urlscan.io logo urlscan.io
SecurityTrails logo

fimdejogo.com.br Open in urlscan Pro
159.65.246.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fimdejogo.com.br/
Effective URL: https://fimdejogo.com.br/
Submission: On October 04 via manual from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 17 domains to perform 190 HTTP transactions. The main IP is 159.65.246.99, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fimdejogo.com.br.
TLS certificate: Issued by R3 on August 12th 2022. Valid for: 3 months.
This is the only time fimdejogo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52 159.65.246.99 14061 (DIGITALOC...)
5 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.127 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
17 2606:2800:234... 15133 (EDGECAST)
3 198.58.120.109 63949 (LINODE-AP...)
1 2600:9000:237... 16509 (AMAZON-02)
1 18.196.212.55 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
6 104.244.42.136 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.180.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 22 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 4 172.217.18.6 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
9 2606:2800:134... 15133 (EDGECAST)
190 30
52    159.65.246.99 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
fimdejogo.com.br
5    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    99.86.4.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-127.fra6.r.cloudfront.net
platform-api.sharethis.com
1    2600:9000:211a:9a00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
12    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    198.58.120.109 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 198-58-120-109.ip.linodeusercontent.com
analytics.hostwp.club
1    2600:9000:237f:ee00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    18.196.212.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-212-55.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google-analytics.com
8    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
13    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
3    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:400d:80d::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
22    2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
ad.doubleclick.net
1    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
9    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
Apex Domain
Subdomains		 Transfer
52 fimdejogo.com.br
fimdejogo.com.br
796 KB
34 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
456 KB
23 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 991
syndication.twitter.com — Cisco Umbrella Rank: 1241
792 KB
22 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
static.doubleclick.net — Cisco Umbrella Rank: 402
ad.doubleclick.net — Cisco Umbrella Rank: 219
2 MB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
249 KB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 90
814 KB
10 twimg.com
abs.twimg.com — Cisco Umbrella Rank: 1910
pbs.twimg.com — Cisco Umbrella Rank: 673
278 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
jnn-pa.googleapis.com — Cisco Umbrella Rank: 336
34 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
16 KB
4 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 6377
ws.sharethis.com — Cisco Umbrella Rank: 13457
buttons-config.sharethis.com — Cisco Umbrella Rank: 7588
l.sharethis.com — Cisco Umbrella Rank: 6253
57 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
132 KB
3 hostwp.club
analytics.hostwp.club
1 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 109
39 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5221
914 B
2 google-analytics.com
google-analytics.com — Cisco Umbrella Rank: 83
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 205
4 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
647 B
190 17
Domain Requested by
52 fimdejogo.com.br 1 redirects fimdejogo.com.br
22 tpc.googlesyndication.com 2 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
17 platform.twitter.com fimdejogo.com.br
platform.twitter.com
syndication.twitter.com
12 pagead2.googlesyndication.com fimdejogo.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
11 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
fimdejogo.com.br
11 www.youtube.com fimdejogo.com.br
www.youtube.com
9 pbs.twimg.com syndication.twitter.com
fimdejogo.com.br
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 static.doubleclick.net www.youtube.com
googleads.g.doubleclick.net
6 syndication.twitter.com platform.twitter.com
fimdejogo.com.br
syndication.twitter.com
5 www.gstatic.com googleads.g.doubleclick.net
5 fonts.googleapis.com fimdejogo.com.br
googleads.g.doubleclick.net
4 ad.doubleclick.net 2 redirects googleads.g.doubleclick.net
4 jnn-pa.googleapis.com www.youtube.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google.com 1 redirects www.youtube.com
tpc.googlesyndication.com
3 analytics.hostwp.club fimdejogo.com.br
analytics.hostwp.club
2 i.ytimg.com www.youtube.com
fimdejogo.com.br
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 abs.twimg.com platform.twitter.com
1 yt3.ggpht.com www.youtube.com
1 stats.g.doubleclick.net google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google-analytics.com google-analytics.com
1 google-analytics.com fimdejogo.com.br
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 ws.sharethis.com fimdejogo.com.br
1 platform-api.sharethis.com fimdejogo.com.br
190 30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
dcpress.com.br
Subject Issuer Validity Valid
fimdejogo.com.br
R3		 2022-08-12 -
2022-11-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
analytics.hostwp.club
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://fimdejogo.com.br/
Frame ID: 013BB762E8F4C4E7F060FE0BBC29458E
Requests: 90 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Ffimdejogo.com.br
Frame ID: C1E6D6B28DACD73AD64523D92987CC0C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 364BEA7D794BD6B5BA748BED5B7B4F31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&adk=1812271804&adf=3025194257&lmt=1664850381&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffimdejogo.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542532&bpp=32&bdt=904&idt=233&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4103322792241&frm=20&pv=2&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: EEED4D5A43227398B8D8F47771A281F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Frame ID: A0C7A65561D4B322BB186F4EE5048893
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Frame ID: E14E53FE52EDCFA853DF2B1D4161C947
Requests: 19 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Frame ID: 10561EFA26D8E7255E0F3720BED7D482
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6A3D83D299AB5115940B66BC13FD8711
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: B78304B2118C0B5488E76C2636A2301D
Requests: 16 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 38952F61AA072BAA4FBEB4CDD26F596C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: 8174E1846F77528CF57FF98B18B1AE07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: F1DB4C55B5C38595BCEEEA684AA29568
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 64AB7F19DE26727A0BC89D32DC20A5D1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: A9E4ED47053B9C39BB57613CD8117E4F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A02EA53A6B75CA69F84F2284659FE216
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9C91499EF8D63C39E815BC24328CA81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Um olhar diferente do esporte - Fim de Jogo

Page URL History Show full URLs

  1. http://fimdejogo.com.br/ HTTP 301
    https://fimdejogo.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

190
Requests

97 %
HTTPS

76 %
IPv6

17
Domains

30
Subdomains

30
IPs

4
Countries

5449 kB
Transfer

13254 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fimdejogo.com.br/ HTTP 301
    https://fimdejogo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 121
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPzl7rekxvoCFZpt4AodaWwCVw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 130
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA HTTP 301
  • https://tpc.googlesyndication.com/simgad/11451250718949484972
Request Chain 145
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPPG97ekxvoCFYOW_QcdQ60LgQ;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 155
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA HTTP 301
  • https://tpc.googlesyndication.com/simgad/11451250718949484972
Request Chain 189
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

190 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fimdejogo.com.br/
Redirect Chain
  • http://fimdejogo.com.br/
  • https://fimdejogo.com.br/
114 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
08d230c0640540b8229d0b40c39b9beb51b9c2ad0f6b06297b6b7d0738679589
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0
content-encoding
gzip
content-length
16375
content-type
text/html; charset=UTF-8
date
Tue, 04 Oct 2022 09:42:21 GMT
expires
Tue, 04 Oct 2022 09:42:21 GMT
last-modified
Tue, 04 Oct 2022 02:26:21 GMT
server
nginx-rc
strict-transport-security
max-age=31536000
vary
X-Forwarded-Proto,Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
174
Content-Type
text/html
Date
Tue, 04 Oct 2022 09:42:21 GMT
Location
https://fimdejogo.com.br/
Server
nginx-rc
style.min.css
fimdejogo.com.br/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 18:48:55 GMT
server
nginx-rc
content-encoding
br
etag
W/"62cdc217-15b64"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
content_elements.crush.css
fimdejogo.com.br/wp-content/plugins/bold-page-builder/css/front_end/ 		1 MB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.4.6
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
61afb507626db75f00539770b0946c4541f9b51a84a8f6deeabeabf0c3fa74ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 13:17:29 GMT
server
nginx-rc
content-encoding
br
etag
W/"63344969-1484c9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
slick.css
fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/ 		2 KB
772 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.4.6
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 13:17:29 GMT
server
nginx-rc
content-encoding
br
etag
W/"63344969-6f0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
style.min.css
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 		31 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/style.min.css?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
37106cb7f5b3d70297ca032b38d4645d828500a3f86c181a9f9992bc9be07162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:14 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199261a-7d2d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
styles.css
fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 01 Sep 2022 20:02:48 GMT
server
nginx-rc
content-encoding
br
etag
W/"63110fe8-aab"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
bootstrap.min.css
fimdejogo.com.br/wp-content/themes/islemag/css/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/css/bootstrap.min.css?ver=3.3.5
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-1deb0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
style.css
fimdejogo.com.br/wp-content/themes/islemag/ 		110 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/style.css?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
8f1b4f982ba63c394201dc76f4cb9de87d22bf21973c17595b6b1f140c7a1f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-1b6b6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
font-awesome.min.css
fimdejogo.com.br/wp-content/themes/islemag/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-718b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
902a7acbcdf91deb590692441db81c0a40f2cf897183cfb70623360d11dc79e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 09:42:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 09:42:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 09:42:21 GMT
tmm_style.css
fimdejogo.com.br/wp-content/plugins/team-members/inc/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/team-members/inc/css/tmm_style.css?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 09 May 2022 23:06:10 GMT
server
nginx-rc
content-encoding
br
etag
W/"62799e62-17a9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
jquery.min.js
fimdejogo.com.br/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-15db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
jquery-migrate.min.js
fimdejogo.com.br/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-2bd8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
slick.min.js
fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.4.6
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 13:17:29 GMT
server
nginx-rc
content-encoding
br
etag
W/"63344969-a76f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
jquery.magnific-popup.min.js
fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.4.6
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 13:17:29 GMT
server
nginx-rc
content-encoding
br
etag
W/"63344969-4ef8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
content_elements.js
fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.4.6
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
fb5673d80996d1f585ca18281051ccbdbd62d436d24dba1c62e37244ffa8f950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 13:17:29 GMT
server
nginx-rc
content-encoding
br
etag
W/"63344969-7777"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
jquery.dd.js
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 		52 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/jquery.dd.js?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
2c92c34625d4600a4de6afaadd1de8d30b91082e0d54425dcfe61970515e65e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:14 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199261a-cf7c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
cc.main.js
fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/bt_cost_calculator/cc.main.js?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
20b7f01651c2024da3d22705dcf5400577e0d161d12652d6ffa4738e9217f59f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:14 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199261a-6c4c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
sharethis.js
platform-api.sharethis.com/js/ 		192 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-127.fra6.r.cloudfront.net
Software
/
Resource Hash
700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:36:32 GMT
content-encoding
gzip
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
349
etag
W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
HDZpQ7eucmc3ck8F9M-RSIhU2aj72DT15eN8vKLUez-Q6UqcC-Rabw==
st_insights.js
ws.sharethis.com/button/ 		49 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=eba0f3ba-f9ab-408c-bc68-c28af5afe749&product=feather&ver=1647886266
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:9a00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6eab47c17572a089ad9ceb4c9694a99d7f3ffccd5d1c778438016b1eccdc8f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 16:55:33 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
VIE50-C2
age
60408
x-cache
Hit from cloudfront
content-length
12778
server
nginx/1.20.1
etag
W/"62bdf23a-c590"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
qH6m-7keMnOBQjVIhhYP9u4nctnJ5kGfmKFjYGBuW522Y9g4J9qUOw==
expires
Thu, 06 Oct 2022 16:55:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4e2375e1795c3bccfe2eae36c6f9086850e46c94ca0c0700b4606189bfffeac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54744
x-xss-protection
0
server
cafe
etag
11908676852155855315
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 09:42:22 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C0) /
Resource Hash
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:22 GMT
Content-Encoding
gzip
Age
1360
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29223
Last-Modified
Wed, 28 Sep 2022 20:05:37 GMT
Server
ECS (frb/67C0)
Etag
"f26384f93da6974ed577808dfa1fede5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
script.js
analytics.hostwp.club/js/ 		746 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.hostwp.club/js/script.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
198-58-120-109.ip.linodeusercontent.com
Software
nginx-rc /
Resource Hash
b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 08 Jan 2022 12:52:24 GMT
server
nginx-rc
content-encoding
br
etag
W/"61d98908-2ea"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:23 GMT
mediaelementplayer-legacy.min.css
fimdejogo.com.br/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-2bf8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
wp-mediaelement.min.css
fimdejogo.com.br/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-105a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
islemag-wigdet.js
fimdejogo.com.br/wp-content/themes/islemag/js/ 		2 KB
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/js/islemag-wigdet.js?ver=1.0.0
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
d940cacfc0e42a2a8042b5127fdff6410119e4b9edf2450ecc993614dfafee9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-61d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
index.js
fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/swv/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 01 Sep 2022 20:02:48 GMT
server
nginx-rc
content-encoding
br
etag
W/"63110fe8-25d0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
index.js
fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 01 Sep 2022 20:02:48 GMT
server
nginx-rc
content-encoding
br
etag
W/"63110fe8-2fb3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
script.index.js
fimdejogo.com.br/wp-content/themes/islemag/js/ 		2 KB
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/js/script.index.js?ver=1.0.0
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
6f33d75dffd628cdf7ac8e2505ea514d22e6394078d5ec5d16d935ba0995107d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-72e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
script.all.js
fimdejogo.com.br/wp-content/themes/islemag/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/js/script.all.js?ver=1.0.1
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
a8545e41a271b2c693fac9a459bc37c068eae50d717b3f4faa67b1023b9d538a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-1a5c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
owl.carousel.min.js
fimdejogo.com.br/wp-content/themes/islemag/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/js/owl.carousel.min.js?ver=2.0.0
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-a76c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
smush-lazy-load.min.js
fimdejogo.com.br/wp-content/plugins/wp-smushit/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.11.1
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 25 Aug 2022 20:32:36 GMT
server
nginx-rc
content-encoding
br
etag
W/"6307dc64-1eee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
mediaelement-and-player.min.js
fimdejogo.com.br/wp-includes/js/mediaelement/ 		154 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-267aa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
mediaelement-migrate.min.js
fimdejogo.com.br/wp-includes/js/mediaelement/ 		1 KB
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 12 Jul 2022 18:48:55 GMT
server
nginx-rc
content-encoding
br
etag
W/"62cdc217-4a7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
wp-mediaelement.min.js
fimdejogo.com.br/wp-includes/js/mediaelement/ 		906 B
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.0.2
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-38a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
vimeo.min.js
fimdejogo.com.br/wp-includes/js/mediaelement/renderers/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-1940"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:21 GMT
5b898832f365de0011fdf3f2.js
buttons-config.sharethis.com/js/ 		30 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5b898832f365de0011fdf3f2.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237f:ee00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
via
1.1 e84a6c755668cfbaee2f9aecc0d7ec36.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Aug 2018 18:25:55 GMT
server
AmazonS3
x-amz-cf-pop
MAD56-P2
etag
"e6e1643313740711175f51662a65b42f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
cache-control
max-age=60,public
accept-ranges
bytes
content-length
30
x-amz-cf-id
blxSPfR0d--etXgQFgs_cPynqD-ZbBaZxJ3EzvBWFHZDBQiUVoUJQw==
pview
l.sharethis.com/ 		0
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=fimdejogo.com.br&location=%2F&product=ga&url=https%3A%2F%2Ffimdejogo.com.br%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20-%20Um%20olhar%20diferente%20do%20esporte%20-%20Fim%20de%20Jogo&cms=unknown&publisher=5b898832f365de0011fdf3f2&sop=true&version=st_sop.js&lang=en&description=Um%20olhar%20diferente%20do%20esporte%2C%20com%20a%20vis%C3%A3o%20focada%20na%20prefer%C3%AAncia%20do%20torcedor%2C%20do%20que%20ele%20precisa%20e%20tem%20curiosidade%20de%20entender.%20Al%C3%A9m%20da%20cobertura%20no%20Maracan%C3%A3%2C%20Nilton%20Santos%2C%20S%C3%A3o%20Janu%C3%A1rio%2C%20Volta%20Redonda%2C%20Ilha%2C%20cobertura%20em%20outros%20esportes%2C%20como%20basquete%2C%20t%C3%AAnis%2C%20volei.
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-212-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:22 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://fimdejogo.com.br
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
analytics.js
google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google-analytics.com/analytics.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Oct 2022 09:08:42 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2020
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 04 Oct 2022 11:08:42 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
hero_home_02.jpg
fimdejogo.com.br/wp-content/uploads/2017/12/ 		100 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2017/12/hero_home_02.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
99a62f93024e0662926aa4c55cab9e5da3a0578900bd69a4581a33ea53cb01d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:39 GMT
server
nginx-rc
content-encoding
br
etag
W/"61992633-18fe1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
WhatsApp-Image-2018-08-28-at-20.08.05.jpeg
fimdejogo.com.br/wp-content/uploads/2018/08/ 		36 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2018/08/WhatsApp-Image-2018-08-28-at-20.08.05.jpeg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
4875df18359ae0da0d35b4c10f82c07e15932414913a04c7509ee742236564eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:44 GMT
server
nginx-rc
content-encoding
br
etag
W/"61992638-905d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
fontawesome-webfont.woff2
fimdejogo.com.br/wp-content/themes/islemag/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fimdejogo.com.br/wp-content/themes/islemag/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fimdejogo.com.br/wp-content/themes/islemag/css/font-awesome.min.css?ver=4.4.0
Origin
https://fimdejogo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 20 Nov 2021 16:45:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"6199262e-118d8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fimdejogo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
53508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 18:50:34 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fimdejogo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 23:33:46 GMT
x-content-type-options
nosniff
age
36516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 23:33:46 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fimdejogo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
578053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 17:08:09 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C700%7CRaleway%3A400%2C500%2C600%2C700%7COpen+Sans%3A400%2C700%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fimdejogo.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 18:52:12 GMT
x-content-type-options
nosniff
age
53410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 18:52:12 GMT
facebook.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 		584 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/facebook.png
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 18:11:06 GMT
server
nginx-rc
content-encoding
br
etag
W/"6238bfba-248"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
twitter.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/twitter.png
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 18:11:06 GMT
server
nginx-rc
content-encoding
br
etag
W/"6238bfba-6e2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
youtube.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/youtube.png
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
4ae9ddae3a7d2fcaa1dad375bdda6496f34adea77e4646118e090a80ba752856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 18:11:06 GMT
server
nginx-rc
content-encoding
br
etag
W/"6238bfba-96c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
instagram.png
fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/plugins/social-media-feather/synved-social/image/social/regular/64x64/instagram.png
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
db8c71654a10f884bff18344cc548c8302dbb9c4b64d4d7bcf308a6200d2e7f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 21 Mar 2022 18:11:06 GMT
server
nginx-rc
content-encoding
br
etag
W/"6238bfba-42c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
football-pitch-g098935a33_1920-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/09/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/09/football-pitch-g098935a33_1920-110x110.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
2500073d4ae47cc98f62b43b6a0ec903dbc4f7740e9df3b81fe23680845dd387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2022 02:40:56 GMT
server
nginx-rc
content-encoding
br
etag
W/"6333b438-10d2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
IMG-20220922-WA0032-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/09/IMG-20220922-WA0032-110x110.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
61978c7c95c03508d35f13365ac6c3bb2794292a657ba0b304fa8664218ea594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 23 Sep 2022 00:27:02 GMT
server
nginx-rc
content-encoding
br
etag
W/"632cfd56-181c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
tite-110x110.jpeg
fimdejogo.com.br/wp-content/uploads/2022/05/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/05/tite-110x110.jpeg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
3f5e14b435283f34af05b9ccc80899c3b1c4c37946c81adb6d310a53f85c16d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 11 May 2022 18:53:15 GMT
server
nginx-rc
content-encoding
br
etag
W/"627c061b-dfa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
vasco-124-anos-logo-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/08/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/08/vasco-124-anos-logo-110x110.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
6999c2e71aafd32085cb06ceb7676930a3d2c4d5d52a89effd00ed2c0e4db135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 21 Aug 2022 18:44:37 GMT
server
nginx-rc
content-encoding
br
etag
W/"63027d15-cee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
gratuidade-maracana-2-110x110.jpg
fimdejogo.com.br/wp-content/uploads/2022/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/07/gratuidade-maracana-2-110x110.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
11c3e0c76661b34d52501fd185462021a2e23930f7d28e6e6ed01c5db621cc06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 25 Jul 2022 13:39:57 GMT
server
nginx-rc
content-encoding
br
etag
W/"62de9d2d-10ce"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
futebol-de-botao-2-110x110.jpeg
fimdejogo.com.br/wp-content/uploads/2022/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/07/futebol-de-botao-2-110x110.jpeg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
2ecfe78609868ea258c783eb86e662144c122cd482340f4ec814af56f927e204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 25 Jul 2022 00:21:34 GMT
server
nginx-rc
content-encoding
br
etag
W/"62dde20e-1476"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
widget_iframe.7dae38096d06923d683a2a807172322a.html
platform.twitter.com/widgets/ Frame C1E6 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Ffimdejogo.com.br
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
387464
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Tue, 04 Oct 2022 09:42:22 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 28 Sep 2022 20:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6776)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
IMG-20221003-WA0022-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/10/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/10/IMG-20221003-WA0022-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
43ab626267f7582eb2c5536cd5c13daa407a303e95e6ae103889db7d6e0bb0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 04 Oct 2022 00:02:42 GMT
server
nginx-rc
content-encoding
br
etag
W/"633b7822-98cd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
MarceloCarvalho_CBF_Seminario-Racismo-1536x1024-1-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/10/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/10/MarceloCarvalho_CBF_Seminario-Racismo-1536x1024-1-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
da4f26979613d141637938695cb6e187bf30720978161361891e4ea08df74c3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 03 Oct 2022 17:50:43 GMT
server
nginx-rc
content-encoding
br
etag
W/"633b20f3-65c8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
20221001_fluxbra_cpupo_15026-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/10/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/10/20221001_fluxbra_cpupo_15026-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
eefe6e583bb35f19f375ac346e26bdddd475e88432a534d96f791bc20a99a390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 02 Oct 2022 00:11:16 GMT
server
nginx-rc
content-encoding
br
etag
W/"6338d724-7a9a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
WhatsApp-Image-2022-09-30-at-01.03.34-1-420x420.jpeg
fimdejogo.com.br/wp-content/uploads/2022/09/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-30-at-01.03.34-1-420x420.jpeg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
d2f8a45bfc8e17e310b9493bb568df4b36aadabe67850dbc3f11cefc90a44f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 30 Sep 2022 04:05:57 GMT
server
nginx-rc
content-encoding
br
etag
W/"63366b25-ccad"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
IMG-20220914-WA0050-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/09/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/09/IMG-20220914-WA0050-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
64b9b9e661bd2533118e2e02beda84bd1597a53b78db053d9ee02e65913c2b37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 01:40:49 GMT
server
nginx-rc
content-encoding
br
etag
W/"632282a1-be42"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
20220917_botxcor_cpupo_1926-409717-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/09/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/09/20220917_botxcor_cpupo_1926-409717-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
8b69cb9d77095a155dbec372193700808a2a16e6aaa7771ede7be5af8152048c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 17 Sep 2022 23:55:17 GMT
server
nginx-rc
content-encoding
br
etag
W/"63265e65-10d7d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
20221003_botxpal_cpupo_15268-e1664850128611-420x420.jpg
fimdejogo.com.br/wp-content/uploads/2022/10/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-content/uploads/2022/10/20221003_botxpal_cpupo_15268-e1664850128611-420x420.jpg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
b1be02fa6eda19713c914fc7aba9c4f6c4fd05fae69c05f02fb83b6a9c122472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 04 Oct 2022 02:22:09 GMT
server
nginx-rc
content-encoding
br
etag
W/"633b98d1-854b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
player_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
14033d31fcb3a4846ce5dcffacb72f2683dd15c0d756664ba11850b0f4836087
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 04 Oct 2022 09:42:22 GMT
mejs-controls.svg
fimdejogo.com.br/wp-includes/js/mediaelement/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fimdejogo.com.br/wp-includes/js/mediaelement/mejs-controls.svg
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.65.246.99 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04 Apr 2022 20:01:11 GMT
server
nginx-rc
content-encoding
br
etag
W/"624b4e87-11f6"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
max-age=2592000
x-xss-protection
1; mode=block
expires
Thu, 03 Nov 2022 09:42:22 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ 		349 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
772e052ef54499e8fc29c4114781b2a14316e07fba9960d3eeb73b7c0f6f81bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117163
x-xss-protection
0
server
cafe
etag
17381241383199039144
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 09:42:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 364B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2596403114691989
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46709
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 20:43:53 GMT
etag
9671129459699598864
expires
Mon, 17 Oct 2022 20:43:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
watch
www.youtube.com/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/watch?v=89MX4_iCCv8&_=1
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fimdejogo.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Range
bytes=0-

Response headers
settings
syndication.twitter.com/ Frame C1E6 		851 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.7dae38096d06923d683a2a807172322a.html?origin=https%3A%2F%2Ffimdejogo.com.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
113
date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 09:42:22 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
3676057b182560e0
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
content-length
355
collect
www.google-analytics.com/j/ 		4 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=903664895&t=pageview&_s=1&dl=https%3A%2F%2Ffimdejogo.com.br%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Um%20olhar%20diferente%20do%20esporte%20-%20Fim%20de%20Jogo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1524154569&gjid=815272639&cid=1163534657.1664876543&tid=UA-123684775-1&_gid=257715684.1664876543&_r=1&_slc=1&z=349599804
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fimdejogo.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fimdejogo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/374003a5/www-widgetapi.vflset/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deba48eda09297e99d5d687cbd1243855c92ee09312fed2f1fcdade98c405afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:33:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52508
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 04 Oct 2023 09:33:38 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fimdejogo.com.br&callback=_gfp_s_&client=ca-pub-2596403114691989
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
cafe /
Resource Hash
4b080b194f0bdae5964a43d2783ad02590e0cdb4fbdd0bdcad1907b1bbd99c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fimdejogo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fimdejogo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EEED 		268 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&adk=1812271804&adf=3025194257&lmt=1664850381&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffimdejogo.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542532&bpp=32&bdt=904&idt=233&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4103322792241&frm=20&pv=2&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f18b07444d4d8507fd05432b3926f7d9b64a0ca7f4ee5764843055ea5ea148c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
66937
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:42:23 GMT
expires
Tue, 04 Oct 2022 09:42:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A0C7 		100 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf25d00c3d9f2142d737c691b88e6cb6b301bd6ebceac2621bb5279fa636793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32426
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:42:23 GMT
expires
Tue, 04 Oct 2022 09:42:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123684775-1&cid=1163534657.1664876543&jid=1524154569&gjid=815272639&_gid=257715684.1664876543&_u=IEBAAEAAAAAAACAAI~&z=1111465552
Requested by
Host: google-analytics.com
URL: https://google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fimdejogo.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 04 Oct 2022 09:42:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fimdejogo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
89MX4_iCCv8
www.youtube.com/embed/ Frame E14E 		69 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a10597598a97a480f060f21d85c8a9f790d48e1b0d7b5783375bd785e0714fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Tue, 04 Oct 2022 09:42:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_timeline.a7991bb824d62c8d5038ddd875db8389.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
f6cd4ac8d4ffaa5a4fd82befb072cca2943bb6e27a832cf68713cfce32c38f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:22 GMT
Content-Encoding
gzip
Age
387464
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2955
Last-Modified
Wed, 28 Sep 2022 20:04:20 GMT
Server
ECS (frb/669F)
Etag
"c908b448c0ca2496f191efa1401a04ff+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embeds
syndication.twitter.com/i/jot/ 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664876542908%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
105
date
Tue, 04 Oct 2022 09:42:22 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 09:42:22 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
fb4cb96d27023689
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
content-length
43
fimdejogo
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 1056 		66 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a27d26cae7fb6ad28b0783b7d064bef7f7e8c2daa3b68e570935a4f795992270
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, max-age=60
content-encoding
gzip
content-length
6952
content-type
text/html; charset=utf-8
date
Tue, 04 Oct 2022 09:42:23 GMT
etag
"108bb-dofnVyPznqVulqhD6DAAR1pYjOo"
perf
7626143928
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
x-response-time
346
x-transaction-id
ce8c8dac089ed0da
x-xss-protection
0
www-player.css
www.youtube.com/s/player/374003a5/ Frame E14E 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0adc8eb4f4bcef06a8e9d968a6d652d832ec62e69e0db6bce40e6cf00808875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
68056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50019
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:07 GMT
www-embed-player.js
www.youtube.com/s/player/374003a5/www-embed-player.vflset/ Frame E14E 		305 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b6713f138592896292e35df2220679d37d590a1eb06c5e94c9af31186ff15d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
68056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97205
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:07 GMT
base.js
www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/ Frame E14E 		2 MB
579 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97bdf3ac2617aa977b5529e4d2b732434aedc66818990f2f41a194e4ee69d24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
68037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592738
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:26 GMT
fetch-polyfill.js
www.youtube.com/s/player/374003a5/fetch-polyfill.vflset/ Frame E14E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
68056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E14E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:18:05 GMT
x-content-type-options
nosniff
age
599058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E14E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 18:59:48 GMT
x-content-type-options
nosniff
age
571355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 27 Sep 2023 18:59:48 GMT
id
googleads.g.doubleclick.net/pagead/ Frame E14E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dbb2595b787d8ef83a4fbcac373dadf02b45515e07062a37ef8825b4be5d437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E14E 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:39:26 GMT
x-content-type-options
nosniff
age
177
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Oct 2022 09:54:26 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 04 Oct 2022 09:42:23 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E14E 		66 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
351e0995df847fa63495626f95b025716b505ba55684bc9d160cd7dba3162a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30874
x-xss-protection
0
qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
www.google.com/js/th/ Frame E14E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/qs_eGd-h9f3_frMeplByuCjrJjGTr5iyl3j-JE2Mo0s.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aacfde19dfa1f5fdff7eb31ea65072b828eb263193af98b29778fe244d8ca34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 16:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
62134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14350
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 17:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 16:26:49 GMT
embed.js
www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/ Frame E14E 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50edb2f1b0e2b737b3ccf33b4940039cf7833d59bd372537c5231357bf437dd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 14:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
68036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8123
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 00:23:06 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 03 Oct 2023 14:48:27 GMT
truncated
/ Frame E14E 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu9SRZ4QvM0DLMYwOb1PIrFVup_FhzyxA5r2DSyVhA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E14E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu9SRZ4QvM0DLMYwOb1PIrFVup_FhzyxA5r2DSyVhA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
333147ef6f75a758f699800d4970402c617a3c0d1214cd528f9720f7b76339d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 08:38:46 GMT
x-content-type-options
nosniff
age
3817
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3295
x-xss-protection
0
server
fife
etag
"v105"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 30 Sep 2022 19:46:42 GMT
default.webp
i.ytimg.com/vi_webp/89MX4_iCCv8/ Frame E14E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/89MX4_iCCv8/default.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2b86329c11a3cbb424b523736f2920809d844552349fae4e56684108188c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
sffe
etag
"1661253923"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1940
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 04 Oct 2022 11:42:23 GMT
event
analytics.hostwp.club/api/ 		3 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.hostwp.club/api/event
Requested by
Host: analytics.hostwp.club
URL: https://analytics.hostwp.club/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
198-58-120-109.ip.linodeusercontent.com
Software
nginx-rc /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fimdejogo.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json, text/javascript; charset=UTF-8

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx-rc
vary
Accept-Encoding, Origin
x-ratelimit-remaining
59
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://fimdejogo.com.br
cache-control
private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-limit
60
x-frame-options
SAMEORIGIN
expires
-1
event
analytics.hostwp.club/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.hostwp.club/api/event
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.58.120.109 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
198-58-120-109.ip.linodeusercontent.com
Software
nginx-rc /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://fimdejogo.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://fimdejogo.com.br
access-control-max-age
0
cache-control
no-cache, private
date
Tue, 04 Oct 2022 09:42:23 GMT
server
nginx-rc
strict-transport-security
max-age=31536000
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
runtime-eb61dff4a84b8f906e6b.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
3a150c237161cd43b61b31a2b1c10071a92d635e420f890ced97a3dedfc5cebc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
2101
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6738)
Etag
"9e24908c04f34a86015898eca0fccd4a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
modules.c7def0268c66f6a548ed.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		286 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
95749
Last-Modified
Wed, 28 Sep 2022 17:24:15 GMT
Server
ECS (frb/67BC)
Etag
"51acddf0dbfab928b183f36c1ee67619+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
main-e9db78f5e7b3d83edd5e.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		90 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/673A)
Age
387465
Etag
"8e33207e7b788da9abde5b6d33da0b00"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
x-tw-cdn
VZ
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges
bytes
Content-Length
90
_app-446fb4a338b215deec8c.js
platform.twitter.com/_next/static/chunks/pages/ Frame 1056 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=3
Content-Length
668
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6762)
Etag
"be3e428d416daa9027cecf70b5f26bf9+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
%5BscreenName%5D-c8b4c96951cf24f547b4.js
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 1056 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
b2bb7d781fe71f7f9496ed8a4f377a6a88b635233ea17c10457218c9992db8b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
1285
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6738)
Etag
"1efc61e416c7f4f293501e877fbec836+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_buildManifest.js
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/ Frame 1056 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_buildManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
414
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/673A)
Etag
"12a5a08767706f15b6b316996cd057c1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
_ssgManifest.js
platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/ Frame 1056 		76 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/d2V1PoRy5_I_iOYSDbAAL/_ssgManifest.js
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/673A) /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/673A)
Age
387465
Etag
"abee47769bf307639ace4945f9cfd4ff"
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
x-tw-cdn
VZ
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges
bytes
Content-Length
76
generate_204
www.youtube.com/ Frame E14E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?1s9JGg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame A0C7 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:23:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 09:42:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame A0C7 		2 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:32:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame A0C7 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:31:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:31:41 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame A0C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:23:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame A0C7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:38:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:38:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0C7 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Oct 2022 09:42:23 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame A0C7 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 11:54:12 GMT
B26587312.345371259;dc_pre=CPzl7rekxvoCFZpt4AodaWwCVw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame A0C7
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPzl7rekxvoCFZpt4AodaWwCVw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rd...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPzl7rekxvoCFZpt4AodaWwCVw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPzl7rekxvoCFZpt4AodaWwCVw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=4104187178;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A0C7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cv__l_v87Y8_1Ns6oygX67IOQC5iY0N1s5u27h54QyYvmls4BEAEg0ovxCGCVgoCAtAegAfid-OIDyAEJqQLxPJwC5HywPqgDAcgDywSqBNMBT9Cdtlqr66gU7350S1Ie0k4QC74vT5JhUSa5dGIGba2oaT3dRTVqk6vWnRqxJAV_FW9PhKRGFt9QZzo-1o-wIGUscH1IcL8KQIIM_EkIk0VK4evDJFgyFlY8F9x6KIooS3XKS4qaNB_botPteBLoCvcb_ACLnxE1cyOe_1WxGf_tFwbWVmYsmaVzXs2-3HxUFGkUpOlJgW3zrsZKxyiCabLKB6lGQo4vBDj0fKxaESw-8_0OOVW2ynA0gF8cw5-h4xJ-pCwDnt00ZtYuOsXRsSa998AE_O3_wYUEkgUECAQYAZIFBAgFGASgBi6AB7XtqdYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEIqWD9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI1OTY0MDMxMTQ2OTE5ODkYAA&sigh=lvwYjkJGzD4&uach_m=[UACH]&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 04 Oct 2022 09:42:23 GMT
2.691622e4391d1973cb65.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
7674
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/669E)
Etag
"942b5b928a24465d1906b4716131d896+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
30.f375913a60f437b765ef.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/30.f375913a60f437b765ef.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
628811a006aaa0742f7f3c76af7f98e124d233bf107bd8e14af089e641be676e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387459
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
12643
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/668B)
Etag
"096067ac98ed511974024333b8997767+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/reactive_library_fy2021.js?bust=31070010
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a35580a1a49a6cf14256a45a0e6244e0e276602559ec1d1bf77fd1989a3012ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55039
x-xss-protection
0
server
cafe
etag
14704212932067036824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Oct 2022 09:42:23 GMT
3336867600807524417_15852033481640660483.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame A0C7 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/387628009/3336867600807524417_15852033481640660483.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 02:34:19 GMT
x-content-type-options
nosniff
age
457684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250208
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 23:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 02:34:19 GMT
3419829492936280953_17951798738465580776.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame A0C7 		450 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/387628009/3419829492936280953_17951798738465580776.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b3f92940571e4d961b835708baa5f89f563e3c822f98f9baf18693be34efd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 06:24:46 GMT
x-content-type-options
nosniff
age
98257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
461140
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 23:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 06:24:46 GMT
14865024107087657153
tpc.googlesyndication.com/daca_images/simgad/ Frame A0C7 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14865024107087657153
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e236ae5a5773e2cb58d4f57dea675b60cfbd1324f768a42002fbc21d63aca56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 11:08:22 GMT
x-content-type-options
nosniff
age
340441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26255
x-xss-protection
0
last-modified
Mon, 26 Jun 2017 02:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Sep 2023 11:08:22 GMT
1741125302048012201_9718791981106053467.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame A0C7 		258 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/387628009/1741125302048012201_9718791981106053467.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f741fb0da7588476eb9e414a229c4324e87514ecb86ca566e5b41d5c3508c9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:27:25 GMT
x-content-type-options
nosniff
age
440098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
263704
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 23:22:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 07:27:25 GMT
11451250718949484972
tpc.googlesyndication.com/simgad/ Frame A0C7
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA
  • https://tpc.googlesyndication.com/simgad/11451250718949484972
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11451250718949484972
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:32:07 GMT
x-content-type-options
nosniff
age
439816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15583
x-xss-protection
0
last-modified
Thu, 02 Jul 2020 21:33:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Sep 2023 07:32:07 GMT

Redirect headers

date
Tue, 04 Oct 2022 05:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
14690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11451250718949484972
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Nov 2022 05:37:33 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/89MX4_iCCv8/ Frame E14E 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/89MX4_iCCv8/maxresdefault.webp
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba91081a36207fd4963933ca1743e7cc6e528e5885f77d537dbaefad9c65d881
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
sffe
etag
"1661253923"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37698
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 04 Oct 2022 11:42:23 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fimdejogo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fimdejogo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame 6A3D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 20:44:20 GMT
etag
9671129459699598864
expires
Mon, 17 Oct 2022 20:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame B783 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 20:44:20 GMT
etag
9671129459699598864
expires
Mon, 17 Oct 2022 20:44:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.8f205dbb7b06b224e307.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		595 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
186671
Last-Modified
Wed, 28 Sep 2022 17:24:16 GMT
Server
ECS (frb/6763)
Etag
"11f6449263029b9f59f18afa52cc99ed+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
1.d976cf0cb2521083131e.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		1 MB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
b7cc0f4e39d9f408a49d78af9ef8423e920134f0c2aafff5751360b47bd3239d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
301526
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6793)
Etag
"68700f8862593047761c23e5253a8686+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
4.7497632a393acfc2ab3b.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/4.7497632a393acfc2ab3b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6725) /
Resource Hash
0b9d3448ec83e0f84524c9a752196a82394ebeafed3ec4660e6948cfc0405d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:23 GMT
Content-Encoding
gzip
Age
387465
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
1275
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6725)
Etag
"95839d52c44b54ae87cc3a8c070a7da4+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
css2
fonts.googleapis.com/ Frame 6A3D 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:21:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 09:42:23 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A3D 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:00:34 GMT
x-content-type-options
nosniff
age
2509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Oct 2023 09:00:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6A3D 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:28:03 GMT
x-content-type-options
nosniff
age
860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 04 Oct 2023 09:28:03 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 6A3D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8224
x-xss-protection
0
server
cafe
etag
17584738254627026664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:25:31 GMT
css
fonts.googleapis.com/ Frame B783 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:21:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 09:42:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B783 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:32:21 GMT
B26587312.345371259;dc_pre=CPPG97ekxvoCFYOW_QcdQ60LgQ;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame B783
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPPG97ekxvoCFYOW_QcdQ60LgQ;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rd...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPPG97ekxvoCFYOW_QcdQ60LgQ;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CPPG97ekxvoCFYOW_QcdQ60LgQ;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3616509629;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B783 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJs_V_v87Y6uaNtqR9u8P6qK4iAOYmNDdbObtu4eeEMmL5pbOARABINKL8QhglYKAgLQHoAH4nfjiA8gBCakCphoyNTaAsD6oAwHIA8sEqgTZAU_QbxR9r5Q3gwRhuKGLV1iZ2NR7TOPaC0pwGWePDM5pDjQ1KhzKTZWsWcARADKOA5wcugGuyxM7b1TP6AurMvrR3xMRP78icIQQ8p1v9CN6LEXPuFP2WKYPzKfokhVnv4Xw0xRXLF0IDrQ7uf6LHMO5rW4eCKPb-tSaCANOLppNIDltD2-NcjrHZk3oNItmbwxXiEDr9B_okOaCVZ5NDhPCYjW6oH6UsxVv3BHoYCi3u5UnI7jvGUaDRUIvI4CZofQ3hM-ouMmFhkiKXY9jldvMqcAuG_IT8oTABPzt_8GFBJIFBAgEGAGSBQQIBRgEoAYugAe17anWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD0_gXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yNTk2NDAzMTE0NjkxOTg5GAA&sigh=PtJsOCfBDg8&uach_m=[UACH]&template_id=494
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 04 Oct 2022 09:42:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame B783 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:17:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B783 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:34:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame B783 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:33:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B783 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Oct 2022 09:42:23 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame B783 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 11:54:12 GMT
3336867600807524417_15852033481640660483.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame B783 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/387628009/3336867600807524417_15852033481640660483.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 02:34:19 GMT
x-content-type-options
nosniff
age
457684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250208
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 23:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Sep 2023 02:34:19 GMT
3419829492936280953_17951798738465580776.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame B783 		450 KB
450 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/387628009/3419829492936280953_17951798738465580776.jpeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b3f92940571e4d961b835708baa5f89f563e3c822f98f9baf18693be34efd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 06:24:46 GMT
x-content-type-options
nosniff
age
98257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
461140
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 23:22:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 06:24:46 GMT
14865024107087657153
tpc.googlesyndication.com/daca_images/simgad/ Frame B783 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14865024107087657153
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e236ae5a5773e2cb58d4f57dea675b60cfbd1324f768a42002fbc21d63aca56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 30 Sep 2022 11:08:22 GMT
x-content-type-options
nosniff
age
340441
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26255
x-xss-protection
0
last-modified
Mon, 26 Jun 2017 02:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Sep 2023 11:08:22 GMT
11451250718949484972
tpc.googlesyndication.com/simgad/ Frame B783
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA
  • https://tpc.googlesyndication.com/simgad/11451250718949484972
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11451250718949484972
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 29 Sep 2022 07:32:07 GMT
x-content-type-options
nosniff
age
439817
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15583
x-xss-protection
0
last-modified
Thu, 02 Jul 2020 21:33:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 29 Sep 2023 07:32:07 GMT

Redirect headers

date
Tue, 04 Oct 2022 05:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
14690
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11451250718949484972
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 03 Nov 2022 05:37:33 GMT
truncated
/ Frame A0C7 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
727fd4b89354bdc636ecf1470ee3e9f1e28ec8e8584299c52fb16b63cdeb93bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A0C7 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 22:44:30 GMT
x-content-type-options
nosniff
age
557873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 22:44:30 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A0C7 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 16:13:56 GMT
x-content-type-options
nosniff
age
62907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Oct 2023 16:13:56 GMT
ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.aa8f31b4b2f4e3e0986f.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
df0d77bff49f6ce8fcedd36c2bac801d98c148546ba6faaaaa25302a7f862faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:24 GMT
Content-Encoding
gzip
Age
387466
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2597
Last-Modified
Wed, 28 Sep 2022 17:24:13 GMT
Server
ECS (frb/6752)
Etag
"deb1205c6e01f2720f75bbd978f5925b+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
platform.twitter.com/_next/static/chunks/ Frame 1056 		148 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-eb61dff4a84b8f906e6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 04 Oct 2022 09:42:24 GMT
Content-Encoding
gzip
Age
387466
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
41941
Last-Modified
Wed, 28 Sep 2022 17:24:15 GMT
Server
ECS (frb/67BC)
Etag
"72929dff5e574c1b877555fd36c7683a+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
like.3.json
abs.twimg.com/sticky/animations/ Frame 1056 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abs.twimg.com/sticky/animations/like.3.json
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/1.d976cf0cb2521083131e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
age
1978311
x-ton-expected-size
19835
x-cache
HIT
content-length
1627
x-response-time
9
surrogate-key
twitter-assets
last-modified
Tue, 15 Feb 2022 21:43:54 GMT
server
ECAcc (frc/4CBD)
etag
"b9munHAdxNyPtNl2GaO2bw=="
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-connection-hash
b2416fb8c94532ef46b2069f2a8d4ab6aa32507f9132cb6f6efe61940801c5b3
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 04 Oct 2023 09:42:24 GMT
PE2ii6pwPGRXqief.jpg
pbs.twimg.com/ext_tw_video_thumb/1577103838271754240/pu/img/ Frame 1056 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1577103838271754240/pu/img/PE2ii6pwPGRXqief.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D6) /
Resource Hash
f4d66c171a0b71dd0d70268502f750a99045f32483d1597b5fc19059f84a2e87
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
30585
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=11
content-length
77208
x-response-time
294
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/1577103838271754240
last-modified
Tue, 04 Oct 2022 01:08:30 GMT
server
ECS (frb/67D6)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
4194afcf64f10989
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
4f21020aeb4896b661396d60f49f19e37d343589ddc41b1a58df920ac3f0fcce
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
Z4adKyOZjJ5TWZ5F.jpg
pbs.twimg.com/ext_tw_video_thumb/1577100788358340608/pu/img/ Frame 1056 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/ext_tw_video_thumb/1577100788358340608/pu/img/Z4adKyOZjJ5TWZ5F.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
7608b2cc8864860eb922c63c8b5b25ea0918600eb904e34f1aa785d48fd8721c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
31324
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
155170
x-response-time
326
surrogate-key
ext_tw_video_thumb ext_tw_video_thumb/bucket/5 ext_tw_video_thumb/1577100788358340608
last-modified
Tue, 04 Oct 2022 00:56:23 GMT
server
ECS (frb/67C2)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
2b200407549fc402
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
cff0a85b29cc462306342f5566ff5660f9cea91009cd9a37c6604c0567ab9f3a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame 1056 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664876544501%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ffimdejogo.com.br%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22fimdejogo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3Afimdejogo%22%7D&session_id=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
114
date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 09:42:24 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
f05faab8c2247117
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
content-length
43
css
fonts.googleapis.com/ Frame 3895 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 04 Oct 2022 09:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 08:17:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 04 Oct 2022 09:42:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3895 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:32:21 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 3895 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
server
cafe
etag
483224313611802536
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:17:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3895 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:34:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
504
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:34:00 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3895 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:33:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
server
cafe
etag
15289875785628835784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Oct 2022 09:33:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3895 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44883
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664796838458510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Oct 2022 09:42:24 GMT
270cb447f650f22be90b4349b85576c2.js
www.gstatic.com/mysidia/ Frame 3895 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/270cb447f650f22be90b4349b85576c2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 11:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13677
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 00:52:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 01 Jan 2023 11:54:12 GMT
PsN5TBwU_normal.jpg
pbs.twimg.com/profile_images/1542129811182813185/ Frame 1056 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1542129811182813185/PsN5TBwU_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668D) /
Resource Hash
a0b3583ba7baa45ed17ccc685ed33bad8e878c2288c56106285e026dbe35f56e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
408767
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
2339
x-response-time
113
surrogate-key
profile_images profile_images/bucket/5 profile_images/1542129811182813185
last-modified
Wed, 29 Jun 2022 12:54:13 GMT
server
ECS (frb/668D)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
7a9099cad4bf5f21
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
6cbf40a99a44889e295b22a8bc2e779e2f28ef941adb1ffc49797dfbf4af6421
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FeL2lG9XoAAEryV
pbs.twimg.com/media/ Frame 1056 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FeL2lG9XoAAEryV?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
25d21084e7c8205c97408762b6906d25549e82cc996c3bf73cd9efe6a59787de
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=162
content-length
3144
x-response-time
145
surrogate-key
media media/bucket/3 media/1577093936916701184
last-modified
Tue, 04 Oct 2022 00:29:10 GMT
server
ECS (frb/67D4)
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
4694de1798dea3c5
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
3547d4fab86876ccae71060ccac62f60e1891fccf3901cc3f47389e1921b0c38
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
yBSTiT8M_normal.jpg
pbs.twimg.com/profile_images/836093160367538178/ Frame 1056 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/836093160367538178/yBSTiT8M_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
567a1a740ce9a50e1000ab73bb4e815f3c779f4723f5945ab3e40cad14cc374a
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=127
content-length
2263
x-response-time
110
surrogate-key
profile_images profile_images/bucket/6 profile_images/836093160367538178
last-modified
Mon, 27 Feb 2017 05:56:37 GMT
server
ECS (frb/669E)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
04019728746519d2
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
cf36993b261d7f47c37f5c0b728a9b9ea3fa7eeb68e4c940ade235fddd64c0d1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
LcRYJCoi_normal.jpg
pbs.twimg.com/profile_images/1570931371010310148/ Frame 1056 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1570931371010310148/LcRYJCoi_normal.jpg
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
e35b2c6b72296c0759fcbaed8b6e8f53c564c9eec4ebd271f2a38cedd4563f8b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
290255
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
content-length
1731
x-response-time
109
surrogate-key
profile_images profile_images/bucket/3 profile_images/1570931371010310148
last-modified
Sat, 17 Sep 2022 00:21:19 GMT
server
ECS (frb/674D)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
7ea6fe1908affae5
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
8625987c05bdd8bf85950e3d81b4d5691ae17f08126df9af6d99845b18539f29
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FeL0FGyWYAAmb3d
pbs.twimg.com/media/ Frame 1056 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FeL0FGyWYAAmb3d?format=jpg&name=120x120
Requested by
Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
d6ae4578e2f39ca736865e69111ce6bd034717ccf035849b07f3765cb0106337
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=178
content-length
2262
x-response-time
161
surrogate-key
media media/bucket/0 media/1577091188091412480
last-modified
Tue, 04 Oct 2022 00:18:14 GMT
server
ECS (frb/67E0)
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
e4e5821c39fb1bc3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
0225d1c2e21d448b4ee69f3e4d77fc845fb801ae6004d461b31fe64cb90d08b1
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E14E 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15690e5502f6f0139bba87c309da9f50d22ae6a646749a4347e8d4409177b0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 04 Oct 2022 09:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Tue, 04 Oct 2022 09:42:24 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 8174 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2596403114691989&output=html&h=280&adk=456324441&adf=2153066857&pi=t.aa~a.1454700762~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1664850381&rafmt=1&to=qs&pwprc=4558463333&psa=0&format=1200x280&url=https%3A%2F%2Ffimdejogo.com.br%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664876542566&bpp=4&bdt=938&idt=253&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4103322792241&frm=20&pv=1&ga_vid=1163534657.1664876543&ga_sid=1664876543&ga_hid=903664895&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44767667%2C42531705%2C31070010&oid=2&pvsid=2286792748839176&tmod=1174864619&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=0l5l2KhAZc&p=https%3A//fimdejogo.com.br&dtd=262
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 13:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 13:56:14 GMT
truncated
/ Frame B783 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f23932b651c3f66508e5853b318847cf91263af80548f2470e15ec8c831a8273

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame F1DB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 13:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 13:56:14 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 64AB 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:15:19 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
FeL2lG9XoAAEryV
pbs.twimg.com/media/ Frame 1056 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FeL2lG9XoAAEryV?format=jpg&name=360x360
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
0ae32cc29e585d92850783dd0fa708deb9072392a5a91b8022c19ec54899c66f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:25 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=268
content-length
20771
x-response-time
251
surrogate-key
media media/bucket/3 media/1577093936916701184
last-modified
Tue, 04 Oct 2022 00:29:10 GMT
server
ECS (frb/67D4)
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
9b0dad43d1fb85a3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
f8a5913a51845059c2d47230ba9784f5779379953ebaf5653c89b1ca3b722559
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
FeL0FGyWYAAmb3d
pbs.twimg.com/media/ Frame 1056 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FeL0FGyWYAAmb3d?format=jpg&name=360x360
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) /
Resource Hash
7879a7dfa224bec6940c78266f27e58b47c8e9ea04889766bceedbbc22ff8442
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:25 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ,edge;dur=275
content-length
15325
x-response-time
258
surrogate-key
media media/bucket/0 media/1577091188091412480
last-modified
Tue, 04 Oct 2022 00:18:14 GMT
server
ECS (frb/67E0)
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
cec8985e8583ea92
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
68ef09d30160baac298e359824c952960f0242f7e71a6898b84656b9ea35059d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame 1056 		43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664876545419%2C%22event_namespace%22%3A%7B%22action%22%3A%22seen%22%2C%22client%22%3A%22tfw%22%2C%22component%22%3A%22privacy-notice%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ffimdejogo.com.br%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22fimdejogo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3Afimdejogo%22%7D&session_id=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
108
date
Tue, 04 Oct 2022 09:42:25 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 09:42:25 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
d0593790106da526
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
content-length
43
jot
syndication.twitter.com/i/ Frame 1056 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1664876545423%2C%22event_namespace%22%3A%7B%22action%22%3A%22impression%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%221c23387b1f70c%3A1664388199485%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Ffimdejogo.com.br%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22fimdejogo%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%225fc5ca9%3A1664378768171%22%2C%22widget_data_source%22%3A%22screen-name%3Afimdejogo%22%7D&session_id=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://syndication.twitter.com/srv/timeline-profile/screen-name/fimdejogo?dnt=false&embedId=twitter-widget-0&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=pt&maxHeight=2000px&origin=https%3A%2F%2Ffimdejogo.com.br%2F&sessionId=fa1d9f5a6e775dce8c4b392a1ea6519d42c080ce&showHeader=true&showReplies=false&siteScreenName=fimdejogo&theme=dark&transparent=false&widgetsVersion=1c23387b1f70c%3A1664388199485
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time
107
date
Tue, 04 Oct 2022 09:42:24 GMT
strict-transport-security
max-age=631138519
last-modified
Tue, 04 Oct 2022 09:42:25 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
f986fc3adcc4bc8c
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
214a09a684d82744f4b36239283f90756e737e17d7bce9886f52b27cf21fed20
content-length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
164462233cdb76327dbae7a8c27ec33254a651f229469e8a1267da0214aa53d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11249
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A0C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwkYAyazp-zwq5QO7zlveAB547a8Ooq6DO5SjBUpdXjqqD56x-xT9vMvq_3rJcvi5KgCm_LOvzS_OaJaEFP2XOpt5BKLABjOrxiAtr_q-q5O3IHkFs7LkWcyUWzdZtxvwaYRcl2w&sai=AMfl-YTs8uhafi8X7WSMM3PVuvqiJm5mGFitPqQLuKrZkllRCnOeuacVwbx68g8DlAb9xjmL_Qxltut2-AE27ZI&sig=Cg0ArKJSzO2DdCIgMWX0EAE&id=lidar2&mcvt=1027&p=0,0,280,1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=456324441&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664876542829&rpt=1738&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 64AB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:42:25 GMT
expires
Tue, 04 Oct 2022 09:42:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:42:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame A9E4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: fimdejogo.com.br
URL: https://fimdejogo.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 13:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 13:56:14 GMT
log_event
www.youtube.com/youtubei/v1/ Frame E14E 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/374003a5/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
X-Goog-Request-Time
1664876545663
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/89MX4_iCCv8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=0&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Ffimdejogo.com.br&widgetid=1
X-YouTube-Client-Version
1.20221002.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtFbHNaZTZwY0gwcyj-_--ZBg%3D%3D
X-YouTube-Ad-Signals
dt=1664876543057&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C870%2C489&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 04 Oct 2022 09:42:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 04 Oct 2022 09:42:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2596403114691989&plah=fimdejogo.com.br&bust=31070010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 04 Oct 2022 09:42:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A02E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
79543
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Oct 2022 11:36:42 GMT
expires
Tue, 03 Oct 2023 11:36:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D9C9 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2db17ff5572a8765f3855939d02f2e0d2dafba56ec3634ef42561ddf4305e3f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9xXwpPOEUO36eIqfbb1nkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fimdejogo.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-9xXwpPOEUO36eIqfbb1nkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 04 Oct 2022 09:42:25 GMT
expires
Tue, 04 Oct 2022 09:42:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame D9C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=2286792748839176&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame A02E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 13:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Oct 2023 13:56:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B783 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_tAOaGJruW-cWNTjIN60O6pWb7he6hcJ5BBpEJy2Hpj93vAZkL6LEo-nje_HCG1yZXALuFjGHBEGh3-o6XFs8Q0g5MGATplO-Cb88kcKbYSE8WQN2fUm7yWSxYE7xieznDVRTLQ&sai=AMfl-YShaZ1O1MAQw2fNRMBFOpw-rtmzi8URFpQ6Pf0-Txxz_mijRgEndLukD1XLOMbdS58DeK2uePptSp_733s&sig=Cg0ArKJSzNb33RiiWUQ-EAE&id=lidar2&mcvt=1006&p=0,0,124,1005&mtos=959,1006,1006,1006,1006&tos=959,47,0,0,0&v=20221003&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664876543690&rpt=1018&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Oct 2022 09:42:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame A02E 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?j9Evmg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 09:42:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=2286792748839176&bg=!TE-lTwvNAAYQgTJdMIE7ACkAdvg8WhEMu9qjazSaRB5kDvD6Nb1iXZKaL_tTiYbw1ObjUkHmJ9pL0wIAAABWUgAAAAJoAQeZArHJmHnR3xhg6Xd0f9ctUQmQWFJpDEHpF-JAYh2r0VfrxeGP0hKk-YICOP9ToPyUTZqP88ytU1VC3NBzNahmVVGAjSSzSG5HR1ruEUdRg1cK1tZlipJ8NgP8ouXC0jypBBBhurpV-MfCRpHu1UnQghV7dsYSLb24BgtxxsLnpAHsxWfwiKeCwB27yQ-x5hFcLsPO3_1ayoTkE6rRfBBTL0fpuzFkVBZRjvuldibYcUtQXeJsdUvqL228whCv9YrbOhXgbIirkO-Q5qu7BjosvLqSouspP9RKFSbT5fvR_IGRCZI_GQODRKzfdbyC3uav3DkskvC_Vz_Bg6Kyx6niFwWzn7q-uAp2H-V-UHPGOUSVyryTiBPDNNGbqpFuaKTjAJci_YCV6Nnu5ZM6YuMzJRX9iJZxCk9Hvyyk0S2ISEHst9A5tsmCuKhQzYxJzmvsbbqlO408hJcN_TFY7MkpplGV1cRv_dcUAFWqmPPi4zAZnOD-Hxc9OsmWBpsTAY6bLKM27SSIkC0_zzg1EV3m9b_qc_ChNgbRowdonOswQyWdR9k-LE8Hnjcty7BlneqI-1uq2soVRPZNoulpSuADbyftBhzldNRq8SjI31wu665Ks_rmkegawVZuKXFQ2ezwxvBp0sLtFa6SaunOD9osFXmcd5Fx8YK0nLCjOOd--qvUmK3-zfi5F-o5EXUn_NfyFJ0NL4Cxy2iiZWlFlKnGQ-ZVoXqYUWIAWeHFM0bGULugQSa1VahvHQxraRqCNY5ZZBJDNtTpK-6rIV6Dl9aYx8EDtyf39RWaXXWMxZ_VphzaRxZwAFLCXNTVz4TbNPFSjSxBslsjt1NZkbLG710V6WkX0vNu7CmOqQ1bY5Kf0SZhVcMXfO4vYLMJAH_VYF1Buf7sVlft0-vI4N7LaC0akEoXbA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fimdejogo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| bt_bb_preview boolean| bt_bb_custom_elements function| advanced_ads_ready object| advanced_ads_ready_queue undefined| $ function| jQuery function| bt_bb_animate_elements function| bt_bb_lazy_load_images function| bt_bb_requestAnimFrame boolean| is_safari function| bt_bb_raf_loop function| bt_detect_touch function| bt_bb_get_screen_resolution function| bt_bb_check_ios_fixed_background_support function| bt_bb_check_fixed_background function| bt_bb_countdown function| bt_bb_countdown_output function| bt_bb_gmap_init_static_new function| bt_bb_gmap_init_new function| bt_bb_gmap_init_static function| bt_bb_gmap_init function| bt_bb_leaflet_init function| bt_bb_leaflet_init_late object| msBeautify function| bt_parse_float function| bt_cc_eval_conditions function| bt_paypal_items function| bt_quote_total function| bt_cc_init_dropdown function| bt_cc_init object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| stlib boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing string| GoogleAnalyticsObject function| ga object| adsbygoogle function| advanced_ads_check_adblocker object| swv object| wpcf7 object| screenReaderText object| stickyMenu object| lazySizes object| mejsL10n object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| _wpmejsSettings object| wp object| __twttrll object| twttr object| __twttr object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| pa object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: l7r_SWDInAA
.fimdejogo.com.br/ Name: _ga
Value: GA1.3.1163534657.1664876543
.fimdejogo.com.br/ Name: _gid
Value: GA1.3.257715684.1664876543
.fimdejogo.com.br/ Name: _gat
Value: 1
.fimdejogo.com.br/ Name: __gads
Value: ID=e69effd14c2d0f9e-22c201c03ace0032:T=1664876542:RT=1664876542:S=ALNI_MabxLMi0moLkhmlPvMIHG5eWnh4xA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ElsZe6pcH0s
.doubleclick.net/ Name: IDE
Value: AHWqTUmtS8ozChxf0RGq9d6gyveeCNuc8NQbLNFPjvnR_PtZOwXTV6MZBushZb5p2s4
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-2596403114691989&fa=1&ifi=4&uci=a!4&btvi=1&xpc=WXvJzkKGUJ&p=https%3A//fimdejogo.com.br
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.hostwp.club
buttons-config.sharethis.com
fimdejogo.com.br
fonts.googleapis.com
fonts.gstatic.com
google-analytics.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform-api.sharethis.com
platform.twitter.com
static.doubleclick.net
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.244.42.136
142.250.180.194
159.65.246.99
172.217.18.6
18.196.212.55
198.58.120.109
2600:9000:211a:9a00:3:c04e:c780:93a1
2600:9000:237f:ee00:c:abe:f440:93a1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9a
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::200a
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80d::2016
99.86.4.127
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04a457e988270cb1dc76bd57ac8e62fddf02c02b618a1ac6cb0880b93633f5e0
08d230c0640540b8229d0b40c39b9beb51b9c2ad0f6b06297b6b7d0738679589
0ae32cc29e585d92850783dd0fa708deb9072392a5a91b8022c19ec54899c66f
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380
0b9d3448ec83e0f84524c9a752196a82394ebeafed3ec4660e6948cfc0405d0e
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
11c3e0c76661b34d52501fd185462021a2e23930f7d28e6e6ed01c5db621cc06
1353c448068301ee8534bd1d3c8eb214863afa0b9f716222dfe93e2739cffac2
14033d31fcb3a4846ce5dcffacb72f2683dd15c0d756664ba11850b0f4836087
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
15690e5502f6f0139bba87c309da9f50d22ae6a646749a4347e8d4409177b0d8
164462233cdb76327dbae7a8c27ec33254a651f229469e8a1267da0214aa53d4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20b7f01651c2024da3d22705dcf5400577e0d161d12652d6ffa4738e9217f59f
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8
2500073d4ae47cc98f62b43b6a0ec903dbc4f7740e9df3b81fe23680845dd387
25d21084e7c8205c97408762b6906d25549e82cc996c3bf73cd9efe6a59787de
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2c92c34625d4600a4de6afaadd1de8d30b91082e0d54425dcfe61970515e65e8
2db17ff5572a8765f3855939d02f2e0d2dafba56ec3634ef42561ddf4305e3f0
2dbb2595b787d8ef83a4fbcac373dadf02b45515e07062a37ef8825b4be5d437
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ecfe78609868ea258c783eb86e662144c122cd482340f4ec814af56f927e204
2f18b07444d4d8507fd05432b3926f7d9b64a0ca7f4ee5764843055ea5ea148c
333147ef6f75a758f699800d4970402c617a3c0d1214cd528f9720f7b76339d8
351e0995df847fa63495626f95b025716b505ba55684bc9d160cd7dba3162a73
37106cb7f5b3d70297ca032b38d4645d828500a3f86c181a9f9992bc9be07162
3a150c237161cd43b61b31a2b1c10071a92d635e420f890ced97a3dedfc5cebc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
3f5e14b435283f34af05b9ccc80899c3b1c4c37946c81adb6d310a53f85c16d3
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
43ab626267f7582eb2c5536cd5c13daa407a303e95e6ae103889db7d6e0bb0d9
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
45bc75820c2292bf64b74af20b9785c4a053608816b7d0c05bdc968e8e9de805
460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80
4875df18359ae0da0d35b4c10f82c07e15932414913a04c7509ee742236564eb
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4ae9ddae3a7d2fcaa1dad375bdda6496f34adea77e4646118e090a80ba752856
4b080b194f0bdae5964a43d2783ad02590e0cdb4fbdd0bdcad1907b1bbd99c9b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
50edb2f1b0e2b737b3ccf33b4940039cf7833d59bd372537c5231357bf437dd0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567a1a740ce9a50e1000ab73bb4e815f3c779f4723f5945ab3e40cad14cc374a
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61978c7c95c03508d35f13365ac6c3bb2794292a657ba0b304fa8664218ea594
61afb507626db75f00539770b0946c4541f9b51a84a8f6deeabeabf0c3fa74ac
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628811a006aaa0742f7f3c76af7f98e124d233bf107bd8e14af089e641be676e
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64b9b9e661bd2533118e2e02beda84bd1597a53b78db053d9ee02e65913c2b37
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6999c2e71aafd32085cb06ceb7676930a3d2c4d5d52a89effd00ed2c0e4db135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6eab47c17572a089ad9ceb4c9694a99d7f3ffccd5d1c778438016b1eccdc8f0a
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
6f33d75dffd628cdf7ac8e2505ea514d22e6394078d5ec5d16d935ba0995107d
700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
727fd4b89354bdc636ecf1470ee3e9f1e28ec8e8584299c52fb16b63cdeb93bc
75b3f92940571e4d961b835708baa5f89f563e3c822f98f9baf18693be34efd3
7608b2cc8864860eb922c63c8b5b25ea0918600eb904e34f1aa785d48fd8721c
772e052ef54499e8fc29c4114781b2a14316e07fba9960d3eeb73b7c0f6f81bc
7879a7dfa224bec6940c78266f27e58b47c8e9ea04889766bceedbbc22ff8442
7a0049831d92582305911a42f5ed743a1fbd56c69247dddca678d36c9d71b85e
7bf25d00c3d9f2142d737c691b88e6cb6b301bd6ebceac2621bb5279fa636793
7ced8587d3adc7516df82cbaf8f8330937968f87d1fb227b1bd06b62040d33d9
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
8056d05694350c1a3f041746d1551107d67d41af439157b1779ecdabbc8e7d35
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b69cb9d77095a155dbec372193700808a2a16e6aaa7771ede7be5af8152048c
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8f1b4f982ba63c394201dc76f4cb9de87d22bf21973c17595b6b1f140c7a1f15
902a7acbcdf91deb590692441db81c0a40f2cf897183cfb70623360d11dc79e8
91102e383130cb1a9faf348bd83bd3c7e0744900eed75eae7587cf6bf32c47f8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
97bdf3ac2617aa977b5529e4d2b732434aedc66818990f2f41a194e4ee69d24a
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51
99a62f93024e0662926aa4c55cab9e5da3a0578900bd69a4581a33ea53cb01d8
9bd8dcc115a0e9fce94520cecad5254352b86d55bca2506833057bb52e87ee1a
9e236ae5a5773e2cb58d4f57dea675b60cfbd1324f768a42002fbc21d63aca56
a0b3583ba7baa45ed17ccc685ed33bad8e878c2288c56106285e026dbe35f56e
a10597598a97a480f060f21d85c8a9f790d48e1b0d7b5783375bd785e0714fec
a27d26cae7fb6ad28b0783b7d064bef7f7e8c2daa3b68e570935a4f795992270
a35580a1a49a6cf14256a45a0e6244e0e276602559ec1d1bf77fd1989a3012ca
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8545e41a271b2c693fac9a459bc37c068eae50d717b3f4faa67b1023b9d538a
aa683a5b00b7585a336a6977c3d8556ba84762e70257084a3e37c01e68ee956e
aacfde19dfa1f5fdff7eb31ea65072b828eb263193af98b29778fe244d8ca34b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1be02fa6eda19713c914fc7aba9c4f6c4fd05fae69c05f02fb83b6a9c122472
b2bb7d781fe71f7f9496ed8a4f377a6a88b635233ea17c10457218c9992db8b5
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b75640250e69024fdf4487e83a538b5c07a516f16645329b0d2a63bca6df8b3a
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7cc0f4e39d9f408a49d78af9ef8423e920134f0c2aafff5751360b47bd3239d
ba91081a36207fd4963933ca1743e7cc6e528e5885f77d537dbaefad9c65d881
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0adc8eb4f4bcef06a8e9d968a6d652d832ec62e69e0db6bce40e6cf00808875
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8c728d772f3ff93b5c7c65b86855f3dc0502d1bedd04a7ed1d6af06567322f4
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070
ce2b86329c11a3cbb424b523736f2920809d844552349fae4e56684108188c09
d2f8a45bfc8e17e310b9493bb568df4b36aadabe67850dbc3f11cefc90a44f7f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6ae4578e2f39ca736865e69111ce6bd034717ccf035849b07f3765cb0106337
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d940cacfc0e42a2a8042b5127fdff6410119e4b9edf2450ecc993614dfafee9a
da4f26979613d141637938695cb6e187bf30720978161361891e4ea08df74c3a
db8c71654a10f884bff18344cc548c8302dbb9c4b64d4d7bcf308a6200d2e7f6
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
deba48eda09297e99d5d687cbd1243855c92ee09312fed2f1fcdade98c405afd
df0d77bff49f6ce8fcedd36c2bac801d98c148546ba6faaaaa25302a7f862faf
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93
e35b2c6b72296c0759fcbaed8b6e8f53c564c9eec4ebd271f2a38cedd4563f8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e2375e1795c3bccfe2eae36c6f9086850e46c94ca0c0700b4606189bfffeac
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e6b6713f138592896292e35df2220679d37d590a1eb06c5e94c9af31186ff15d
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed0f05101d480726c58bcd4956a1e7b02f12b538d02058f1b0ebfdabe8a7ef42
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eefe6e583bb35f19f375ac346e26bdddd475e88432a534d96f791bc20a99a390
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23932b651c3f66508e5853b318847cf91263af80548f2470e15ec8c831a8273
f4d66c171a0b71dd0d70268502f750a99045f32483d1597b5fc19059f84a2e87
f6cd4ac8d4ffaa5a4fd82befb072cca2943bb6e27a832cf68713cfce32c38f4b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f741fb0da7588476eb9e414a229c4324e87514ecb86ca566e5b41d5c3508c9b3
fb5673d80996d1f585ca18281051ccbdbd62d436d24dba1c62e37244ffa8f950
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce