 KB
4 KB 62ms
60ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/596701576577929928/logo.png

Requested by

Host: 4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
URL: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

755fb6edd26e00462f0ffda5414c3514bbf19a5b7790221702660abd5e91cc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/596701576577929928/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:58:46 GMT
x-content-type-options: nosniff
age: 120161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4041
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 11:44:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 11:58:46 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38F2 0
0 102ms
100ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssK2Oey1iz10ZYiu8OD61U_tKAxKoM2-YAgGy--7puZQ8jIBdrWEpDLXY8PPp1ZYlFu50TwCBJPK8W_POl4ShCH5zcwRCj0N8JL_nxdocW9752sqzlqG9lCSgyvZm2P3e1KSqS3BdKEBztvdUkQtxWys8bDA2_tgyJBcK7N7fuhUp_zwXNqYo1LTYM-vr6xuqrdh6UMyl11W3VCUvquAO5gwlmoootrZm9TKgg8IIzkeBgg02QmOFv2E2JSFYKWL_nU7ceeTRCIz-n7uRH0VWQeoyT00HYrGU89FksR-pzzwywSnZIPtnAyJz6AA0WbQBmpM9nqHSB2P7K-p2Rld8fknViwuq8v0teKJ_WaWICLgTuE9kPDrd0jKY93WIHANFlkIExrcT9lzhstcVx-6BbnbX7zss9F4AfACVqqZaJLTWHM_AuGESQPHYlK3rAqVLX2uont09TxHG3IvpLIfPeTslibOSnlptJZPXvCPyU0zo2Oy9X7gIFi5s4xa_wlulzV9jfVpifrs9wgJ7bTbac7xNblPuPmLNv_VI14DZNd8Q988F4sfQ_-qZXIj_itDLCWGo2dVNBXxs_smbqYNT1LhS5NaWOCZojz-lUh6ZRroGUcW6lB70jSX0OlUYxPY9NEaSgP1QNHv0KtJdk4z3FQbggqsp7-irw-qQ4NFoNKxGO2xHO169vFvOUX4c-JNNh6K8k8NuS6GaM20dwDPTH-a14U8MrIPg13WvlNIGgfL3p689_FOl-fuJQ4_goBLQdEUg7WeuMYnnAoPBQ2Go_xs6JZO3yaG0M-xRUlVSW-QO1TwNuLInarbPkSOqA-HaMD69X6YjYUIV-sl2DnEkjRbxZljCReCjnRhY2TYgT-zVpfg6pkgNw-1EGsUDopNkFnM5R8VdLRI-FJoZynphtC7lJO_sFbtgU-duCY8RFSH2PDhb8U1NZnu_qHyf8Y0tBTWnBbGESL6HMq7rn8HKhxlrBoS1iur4LkqT571oc6CjPOVJQHpNSxN3rdVZDn1BXCRY7cZHzzudEKXBnbgWEmqsyoEUrQcIUaSQvrjSJ7f9Xg_IxaHX0lzjN11zaYgLQdb8ZtdvYFqFuQ5SfFYaptEf5-tjtDZZ3RCHKTWeu-fn3lpVR3H1W1ozKlJVDvJ-Z0C9bVHmGfQzvaHe-L__x-T4sq-g7hoDJB151mKeeHiOfwtMWilegEndSHoU8VmEOEGPq1t-cO-GQ0VW5G9tWKa1XwoKh7tJ6gmaB0-Yf65VaRbzw2N_4cHtPRbPMShkRE0ocvrxWDXOCki4WpNmW7uI7fPvcxqeIRFcZf6gkgoTBOG7uAe5NrutsYiWZuQgKQUEdiLaGmfLGqOkS4tePvyleajYVbwXO0sW7cPVl8pVYVg6AXrg4D7GJGvbVpINBjyhmCUArCIIO9FvJU6zyY8Mx_k7yUyrJZx-5SM_FptfYMK8nsVbCeOlauGQHJBcRbtMs3O3nP0WdpWCGOa4VvVa-76hI&sai=AMfl-YQCESEEIgKnaFPpFBDvovv-Qiz_RxSyY4anciNUFJKEafYJolJ6iFURz3flvkC6Y4Z4wD4xsBBGjyfXk3TrMs0d0MYzLUj93uyeevGY-0JPQOdzA_g94HijpTiDQjzYIua1Y862-hmeCfdl45PFTOdasN4FBjDI8Ku8C80U-Gf9RHKSQnkzj5W4kHeum3sfNThUFyEX_8FxEmT8QBFfJAO0YMRJdtOElYoRktM9nLpteWWwJI_E8UA9Yu3BaS-Xf4UsQ0c&sig=Cg0ArKJSzGjvxJfDHl5zEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=508&vt=11&dtpt=394&dett=3&cstd=111&cisv=r20231204.20751&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cifraclub.com.br
URL: https://www.cifraclub.com.br/oasis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 txt4.png
s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/ Frame 1E3B 1 KB
1 KB 42ms
42ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/images/txt4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5377f86bda76e119c61250661dd6338990885162a14ba90438bedec18adbaf9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10021671146853761024/RTL_BSF_MediumRectangle_300x250/RTL_BSF_MediumRectangle_300x250.html?e=69&leftOffset=0&topOffset=0&c=IG3yhRK6Qp&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:57:43 GMT
x-content-type-options: nosniff
age: 44624
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1348
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 09:41:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 08:57:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61BE 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BORGkVJRvZfKbMvTK1PIP0tquqAQAAAAAOAHgBAI&bg=!ODulO3TNAAY3kmNgF5I7ADQBe5WfOBCP0VYDo8IFO3Y3LT8LYDliwufmzuzOABZDa4SYaaO5z_HFS8Lc3Qiqxud5d0BcAgAAAdlSAAAABGgBB5kDFSQP2OtDhWWTlOqPNi4HVZ3JYTw2lVhFqbvENcfO_KFBVe6iPtM-qbW9UVJYYnpn1l6B634w_oiE6i8AEEDY6iE1w5Ps5iPUuMtAsmim01UJMN2I-NUwlaXBR1UN2_1RuO-I8ETeIgXyyMg4JN_UZeGtMsAbjv3xvZp5EppZRYb8noN2H7aF-W5pQwr1wu6oV2BdvZ5wEFOEYJ3KlTIYa8TDxjATy-7tb98xwmV-DSzFogHAvvrgW4bfowhI3TgpEqXrlJjt5HKXvKMzeajkMlmAdaO-dtIoyhs6CgL6ztbiD1BbBVLmyP_hn4U_Iww_Xq7_HLrXp3bHXel_j5cyioKfz3RVxTeYRNeP0C22N9ztGvMqEmYlsN92WwVRcfEcZO8VjdAGsP137tF9yxLul9JNlwaz1SgN4tfADsYV4uiD2n9kCzy40x19GPUzRA2CwoOQjP-gANjRj0cSoTACAAaHiFsJCa2HCN4S6d_Xf_CrW2-kOL9QdMqMo6RCUvrTQ6qWLljrQ18cPGDIp0wvpcSQizHnZpTVLsUVwHgXq3ty83nkPjO8dAZVsGTcbR9XnBTAYSGLcG_fzMzP2PwZsv45aEYrdPU4iKvOIyRUSMltSBQnerZKiOgqUxauIy-RCHqP4O6REiqlU1COIAIaNC2TKp6NucLTtv_QC9fJKzYRpB4kLhhDYquTkTGVoppYqplnQlfDmOrKmQiOiM6qaNWpYlWtCT6lXtzOa6IbcD3jVSGsoS2LP_MLzjQrvmmGHcPttYnHFPvUZ8gc-bnFrNgWPxfnA_Z_z5arA82VSk836nbsrexByABRur0SAABKgDHjccQ-A-vFmjnh0_Nkt6ZXY0IgQLzwAmw8lK8XSGm-2__t0oFakRCjeh92W7p2ya9ky8UT3GLdPGd1YmbRbak-NbsghkV5gG59caTOa5o3p1k-nXwLr4cjWFOAuo4cOVKff4pmo3d1ImbLmhSXDl6QzzXjxrCzRPdDNRTqs50B734vO01O7kbTuoRXwNFC6xYQSXJ674lH7D1vb5ygjDjKhxQ5IQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E99 0
20 B 53ms
52ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bl_QDVJRvZf2rMvTK1PIP0tquqAQAAAAAOAHgBAI&bg=!FRalFlnNAAY3kmNgF5I7ADQBe5WfON8ystZH5B-whQXFuWgg76vKsxsbaTOBB4azRJ_VjCwKTylvDc07h4Q4w8TCiwxQAgAAAbZSAAAAA2gBB5kDJXu07DQ8gUK_NIepzgviYjKRQjd-ypgYJb2uqWWz3jbzmCP6eCyFfO7IEvp8KPfVBfgrtNlp3n626N1z0LdW4qhrfvO-pix0exgIT98x4LObKilps52_b3lI1XdtKf7XuZ2EQo8E1ir67ifDwii3VdMffbCF-JzDVxqszZvDLS93p779TzlKCd13uUEJ-mHHaQyrfzim1XfMWrhIdfB_qadpnZuFakAUJUpLGVcU1h9si3wydYZtWJx-CLbaqp3sPN5ksjuXSuYcNEGjABy3Keu6QIY5KTSn6jlLyw-kQe_-sJM4F_WlOOkOjN5EYXE0NQHMRe7beob5Fc2p_E0eB2K3O5COkJaNW_nhY08HlKcDwPz5ZXMGzwK6rpI_93Hrn6OooiHpVAbKj_XfFi9kf8jvG8_pRej8J2UO01T2YofT08-qwkI55rQnR-1dlA4nSBFORHKrCrghvjKVi2HlyzEAYYm2N30oqK_V-uvKX9wUa2WrI0SAwLGskxz0dFudE7rU6W2iGwBahlPpLTUPLKajcGVVx_4Hzxd0hr1z4ZA4v0NVIlscZQGF1d4Zlsz7owhYUk0mFB2RMWtCH4n1i9aazRlHsMZphnoE-pDhVPpepi_AX1zAXTEyXAikX7WEzC2oLEWuHVLCh_1Bjg1iswQvsuMY7olVqFNsH-XlVFs8Xd3JN-QL7SSUD-t-0uayExuMdN9Z48dFNsHGIBmkBmmCI3lP7SAUpBdO_1a14feg2dyFR2IixxyAmfhcR7iQcmB9G3QvbYU5VKQQcZbXfLjdol-W2KKjlrIHeuBElYPDk0Rlhm0I-2LQ6IJsIjKiGv25HognfFesmI9FnHwJCMGAsO2F_JybENymKjUePhRyDlJlYwivcHKyZew120PNW1npAvUxanhD75hO0xREiCrJTfWtIfm2pgY4FJLw6dQyi8gKBOq5sAdJkZqMUyJ0aHMnmSe1qwCNFyb4eQgRyrPfslKSCZcQ8O5DmZqOV8fIIuMT8f69BTSy-L_EAaBBELyVa6-rMCwTOrKiz3nls4b_87_7tsWHYnjtGrqrF1lMkqJV0HQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1E3B 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 21:21:27 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D75 39 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E9C3 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 20:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 20:14:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D7C6 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4NJefZJ0gclpkhA64_L6VJU2pYdh-nqVKhbXdf99okRRPRN-I7_omNFzzXJML6N_rXRLiAPeo9lIkoGn6ABk98z7hvqDsHuSmEDqAzGoZW31B3CS_hs2z6Z2ifCROUikdHXpj2h7VCCOy&sai=AMfl-YSUhAqU4-hZuQSo3EFkXGVy4xXEoS8cSqx5L1f6l50G9JuEvohWZGYA8LiwX76w9b1tWdIEluLmgFrZ0hEwFL8bG-dUHVtqHzzgPGgZ1__CVWIxgVweLf6ToLjdTtrGakiMLwVeAiY&sig=Cg0ArKJSzIg5P9KpXhTKEAE&cid=CAQSPADICaaNdlkk78iJmZIdAZSajFXQFLwkfgIzws5nzKPzA81WVSYXfYsy7hkC7rXdg95I0-Xp9dx6jkOUSxgB&id=lidar2&mcvt=1011&p=322,1080,372,1400&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4164029453&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701811286263&rpt=503&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACD5 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta3ekigEasCz2GcvjU8N9jx0oY8XypcSrKHH1OagFn4hVkVIHhdLhvH3gPdIkBuH7o4k0jsOYvX9b3YMv7j6Frnmyo87YnxoubL8ys53JiwUU46FwBn51ffKorB2dzaGU&sai=AMfl-YQVhxdVcSGJw-7ts-4-TrbhiifOjKV8_do0g8hJ9CO-ke9WSooEiIw2m7LxVFMN1__8uEa_qVQ2orFMiZD9xUYh_tgjJqIvnsp_wnVA_iF3f9EWXdWzaWuLDi2GOM057hh-Zvwe68g&sig=Cg0ArKJSzD7uxEzZ7xuEEAE&cid=CAQSPADICaaNdlkk78iJmZIdAZSajFXQFLwkfgIzws5nzKPzA81WVSYXfYsy7hkC7rXdg95I0-Xp9dx6jkOUSxgB&id=lidar2&mcvt=1020&p=416,1090,666,1390&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1414448433&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701811286282&rpt=559&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 38F2 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOMttYvyyiSqJ1G-YGm4ayZ3Tt4HPGVsde4zqF90AMVtlVH1Ag-MU9Nage9J--UXoKb_Umh--uUx2zddBg6mhFPBWB7nfUd1MVfc1JP4YPCs9lQq7PJMaXzWDThHCfhfTvo9crnk1HRk4-&sai=AMfl-YQbdV0eRTYMBiAASiARCPuZgfkLH2dAxphAKpKTSQFCQ5RKLw27G7YdRKQXyHRGwiuiHNnqa4NzHc1TmiV_aBdvfFOMUpCFne1IO00-R_uhQojACPya2v-z3ogsvAuD-uGdGKpCQMI&sig=Cg0ArKJSzGG9vg-6j1MYEAE&cid=CAQSPADICaaNdlkk78iJmZIdAZSajFXQFLwkfgIzws5nzKPzA81WVSYXfYsy7hkC7rXdg95I0-Xp9dx6jkOUSxgB&id=lidar2&mcvt=1013&p=1110,436,1200,1164&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3249029758&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701811286271&rpt=636&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FD4 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BFvtfVpRvZZe5J4yvjuwPwbqJuAkAAAAAOAHgBAI&bg=!kpGlkd7NAAY3kmNgF5I7ADQBe5WfOCzc0Uv_B-OcdE8YqmlTfzLYVwHk7AcEyU0PZIEbk6ZfUXu5iBGD-olqcnYN1XseAgAAAR1SAAAABGgBBwoAUk1hVb3o0sU44cI_20dHPhfRQFXY5TvtNup6UgkvDfReDSRbPxNY801HqyL1HMRjW6D3d65CJoux-ur0JSr2gsItHVzQiu-uiVqu8W_aBnAHlPqZAwl3Q2Vr0-3Ec1qHxGrhQcuYrDUwEtznsyR9fIJgh9huOTwIPR1Vq-CMRVqM_bWH1lWhiSvLt_Ims6sOM0T430-e9uVWgXN3xLuykJqQl832SgaAROM46FAQe6uWZHdg35upL9mEZHoWDwYetTBHYfNL3HDDuNivWQeEgGrKOGFAhHmTlaI0xkIJQCqPTczpLyODlcuLr7DhGzs-mm9Vt3Q41sDhORVp0tyKCPXxTt0ToXWML41ta5tNhzL4_oJ2ho_g9mhOxFvBDCX-G7OjQXpJ4cqZpeeJRSe4QsvTI4BAqhq7Pj3nZ59wrtbLp9xxs65bRIe_5Ar5ccVqgvGcGhEwwengNdpPZOHmmrfuufObuSxAdgpJFyvbQWHH25ATz1bfluauWePB7Y7TwzUhkDN10psm5tcKEPv4c4qiV0sF1s0BdVgwugSjCQnZxmrktF8bGFswbdi58ugv1wuE8cKuUU252q71_QlTUrPVfYzgk0nMa9eDa1lSsNnlkyj1RESY6ng7_dPngV8GQ2S9qzoGLzApEnm2g8XtOYfMFMW-xWzPjlYQNfc0bWoXjGRQCerPdzrYOWwgboaKcrL9nCw-7mm4FiSaJmxFKg-uQJk1phCaDIwqxm7uk9lmS5mFpOZ_Dao2dDsP7GuTQ-yDOUwrrtf_tBqYahMHPTUCXh9l8GnE0r0FFeWxkvsAD1Pf-LAIRcqLbH0aW7nLMiiaIU3OqLjw0srCc5B8CLYLA0aD0bKA-qYSivWUammBumMZyy195AnpxkdCEFsA9wQ2FM0g7YgcB8ZjBZ3DASa9x-geVi3tkGgXj6pYifqffHyNueYg9k8IkufKYAOCaCPiGoR6NzGAfiGiG-AYbFKSei6ok2J_h63xFa5MXL_8M4XgwwBeVNryIULiR14IB6LHf9B2DcCc2wn5Q2jMzdCCRlvbieVR5lzg-mbUasHylNXaayFIhKHrhFHQGP6uCV6bYXIwbfEnmuUoTQVZGt1C6ATSDUfKv_bb-Modf4EFK29i8bjRjEpZG_FrU1U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38F2 0
20 B 115ms
115ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5833009025200&version=m202309260101&ct=76&x=1&cor=16011766714365563000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 77ms
33ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cifraclub.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 05 Dec 2023 21:21:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 220183
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
380 B 55ms
20ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.cifraclub.com.br%2F&domain=www.cifraclub.com.br&cw=1&lsw=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2921963
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 62B0 52 KB
17 KB 75ms
15ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 05 Dec 2023 21:21:29 GMT
ETag: "623de86a-cf34"
Expires: Wed, 06 Dec 2023 21:21:31 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F30E 16 KB
6 KB 81ms
12ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=130928
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Tue, 05 Dec 2023 21:21:29 GMT
expires: Thu, 07 Dec 2023 09:43:37 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E715 281 B
555 B 95ms
25ms Document
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 21:21:29 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 298C 23 KB
8 KB 154ms
55ms Document
text/html 2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMSRPRR&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C331%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C326%2C10000%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: akamai.sscdn.co
URL: https://akamai.sscdn.co/cc/js/984a4.headerbidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbd4460093e8a61a76de80531eb3854a281985c4119f412b6df54b957f91c9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.cifraclub.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8419
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 21:21:29 GMT
expires: Thu, 07 Dec 2023 21:21:29 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 62B0 0
596 B 15ms
14ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:29 GMT
an-x-request-uuid: 749547e9-c161-4ec5-9707-240c0bcd343b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E715 46 KB
13 KB 25ms
25ms Script
text/html 2.19.217.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 96fe9ca0bdf99e0ac4dbccecdf21a0908da690de37f89f6fa0c790d3167aa47c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 21:21:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 12:00:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=52746
Connection: keep-alive
Content-Length: 13236
Expires: Wed, 06 Dec 2023 12:00:35 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F30E 0
39 B 15ms
14ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17913232&p=163636&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=163636
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 21:21:28 GMT
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E715 7 B
380 B 37ms
9ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 5e091a4bda7cb1b96cf60040ae4e8596
Expires: 0

POST
H2 200 log Show response
firebaselogging.googleapis.com/v0cc/ 506 B
760 B 129ms
62ms Fetch
text/plain 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaselogging.googleapis.com/v0cc/log?format=json_proto

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.9.1/firebase-performance-standalone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

3862cec4274e09e5cfd7ca42bb7376f0872f1aa4dbb36d5330f3929b8278608a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 21:21:30 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cifraclub.com.br
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 21:21:30 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 62B0 0
596 B 143ms
142ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:30 GMT
an-x-request-uuid: 0493bc56-8c0f-4a8c-b1b6-0becadd6b469
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3BB4FZD3LP&gtm=45je3bt0v868809808&_p=1701811282338&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1853536201.1701811284&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1701811283&sct=1&seg=0&dl=https%3A%2F%2Fwww.cifraclub.com.br%2Foasis%2F&dt=Oasis%20%7C%20Cifra%20Club&_s=3&tfd=24227
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3BB4FZD3LP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cifraclub.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 21:21:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cifraclub.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cifraclub.com.br/	1970-01-20 17:26:43	Name: _pbjs_userid_consent_data Value: 3524755945110770
.cifraclub.com.br/	1970-01-21 01:29:07	Name: _sharedID Value: 9777ed0c-0a59-4afa-b043-86d9a9b4e572
.cifraclub.com.br/	1970-01-20 18:53:07	Name: _gcl_au Value: 1.1.1598757656.1701811284
.cifraclub.com.br/	1970-01-20 16:44:57	Name: _gid Value: GA1.3.717338737.1701811284
.cifraclub.com.br/	1970-01-20 16:43:31	Name: lotame_domain_check Value: cifraclub.com.br
.doubleclick.net/	1970-01-21 02:05:07	Name: IDE Value: AHWqTUnjMnyv29uc9FvqiQ1_7UVcZqiH0PBqUk6fSOx_bCtstXTJf5nP8P3BzNIa
www.cifraclub.com.br/	1969-12-31 23:59:59	Name: geoip_country_code Value: DE
.cifraclub.com.br/	1970-01-21 02:19:31	Name: _ga_XBHRSMDBK4 Value: GS1.1.1701811284.1.0.1701811284.0.0.0
.cifraclub.com.br/	1970-01-21 02:19:31	Name: _ga Value: GA1.3.1853536201.1701811284
.cifraclub.com.br/	1970-01-21 01:29:07	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNzAxODExMjg0MzE3fQ==
.rubiconproject.com/	1970-01-21 01:29:07	Name: khaos Value: LPSUHYRF-18-BQ5B
.rubiconproject.com/	1970-01-21 01:29:07	Name: audit Value: 1\|naVuGyos1qr4SgVZkAfXOC+IXqvPVzt4X6LBWwGzep2k2NKlEueGiKyWfONvZyaSomT579brcqgNziyHhJ22gdgpQT4gGBJl4WXUF1ge4Xge9RZU/e4r/yKPLRELhl3xG7JtXJVTTK0=
.adnxs.com/	1970-01-20 18:53:07	Name: icu Value: ChgIy6c-EAoYASABKAEw1Ki-qwY4AUABSAEQ1Ki-qwYYAA..
.adnxs.com/	1970-01-20 18:53:07	Name: uuid2 Value: 687916670581357981
.cifraclub.com.br/	1970-01-20 18:53:07	Name: _fbp Value: fb.2.1701811284442.804475670
www.cifraclub.com.br/	1970-01-20 16:43:33	Name: tt_c_vmt Value: 1701811285
www.cifraclub.com.br/	1970-01-20 16:43:33	Name: tt_c_c Value: direct
www.cifraclub.com.br/	1970-01-20 16:43:33	Name: tt_c_s Value: direct
www.cifraclub.com.br/	1970-01-20 16:43:33	Name: tt_c_m Value: direct
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:26:43	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyNd4fbZgqDE1YW6ExkKjQGkpUiG0IX9zO66ucs4jPwx6
.t.tailtarget.com/	1970-01-21 01:29:07	Name: u Value: fwAAAWVvlFS5RwbHDB6HAgB=
.t.tailtarget.com/	1970-01-20 16:46:24	Name: _ssc Value: y
www.cifraclub.com.br/	1970-01-21 02:19:31	Name: _ttuu.s Value: 1701811284994
.cifraclub.com.br/	1970-01-21 01:30:33	Name: rdtrk Value: %7B%22id%22%3A%227742044a-f91e-45a1-9c6f-4d14034f78da%22%7D
www.cifraclub.com.br/	1970-01-21 01:29:07	Name: tt.u Value: 0100007F54946F65C70647B902871E0C
.t.tailtarget.com/	1970-01-20 17:26:43	Name: ttbprf Value: _steinbach am taunus_hesse_de_1701811285300_2997014915
.t.tailtarget.com/	1970-01-20 16:43:33	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:26:43	Name: ttnprf Value:
www.cifraclub.com.br/	1970-01-20 16:44:57	Name: tt.nprf Value:
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 16:43:34	Name: ttca Value: CA15437,CA15795,CA15771_1701811285
.t.tailtarget.com/	1970-01-20 17:26:43	Name: n Value: 1701811285
.t.tailtarget.com/	1970-01-20 17:26:43	Name: tp1 Value: CAESEMYj-Lst7AiaF4FwDNwScbk
.t.tailtarget.com/	1970-01-20 17:26:43	Name: dc Value: 1
.cifraclub.com.br/	1970-01-21 02:05:07	Name: __gads Value: ID=df8f699085d44c66:T=1701811284:RT=1701811284:S=ALNI_MaKlSTu4IOb6xhdXtE2096nOnjoFw
.cifraclub.com.br/	1970-01-21 02:05:07	Name: __gpi Value: UID=00000d0b45d2ffb7:T=1701811284:RT=1701811284:S=ALNI_Mbv3WXTrnMz2CEj8OVlidkVanclqw
.cifraclub.com.br/	1970-01-21 02:19:31	Name: _ga_3BB4FZD3LP Value: GS1.1.1701811283.1.0.1701811286.0.0.0
.casalemedia.com/	1970-01-21 01:29:07	Name: CMID Value: ZW.UVsxbtRbuA70nyNMN7AAA
.casalemedia.com/	1970-01-20 18:53:07	Name: CMPS Value: 5234
.casalemedia.com/	1970-01-20 18:53:07	Name: CMPRO Value: 5234
.adfarm1.adition.com/	1970-01-20 18:53:07	Name: UserID1 Value: 7309223817351329931
.doubleclick.net/	1970-01-20 16:43:34	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-21 01:30:33	Name: suid Value: EA67D940DFD84C4B9186817F2B543DCC
.ctnsnet.com/	1970-01-21 01:29:07	Name: gid_CAESEDv0Q1CP-YcFka8jQ9sWmGM Value: 1
.blismedia.com/	1970-01-21 01:29:11	Name: b Value: 656F94567E3B88C9859F216DBLIS
.lijit.com/	1970-01-21 01:29:07	Name: ljt_reader Value: HxbBtGZHmjIwYT-jSAGbuRDR
.adform.net/	1970-01-20 17:28:09	Name: C Value: 1
.adnxs.com/	1970-01-20 18:53:07	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMnm*!O!]tbPl1M>e)ZlrFUfJ+tGXxo3[mot29!FPA:$BnPBEDb.Znzx4b#pblvh>%u3If)y3KL9D3I?+iKt$6=
pixel.rubiconproject.com/	1970-01-20 18:53:07	Name: receive-cookie-deprecation Value: 1
.csync.loopme.me/	1970-01-20 18:54:33	Name: viewer_token Value: 6cb252ed-3c8c-4e1b-98f5-e9f691901843
.doubleclick.net/	1970-01-20 21:02:43	Name: APC Value: AfxxVi4ugbjCs8KIyI00soCXFdpLk4oM3jU2rZFb87h03IRN5QyxDQ
.adform.net/	1970-01-20 18:09:55	Name: uid Value: 8753234836385992014
.de17a.com/	1970-01-21 01:21:55	Name: guid Value: 1.9090797533066375756
.yahoo.com/	1970-01-21 01:29:28	Name: A3 Value: d=AQABBFaUb2UCEF_iIEgH_PFywRtrMXMBRuQFEgEBAQHlcGV5ZQAAAAAA_eMAAA&S=AQAAAs3jIXWGHU0Z_0xBtQODJB4
.everesttech.net/	1970-01-21 01:29:07	Name: everest_g_v2 Value: g_surferid~ZW_UVgAEtQ1JTwAM
.ctnsnet.com/	1970-01-21 01:29:07	Name: cid Value: 0a7d6564ae83457c83a0aebedff570d1
.adtriba.com/	1970-01-21 02:19:31	Name: atbgdid Value: 93990865-93a4-4bd0-b7a2-c537655ae4bc
.3lift.com/	1970-01-20 18:53:07	Name: tluid Value: 789562385618815263071
.ads.pubmatic.com/	1970-01-20 16:44:57	Name: KCCH Value: YES
.travelaudience.com/	1970-01-21 02:15:12	Name: _tracker Value: %7B%22UUID%22%3A%224E2DC7E6-856D-4FD1-3ABA-E9F73CBE0355%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://master.cifraclub.com.br/api/v3/sponsor Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4e7b5f941dcd3fab17bbd2ce06b6af7d.safeframe.googlesyndication.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
ads.travelaudience.com
akamai.sscdn.co
ap.lijit.com
api.cifraclub.com.br
b.t.tailtarget.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
cm.t.tailtarget.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
csync.loopme.me
d.adtriba.com
d.tailtarget.com
d335luupugsy2.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
firebaseinstallations.googleapis.com
firebaselogging.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
gcm.ctnsnet.com
geo.privacymanager.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.cifraclub.com.br
image6.pubmatic.com
img.youtube.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
master.cifraclub.com.br
onetag-sys.com
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pixel.rubiconproject.com
popups.rdstation.com.br
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.media.net
prg.smartadserver.com
region1.google-analytics.com
rtb.openx.net
s.seedtag.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
sync-tm.everesttech.net
sync.teads.tv
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tt-9964-3.seg.t.tailtarget.com
um.simpli.fi
www.cifraclub.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
108.138.9.235
13.32.27.70
13.32.99.122
141.101.90.98
142.250.186.98
142.250.74.194
151.101.194.49
172.217.16.134
177.54.145.110
178.250.1.9
178.32.210.226
18.195.149.147
18.239.69.131
18.245.143.58
18.245.60.53
185.64.189.112
185.86.138.150
185.89.210.180
198.47.127.19
2.19.216.27
2.19.217.101
2.19.217.60
2001:4860:4802:34::36
213.155.156.166
216.52.2.48
23.35.236.188
23.35.236.201
2602:803:c003:200::43
2606:4700::6810:5714
2a00:1450:4001:803::2001
2a00:1450:4001:806::200a
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::54
2a02:2638:3::c
2a02:26f0:780::5f65:36d8
2a03:2880:f068:8:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3602:1c33:a9c0:1eba:a0fe
34.102.185.99
34.120.63.153
34.149.50.64
34.68.90.188
34.96.105.8
35.186.193.173
35.190.0.66
35.201.123.184
35.204.74.118
35.214.159.102
35.223.116.65
35.227.252.103
37.157.3.26
51.89.9.251
52.222.250.26
52.28.185.174
52.48.81.28
54.192.137.125
69.173.144.138
69.173.144.139
76.223.111.18
85.114.159.118
99.86.4.39
03e7b6670a29e62d8e8a44ecf20be362d9f50313ff71e8758d90df814b325db6
059fde446eca56b850d84915e85920731578dbfa93979ca10ddca0c20d945075
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fd0b7c95ca7a74f4ab41edf10bfc48fcfa9b18c59d3acb4423df4a5d651363
0874c93bc9a23ca21b5de6fe83b88fde608a3e72ff2f871228a520e5770f68e5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf6bf72b4b0419a38e7fe16e49283fc31208d03afc964d7f3c97fba32f9cc46
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f15c0f3c21874a8b2f598ec10f54e778a3ea4ee2b7f004826b0201f28742996
0f1747514370104e20afef95a499d42bb4584c7d5bf36946b9791ca3897ac3f3
0fb7646d06b7161154c3a9a1d0daaf25f7a0ad5d6186fb8f1c5c3b74c58dfe48
119247ffe7df40e4d8d6d22869c3b2bc6076b5b525d5d3c5e4b8342af2f159ae
1293e34cf7955d387571847bc1eb3e1bbbf3e76216130dcca927b94407d04351
12f75b6fbc2ad35ecd7d3bde2edef2d0495fcf7e1ca7eb1600ba4fc7ad80ff3f
152181388e090c281f08a79f82e51f9c755767c86e03b99824c3a893b8bd82fa
154e15d714e058bd97a4b4abc2d1cd94ed898974961a821d9885a5527151c5b1
159f115c7db1557a4646c346f654d62d9147e3b661ec7c8bdbcff1d078d62b6a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b38e3c52caa4ecfe7ed334b9b90a861302502671da162187c6cb4796da0dd6e
1bed9b83d6da09c14fee08063687892aea6d456c5d8aeb03de91123c26c09fd5
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cb039486b4c314d859125a12dccbe850384377459d2c8d4d7b7660d55bf51d2
1f29d719b1c1083432ad2f4deb233f8b7ac42ebc70bdb158d600e92ae6a978a5
1f35ae18fabbdf41c3b9f815cae3040a3d0d39d3aefc987e57c518a69bf2c763
1f407355fa69f17827cc696408baea8cb67f184a71a47c205ef4022c1d7f44a7
1fd6edcfbca7b95d1de524355eb6ff10b2c48506e1152034fda4a8d16b8120cd
24498e4f5f7f8c31548bc4efc09f8abcd2bde56e0721af24c85a5e71611e3708
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25a077185630eeb59a4762d921f296b03c5d3df6c4c8926b06ffc66b877710c1
25ac51bd560661614f1f90a6cea5a82f526a8550afc34f725bb2471607ffa173
282b5e1516d6c9ca234f2ce85e13cc85e76293cfd520fc8334815c757fc50e1b
298385c1b17e35a9710475ac7cbd3781346fde0bb4708503d71f309dbdb7f671
2ac5faa8fe9f69076c4fb1402b1f0cb41db6f571490e9d5a98a6eab4f16323d0
2b851b972fa32357c957e2e5aee300afe8d42c813d86f806125bf4286261a786
2c73ad08334e801d45ff3b490982500f67061656e3c2bdb686f5db03e1540071
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d40e27cec0d6f4aebf120bfbaa49d0d4336af8985d5be34ef151ad2722b0701
2e588a4bf1490e6e6b157434a2ad6bdc30609d9a8ef43342d94baac0e0091e60
30f4c911942466581dab2a4eb1f974829aa217a1d0f559df48bb15a6696a3965
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316e1d3d2b14ebcc1e14fc70e7865e2045dc714fdbad9c15838258b465d0d2c2
31a7f6b125985fcebc86273eccd7b8a9347cf5f40ff32365ee3e6c9aa7e640a5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
333790a08743cda14dd3f8de8fb729b6bab0c81e33a1c8ce4d50a87e0db14e5b
342b8d0fe6a6c5937d4814a9b66cc9f015997eaa64a5e9f1f94db526a9dfb3f9
35fe5257282f2034e1a6e6fdfd454e6a4c3f45359230ace8aca978a3e00aa779
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3737fc8d3882327f17b1e64831a922185678e38181e8eb0c5b75cfc3bc1146a9
3862cec4274e09e5cfd7ca42bb7376f0872f1aa4dbb36d5330f3929b8278608a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a4387844ea355406e936ffea2c2e0b1eb84ace4fe9c2322830ee1bae264b73c
3a8d45ed5cea72c3018e5f1be32a523ddb46c5c3d89378fbe5d8add5dda664f8
3b534c83e1cd3b6fc573b9b2b2f42500282c91d0f75d8b4839db5632b6d82232
3c16fb350617fbae01d980ff008cb6b803f9e5e1db80470081940270498d3718
3d58d6b81013cd185fcaf14300457b228dff4e72deee5e7b6f40b88eb913942c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41fb23809c9dfdd103efe2b7b15d98134526ebc24cc73805475c95ace5fb59aa
425afce1be49b4473d339ba95a807797866c932c8872af02e7fdab6bd4ec6def
43151e7ead8d2cf1f507b44dadecade33fab074f1847e6447a533b25765e9ae3
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4631555c380a404618ad15cb54ef8f57f2e4154f9ed0870b24a8ea3cb9da9306
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f6301beea4c123d6893d8b9a2f8c7db9b58bc9d2769c0d01e9bcf79e912517
479982149be5e64014364f19ee0ab6211f0ee3e717f0d435dd79c0ee171ec4fe
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4863ea0e5b427ff0586a248fa8414504c66f4c2d52a73f12e06bc92d71c5b568
4b582a40acfe21c24681f922781086f4e76251c7c887922171c068a6f2ed2964
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4d35055bc4d7f1f973c1615dcf9191b0a9f30456bcd3e58c8001a3cd3a9c49f7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4d91220b5dbc70676ea9e1941e4b7d086e4dbcbb73b6e8a1f9690fe9d6296826
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25af342124d142dd99b5b3a4b90e660cd4b96dc7c2bf4e54c1a802cc93d521
50567f9e1874c1ecf89ddd10c1a271fd518b59729c6ee54f3c3630366e06144f
50ce2be0ffe94eca5f65edb8b0f1f3a04499019161c18edf46830659aeffedfe
515b22d89dedebaa6befc0af4bf5b1600e832ffd3b541ee646b21d59e21fbfaf
51707ab5853e0c972604927c9eb91a5e7590d2037e33eeb636ab4204495d028c
5176ccc9c6010195a92c4d762ffb7716bf8b801f5af11bd97c10811729ae9d36
5377f86bda76e119c61250661dd6338990885162a14ba90438bedec18adbaf9b
5398bb5a0b481f244d4d6acd1a4e5991521bbfae055aca47327aeebafc3fa7a1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c04c9fa6ccffbd10482f5cc7f157a6db7934bf2a0fd00c4f81bdedca4337eb
5603321790f44ac98ad080c90e97008c1f88fc7682db126c03f22de3c428c79f
5690063093152714ffa5e91e793f6ccc94ae646f174d66325170a9c71c23eb9d
59e8f33be46fb7a03d8db862b344a3e581550c8d38e0a28345be72de04a6c0e1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cc3b59a471884704beaf3b395d4f73056e3a2c037cdb64ecd15a80afd3c2560
5ddf14e7f01112832f2bf7fc86c4b5be0c9578dabd6d7fae81618b5387422065
5ecbc7b923367cbe0a0e615c5aa1bc0f9e28bf84819ef8fb5cad5d9fc17ac609
5fad1ff70aeb989c3e52557b2e4e1ef65bf4fc2f72b5f8f754a78a86d3e266bd
6047c33c918d59db473a295012ce74658d40357389f06e8435e6ca5f25661ce5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
641add6c942a307b08d3a46a521f67ceb594e19b72083f9dcd7855cea72dbacd
67ccabef884af212de2cd221206608e0626595d333ed124f38c0033eaa7ac2f6
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6903a34fb38ccc77a65f5fb43b43502a430492a6cb443a23025fcdffbed9b750
690de810b3dabd00d2e1e316a3fe23f5ace6e271c8fdbd21d25913cc8298f296
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6c6479c6ced6e99a04dc6faccbf7b63ce22f12d2a6a08152c9de6cd9bbb1e620
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ec14cc1aa8eeca8944095f8e525db4e8eeaff2daa7ae464646dfc980f3a2468
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6ff10e38820fc13cd9c74933fb4ba85e1ac1683239e0471d1f17c6c3a38a3292
702774843d9b1aa028dffa0aae40cd06342bdef2ef088fa2cd6be5d26fcfffdf
7172d7cff67b2eeea5dad47fcd724e75c0b4bc99198bdfbc64e2d9aa91b68c02
71c3cc31f69568ac57972141b09fcb9e0a85e491739e58e6e87e5b30dcabfcc3
72c402b026159e1c5f8f0903fb4f863b735f71857dbe9230a608d7672bea5bb7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
755fb6edd26e00462f0ffda5414c3514bbf19a5b7790221702660abd5e91cc95
765b69bd873165c3d661be06ea9202b0f16f9296b593bae3f7ec9cc6168557b4
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77425a0c624cac6f784c90b7eddfaccc078aca01744acbc25ea142a43ab2c08d
778f6c203a6a2ea31e4cb3aa28a07e5e4d259a553807f9b2d8149f46e9483079
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
7aec187d1a80ed0e5dd24127d39473d6a06175132fb30b603fb51bd0285f2578
7c7731b06258428e27f94f19b7a9999e7aa67ce4c110504d0c7abc77f03e03d9
7d93bceeaa7f2888762590888df0d3dec16b8e938dd350904f5f517557c078ae
7eca15ed8bf2f10982f2e64283d88c4f04f406f386a579612487b3db7688b838
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
83952115381c2cdde2f36cd1d256ec2e19f3c45c45cb52747b11abc7fcc2eaca
83d2a00c964e7177e010aeb143a26815c783f5be0b14b79fc54b8b30c41570a8
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8651e0c1bf7605670249f0eef475c5b06b5c8502e6514199243c4efa5362f303
87e0273412ab5427fca2cb2bf7a68556a042affa9d08cc519d49f065a3d57fec
89047ce19766d6b949b6fdd214a88910043b8c3bcfb75409398c80355c0a07cb
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8bef23f2733c67f6ad7dddc09e98d1dd22cc1061d9c1abd06005dc395b234639
8cb21551067a437fc8b6217238565a8adf59b59a64bcda6508750c76feedafff
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec200d236508e55b071298e107025d9b969700c45debdae4989801954f45623
8ec73c88ebb92a5d882b16727dd7a35be406d7ddd3b198894bc9a794de3e9bf8
9048ac60cd0315eb19906dda665194e05869840229eac7f252b2ffe27afe29ea
93c403c875b61db82b8c9b794384fe10a137d01346d07ca8f31767a7c164689a
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
96fe9ca0bdf99e0ac4dbccecdf21a0908da690de37f89f6fa0c790d3167aa47c
984b0d4cdb23d851ff0925d0b9b7560ca4aae17b5662171bd0b829b0620ce9ec
98b36d0f871ff10d79dc18923e6029ceeafff1805c244f50a548b40bf22d68e6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f19124ffc37ded3ed8991eacd345c7593476d22e45135d8969101497b456138
9f328676e304fd00e3137bec2128ce6f9cf19244ee7be37a901dfd4772f1d3de
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00fbb9e4fd4c2a09ffb95498bcde2b613b85ff4825d25b1fa4adacbad4926e6
a07d22cd689ebb230b2dc6e1d09e3f5387899fa842ed2a50138b2e7d5855c2de
a1b0b122194485c91aacdd819e8687e299246e28949b99c5c321dbad6aeb3f45
a37b1e9e3d836052d9ecd8a4e2eb35c0b5313d4c9a9245e7abebd94c27c3b866
a3f823f29cf83fbb01422786349185f8ea56c6eafb64421c214507238312aa56
a60402d96673b5af7f44cb1c1946e9af96ab3bdf470558d04a79eeb1d614b508
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a7e2292263fc51c97c3f1c27a5eee48a4c7e5557eccd275d9fcd70fbac0e95c6
a8ec169659348d3c50e83f52b2beaf11840eada799ddfdfbfd48b271f7aaf6cf
aa50d23f071f90a9f5d5666e9a98e71115588186544bee09d3b3bb55b9fa6625
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac21a2bdda6f6d9f817d2f7798357b5d923b88a475dd3ec2d7f25614300b8c22
ae5f58b66956dd716df86b41ce9fea600693e1553d298e756670566fc4e65036
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b281b694ec639957a0f1451cf73308b092ebedd95752289842ebd8496bb11aef
b2df80d186eff42cfb081ee0bc6ec2905077808d678e695d6ba9829f9aa70791
b478f4e1eb5d4799950007124870db82e999f95eacaf44880daad858fbe3bd71
b63a4cb2301f3ecdcdd3d12a5a008ba755cb72047e8483388a22a73ca43dcdee
b76f37462c263693297294981992679b1dac456a0d22f4438e435b2245306c06
ba3cb5b34c7a52719f57db93239125595a513add76579576a64e4449606321a8
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bfbd4734ccb0db8f1110b7a37a4cb2c648cde1a71454dd4121cd882a82024589
c2724b477d4c039551d1f08a034f4af573dec4d89bd52a6a72a16220160106a4
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c40598bf64af9e09b2f17215d6d9b4b15f62b22d44f35f004fd7875dca55a892
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c4b9a84583357b76159da1d03f909c5ca0423f0c815fdf193d9607c8061bc950
c6a5fe2631c931fd394de29d377c21dde3a1de0e6add6b01dd722cb2383f259c
c7c07a526465971702ce227bcdc57855ed80d21d98d1e4d4bb8aa374155f102f
c7e667eb1c245d6516dae4af9782c7c0086486037c7c1314eec086a8c12e7b9a
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca6a545f2d1838c63df01e2524cf81a62c5d0b5ab354961fca9e42f5f676acbf
cc35098d44e047ccd575fc6c6f9b9a4a9fca64151c814da1ffe7086f0d11d51b
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
cd76ef26d69088eca49e4128656af150fb0bb34c00d6c8bd9644366874659db3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa0c8273dbf4696027e0288e929cd536ccf8bfd441fabdaece1201dd820803f
d355dc0bccc68e3eca035be49bc47f8813af00025856ea78b24e05f5405f5db7
d5e2a3df9b4bd40c0ae5756d44b935365f06984de884b83dc812a162b9b092b1
d6c6699a632aac7b20247601a044bcb1151bcf638d9b435ef4c29aac1d911b3f
d6d1bea9920a3618255a4519e243872fad8d7da694dc10de6643657c6ad2762b
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dde1209c0b73601ff2fc5b60e0ab50b23b4dcbc39667218a222f5291bd39b6c8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def188706410d20cdd773895932b9d54a3a8d55b93411f39165629400d5ef13c
df71b390ca8b86d284e2e5f24b13f41f7591fa827c10ebaf4e8cc75dc818d3b6
e0458fd009dd5bcee8601b7501b2ea91f28b52ee871d0f12dde6445ea5bdc57f
e14eeb1168a0bb4bdf3f492c04c15b2840145837ac02e0924ca4f69c9d85bc9e
e27ddabf1110e52de7532d90dff1ee3c907ac5fe0fb62e91fb0e529663b65d2e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4c844ae615e35fff816a007964fed049286ab71d246ab7af3ab2af781d0342a
e51ea2c41218cabb0327ea9908d3dee73fe3cbefc62dc95a7d72655d52592a63
e7284125e6c80cdc9129ab8916fdf6a5d3ae5cd6b6e23774062b8ce3fa716043
e7af5e770521a508db9eb41edbf2ea43722175774727621289813b779c3de3a6
e822051911dd8a23b071e002aff3422e6c2ea8e05823e1965c8197541901a0b7
ea1858ea06acc0048d87a8b645734cfa3ed9a54662bc282d4300b63a0c5811b5
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec62cfc76221123e1ab6ba0fdd1dd6a7b6e1919c152f67ca6e10d039b4b0f492
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20e2b1b67a92e3fcaaa7ab4d4213916f3c656f5e04cd4c5126530a51101dfd
f034a90449140c62feb20d6ee01398224cbf9879eea5bacf4453950e98557fe4
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4e26be6715ef8a5c23e7b8d3cd5f5222fa983cc67299aaa10d2855b4a7cb331
f576f88808b9e2c2db8eb60dd21842ea85a384ae3448bbe1490861449e61b3c5
f5f2afa67ecb1062f8cf97544f21dd5b45631ccf2a586158d02b824b405013c0
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f82dfdfaea0bb707b71f4ac5500b61a91ae9f3850b09f642b3254a9cf44b9389
f82fb7a91781ccc799972e3e565b454c194c1c305e78f2e0ba2e4be7b84ce7bf
fbd4460093e8a61a76de80531eb3854a281985c4119f412b6df54b957f91c9de
fcac895ddbf0ea7b4b8c1e93a111a6a0ab7b789abc18221e096e6ab1cd1d33e1
fcdd8078f60f8833861ca0b9f13aba67773278d96cbd4f459b21cdbac2d6a62f
feeed033dfbd5a9ae01be265feb0e2f5eb6357ac0e881418a69f60754a5c7922

www.cifraclub.com.br Open in urlscan Pro 2a02:26f0:780::5f65:36d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

369 Requests

91 %HTTPS

33 %IPv6

49 Domains

84 Subdomains

63 IPs

13 Countries

4753 kBTransfer

13495 kBSize

59 Cookies

37 Outgoing links

Page URL History

Redirected requests

369 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cifraclub.com.br Open in urlscan Pro
2a02:26f0:780::5f65:36d8 Public Scan

Screenshot
Live screenshot

Full Image

369
Requests

91 %
HTTPS

33 %
IPv6

49
Domains

84
Subdomains

63
IPs

13
Countries

4753 kB
Transfer

13495 kB
Size

59
Cookies

369 HTTP transactions
3 data transactions